[xmlsec] "soft error" when calling xmlSecDSigValidate
Meg Morgan
meg at votehere.net
Mon Feb 10 15:31:14 PST 2003
What we decided to do is to create a hash of the data we REALLY want
signed, and put the hash into a nice little xml tree, and sign THAT. That
way we can pluck out the signature from the document and call it "detached"
if we want to.
To check, we recalculate the hash of the original data, compare it with
what is in the signed document blob, then use the xmlsec functions to
check the signature against the public key. In this way we can avoid
using URI references while still masking the content of our original
data.
Thanks again,
meg
Aleksey Sanin wrote:
>
> Actually, you have one more option: use a special protocol name
> (like "thisismyprotocol://....") and write custom protocol handlers
> that will read document from memory. Thought, it might be not such
> a good idea because of interop issues in the future.
>
> Aleksey
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Meg Morgan 425/450-2754
meg at votehere.net http://www.votehere.net
More information about the xmlsec
mailing list