[xmlsec] "soft error" when calling xmlSecDSigValidate

Meg Morgan meg at votehere.net
Mon Feb 10 15:31:14 PST 2003

What we decided to do is to create a hash of the data we REALLY want
signed, and put the hash into a nice little xml tree, and sign THAT.  That
way we can pluck out the signature from the document and call it "detached"
if we want to.

To check, we recalculate the hash of the original data, compare it with
what is in the signed document blob, then use the xmlsec functions to
check the signature against the public key.  In this way we can avoid
using URI references while still masking the content of our original

Thanks again,

Aleksey Sanin wrote:
> Actually, you have one more option: use a special protocol name
> (like "thisismyprotocol://....") and write custom protocol handlers
> that will read document from memory. Thought, it might be not such
> a good idea because of interop issues in the future.
> Aleksey

Meg Morgan                           425/450-2754
meg at votehere.net                   http://www.votehere.net

More information about the xmlsec mailing list