[xmlsec] using SAX with xmlsec

Julianne Bielski bielsk at us.ibm.com
Tue Oct 14 11:29:41 PDT 2003

I have put two templates in the same doc, one a detached, one an 
I build each template dynamically as a small DOM tree since I'm using a 
SAX parser for performance. I pass the individual Signature nodes in, as 
well as the document containing the templates and my untrusted cert file 

I cannot get the detached signature to verify unless the template is in a 
stand-alone file with the signature node at the root and  use 
xmlSecFindNode to derive the node. In other words, the node I pass in does 
not work, even if the Signature is the only thing in the file.

-- Regards

J. Bielski

Aleksey Sanin <aleksey at aleksey.com>
10/13/2003 12:00 PM
        To:     Julianne Bielski/Raleigh/IBM at IBMUS, "xmlsec at aleksey.com" 
<xmlsec at aleksey.com>
        Subject:        Re: [xmlsec] using SAX with xmlsec

Yes, you are right. It is possible to do deattached signatures w/o having 
full document
in memory. But I didn't have such a requirement when I wrote xmlsec thus 
it assumes
that whole document DOM tree is in memory.


Julianne Bielski wrote:

Why would you need the whole DOM tree for the whole XML document if you're 
verifying a detached signature? 

I would think you only need the whole document for an enveloped signature. 

-- Regards,

J. Bielski

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20031014/e4f2f242/attachment.htm

More information about the xmlsec mailing list