[xmlsec] Verify - OpenSSL vs mscrypto
beldmit at cryptocom.ru
Wed Jan 11 11:12:45 PST 2006
On Wed, 11 Jan 2006, Edward Shallow wrote:
> I have not checked your latest patch, but to avoid my concern 2) below, can
> you call certCreateCertificateContext from the pbCertEncoded certificate
> extracted from the signed document instead of expecting it to already be in
> a store ? This would avoid the need for the verifier to have the signer's
> public certificate in any of their stores.
> If you are not already doing this, is this possible ?
XMLSec extracts certs from the document itself. Signer's cert shouldn't
be present in any store, it may be present in the document only. Sorry,
I can't answer your question.
SY, Dmitry Belyavsky (ICQ UIN 11116575)
More information about the xmlsec