[xmlsec] broken signedInfo

Aleksey Sanin aleksey at aleksey.com
Mon Oct 2 07:59:18 PDT 2006

Well, most likely, online verifier simply does not have
the right trusted certificate. Try to use xmlsec command
line utility instead.


Carlos González-Cadenas wrote:
> Hi,
> I've generated a signature and tried to use the online verifier in 
> aleksey.com <http://aleksey.com>. This service says that the signature 
> is broken (the reference validation is OK, but the crypto validation 
> over the c14n'ed signedInfo fails). I've also tested with Apache XMLDSig 
> and it works OK.
> I've tried to manually repeat every step (first of all c14-ize the 
> signedInfo subtree (obtaining the same subtree serialized in a byte[] as 
> this subtree is "manually" pre-c14n'ed) and after that applying the hash 
> function over that byte[], obtaining consistent results).
> Could you give me some light about that?.
> Thank you very much in advance,
> Carlos

More information about the xmlsec mailing list