[xmlsec] Detached signature validation problem
Frank Gross
fg at 4js.com
Thu Mar 6 01:46:27 PST 2008
Hi,
I have a problem when I try to validate a detached signature against
my document. The 'xmlSecDSigCtxVerify' function takes two parameters,
the DSig context, and the node pointing to the signature
<dsig:Signature/> <http://www.w3.org/TR/xmldsig-core/#sec-Signature>
node. But as my detached signature has no URI, how can can I specify to
the context the document that it has to validate. (The XML-Signature
specification says that in such case, the application is supposing to
know what was signed). Indeed, I try to build an API that sign any
document build in memory and then saved with the detached signature to
the disk (as a separated XML document of course), and another one to
load both XML documents to validate the signature.
I was able to sign and verify an enveloped signature, because in
that case the signature is inside the document itself, but with detached
signatures, what is the procedure ?
Can someone help, or point me to the documentation explaining how to do.
Thanks a lot,
Frank
More information about the xmlsec
mailing list