[xmlsec] Detached signature validation problem

Aleksey Sanin aleksey at aleksey.com
Thu Mar 6 07:28:38 PST 2008

You probably want to overwrite the IO callbacks


However, I don't know if this would work for
a document *without* URI. You probably want to
identify it somehow and assign *some* uri
(e.g. foo://<document id> or something like this).
Then IO callbacks could catch scheme "foo" and
load the document you need.


Frank Gross wrote:
> Hi,
>    I have a problem when I try to validate a detached signature against 
> my document. The 'xmlSecDSigCtxVerify' function takes two parameters, 
> the DSig context, and the node pointing to the signature 
> <dsig:Signature/> <http://www.w3.org/TR/xmldsig-core/#sec-Signature> 
> node. But as my detached signature has no URI, how can can I specify to 
> the context the document that it has to validate. (The XML-Signature 
> specification says that in such case, the application is supposing to 
> know what was signed). Indeed, I try to build an API that sign any 
> document build in memory and then saved with the detached signature to 
> the disk (as a separated XML document of course), and another one to 
> load both XML documents to validate the signature.
>    I was able to sign and verify an enveloped signature, because in that 
> case the signature is inside the document itself, but with detached 
> signatures, what is the procedure ?
> Can someone help, or point me to the documentation explaining how to do.
> Thanks a lot,
> Frank
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list