[xmlsec] Detached signature validation problem
aleksey at aleksey.com
Thu Mar 6 07:28:38 PST 2008
You probably want to overwrite the IO callbacks
However, I don't know if this would work for
a document *without* URI. You probably want to
identify it somehow and assign *some* uri
(e.g. foo://<document id> or something like this).
Then IO callbacks could catch scheme "foo" and
load the document you need.
Frank Gross wrote:
> I have a problem when I try to validate a detached signature against
> my document. The 'xmlSecDSigCtxVerify' function takes two parameters,
> the DSig context, and the node pointing to the signature
> <dsig:Signature/> <http://www.w3.org/TR/xmldsig-core/#sec-Signature>
> node. But as my detached signature has no URI, how can can I specify to
> the context the document that it has to validate. (The XML-Signature
> specification says that in such case, the application is supposing to
> know what was signed). Indeed, I try to build an API that sign any
> document build in memory and then saved with the detached signature to
> the disk (as a separated XML document of course), and another one to
> load both XML documents to validate the signature.
> I was able to sign and verify an enveloped signature, because in that
> case the signature is inside the document itself, but with detached
> signatures, what is the procedure ?
> Can someone help, or point me to the documentation explaining how to do.
> Thanks a lot,
> xmlsec mailing list
> xmlsec at aleksey.com
More information about the xmlsec