<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
Tejkumar Arora wrote:<br>
<blockquote type="cite" cite="mid3ED55D56.firstname.lastname@example.org">
<pre wrap="">A related question: Are you accounting for multiple <X509Data>
elements under <KeyInfo> ?.
I see in the logic that you call *X509VerifyAndExtractKey
immediately after reading one <X509Data> element.....
As I wrote in previous reply, I believe that all certificates from the
chain MUST be inside the same <dsig:X509Data/> element:<br>
" All such elements that refer to a particular individual
certificate MUST be grouped <br>
inside a single <code>X509Data</code> element and if the
certificate to which they refer appears, <br>
it MUST also be in that <code>X509Data</code> element."<br>