You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Raul Benito <ra...@gmail.com> on 2005/02/09 10:58:43 UTC
Re: Problem with verifying enveloped XML signatures
You need to add enveloped transformation to your reference. This will
fix your problem.
Regards,
On Wed, 26 Jan 2005 13:08:58 +0000 (UTC), Neil Bennett <nd...@dl.ac.uk> wrote:
> I am trying to verify an enveloped XML signature. If the signed document is
> saved to a file and then read back in, there is no problem. The signature is
> shown as valid.
>
> However, as I am using enveloped signatures, I do not really want to save the
> signature to a file. When I verify the signature, I just want to load in the
> signed DOM Document from memory and verify it directly rather than having to
> build a DOM Document from scratch and load in a signature file.
>
> However, when I pass in my signed DOM Document, I always get an error stating
> that the signature is invalid.
>
> I have manually checked the XML signatures generated by the two methods and
> they are identical (except for digest and signature values obviously).
>
> My only guess is that the problem lies with the XMLSignature constructor. I am
> using "new XMLSignature( signatureElement, baseURI )". Where I am loading in a
> file, I just use the same baseURI as I used to generate the signature.
> However, when I am reading the DOM Document directly, what parameter should I
> pass in to the XMLSignature constructor, bearing in mind that there is no
> signature file?
>
> Any help would be much appreciated.
> Neil
>
>
RE: Problem with verifying enveloped XML signatures
Posted by Cédric POTHIN <ce...@inovatel.sfr.com>.
Many Thks Raul
> -----Message d'origine-----
> De : Raul Benito [mailto:raul.benito.garcia@gmail.com]
> Envoyé : mercredi 9 février 2005 10:59
> À : security-dev@xml.apache.org
> Objet : Re: Problem with verifying enveloped XML signatures
>
> You need to add enveloped transformation to your reference. This will
> fix your problem.
>
> Regards,
>
>
> On Wed, 26 Jan 2005 13:08:58 +0000 (UTC), Neil Bennett <nd...@dl.ac.uk>
> wrote:
> > I am trying to verify an enveloped XML signature. If the signed
> document is
> > saved to a file and then read back in, there is no problem. The
> signature is
> > shown as valid.
> >
> > However, as I am using enveloped signatures, I do not really want to
> save the
> > signature to a file. When I verify the signature, I just want to load
> in the
> > signed DOM Document from memory and verify it directly rather than
> having to
> > build a DOM Document from scratch and load in a signature file.
> >
> > However, when I pass in my signed DOM Document, I always get an error
> stating
> > that the signature is invalid.
> >
> > I have manually checked the XML signatures generated by the two methods
> and
> > they are identical (except for digest and signature values obviously).
> >
> > My only guess is that the problem lies with the XMLSignature
> constructor. I am
> > using "new XMLSignature( signatureElement, baseURI )". Where I am
> loading in a
> > file, I just use the same baseURI as I used to generate the signature.
> > However, when I am reading the DOM Document directly, what parameter
> should I
> > pass in to the XMLSignature constructor, bearing in mind that there is
> no
> > signature file?
> >
> > Any help would be much appreciated.
> > Neil
> >
> >