A. Sanin As far as I can understand the spec,
A. Sanin
A. Sanin dsig:RetrievalMethod
A. Sanin Type=http://www.w3.org/2000/09/xmldsig#RSAKeyValue; .../
A. Sanin should point to dsig:RSAKeyValue/ element.In your XML it points to
A. Sanin dsig:KeyInfo/
A. Sanin element which seems wrong to me. I would agree that the XML DSig is not
A. Sanin fully clear
A. Sanin here but I believe there was a disussion in XML DSig working group
A. Sanin mailing list about this.
A. Sanin However, I might be wrong and it'll be great to get second opinion on
A. Sanin this. Rich?
A. Sanin
A. Sanin Aleksey
Hi~
Sorry for late reply to your mail. ^^;;
Let me talk about the above topic:
According to the XML-Signature Syntax and Processing document
of which version is W3C Recommendation 12 February 2002,
we can see the following statement in section 4.4.3:
4.4.3 The RetrievalMethod Element
A RetrievalMethod element within KeyInfo is used
to convey a reference to KeyInfo information that is stored at another
location.
So, I think that statement means the very target RetrievalMethod/
actually points can be KeyInfo/ element.
The ``Type'' attribute value itself in dsig:RetrievalMethod
Type=http://www.w3.org/2000/09/xmldsig#RSAKeyValue; .../ is to indicate
RSAKeyValue/ element, but I think that is just to determine and notify
the type of sub(child) element in KeyInfo/, and (may) not to directly point
the RSAKeyValue element. (just was my thought. ^^)
What do you think about my opinion?
Have a nice weekend! :)
P.S.
Currently, I've got solved my problmatic situation by the quick-and-dirty way. :)
(Here's the output of diff(1) against the modified source (keyinfo.c))
$ diff -u keyinfo.c.original keyinfo.c
--- keyinfo.c.original Wed Jan 8 15:45:58 2003
+++ keyinfo.c Wed Jan 8 15:45:44 2003
@@ -551,7 +551,12 @@
keyName = NULL;
}
} else {
+ xmlNodePtr keyInfoNode = cur;
+
cur = xmlSecGetNextElementNode(cur-next);
+ if (cur == (xmlNodePtr)0) {
+ cur = xmlSecFindChild(keyInfoNode, BAD_CAST KeyValue,
+xmlSecDSigNs);
+ }
}
}
if(keyName != NULL) {
--
To be a rock, and not to roll.
EGB ::= EternalGoldenBGE
BGE ::= Blusjune'sGotEGB
-x-x-[?]EGB:STONEROSES@MATRIX[!]-x-x-
| blusjune@EGBSD | ^_^ | stoneroses |
$ NAME=\
$ Blusjune Jung [EMAIL PROTECTED]
$ PGPKEYID=0x33067610
-x-x-x Eternal Golden Blusjune x-x-x-
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec