Hi everybody,
Well you are right, its really the Keyname. So if I remove the Keyname it works.
But of course the document isn't anymore valid. Is there a way always to ignore
the keyname and use the the certificate by verify a signed document?
What is the
xmlSecDSigCtx::keyInfoReadCtx->enable
I have taken the source code for the xmlsec.exe that
comes with the xmlsec1-1.2.9 sourcecode download and
modified it to be recompiled into a dll.
Hm... Not sure what do you mean by this but...
However, when attempting to do a build on my source
files I get a long list of errors complainin
Hi
I have taken the source code for the xmlsec.exe that
comes with the xmlsec1-1.2.9 sourcecode download and
modified it to be recompiled into a dll. I am using
the C compiler that comes with the Microsoft XP DDK.
This is done to be compatible with the binaries
downloaded for windows from
http://w
Hi all
I am starting some work that deals with XAdES signed documents. I will
need to create and verify data in a XAdES form.
And i was wondering if going with libxmlsec was the best way to do that.
I am not sure that libxmlsec provides a straight way to work with XAdES.
If not, maybe there
Yes
xmlSecDSigCtx::keyInfoReadCtx->enabledKeyData
xmlSecDSigCtx::keyInfoWriteCtx->enabledKeyData
Aleksey
[EMAIL PROTECTED] wrote:
Yes you are right !!! I forgot about that.
You mean the "--enabled-key-data" list in the command line utility ?
Where is this in the API ? in the Ctx ?
- O
Does it not make sense to check X509Certificate first ? Or must we
consciously remove KeyName to avoid problems in the mscrypto world where
the chances of actually having the public verification certificate in
the verifiers mscrypto store is remote at best ?
I think, that either signer or v
Sure, agree. But the KeyName means something specific in the mscrypto world as xmlsec is interpretting it as the MS "friendly" cert name in the crypto store. I would contend that priority should be given to any included X509Certificate when verifying. This is one of the reasons signers attempt to
Hi Jurgen,
Do you have a dsig:KeyName specified ? Take out this element manually and re-verify. I have seen this also. However I do not get a crash. I believe that on a Verify if both X509Certificate is present and KeyName is present, xmlsec still tries to retrieve the certificate from the KeyMn
I would wager, but Alexsey is the expert, that it might be a good idea
to ignore the KeyName if an X509Certificate is present when Verifying.
After all the reason it got there in the first place is that it was used
to select the cert/key when you originally signed it with xmlsec and is
left
No. Please, provide the stack trace for the crash.
Aleksey
Jürgen Heiss wrote:
Does really now one have any idea?
Hi,
I use the following code to verify a signed file.
The problem is now, the xmlSecDSigCtxVerify crahses if the certificate
isn't installed on my machine!?!
How can I check this
Does
really now one have any idea?
Hi,
I use the following
code to verify a signed file.
The problem is now,
the xmlSecDSigCtxVerify crahses if the certificate isn't installed on my
machine!?!
How can I check this
file? Can I excract the certificate and load it into a
xmlSecKeysMngrPtr
Hi,
I use the following
code to verify a signed file.
The problem is now,
the xmlSecDSigCtxVerify crahses if the certificate isn't installed on my
machine!?!
How can I check this
file? Can I excract the certificate and load it into a
xmlSecKeysMngrPtr?
thanks for any
help.
if(
12 matches
Mail list logo