http://www.aleksey.com/xmlsec/faq.html
The xmlSecDSigVerify returns -1 if there is a critical error (i.e. something really
bad happens like wrong XML structure). "Signature is not valid" is a possible
*valid* result of this operation. In this case, we return 0 to indicate that there is
no critical errors and in the same time, we don't verify the signature because
result is not "ok".
Aleksey
Meg Morgan wrote:
I hit this error while checking a signature, but the return
value is 0 so it doesn't really fail.
xmldsig.c: 1493
if((!sign) && (ref->result != xmlSecTransformStatusOk)) {
xmlSecError(XMLSEC_ERRORS_HERE,
XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE,
" ");
/* "soft" error */
res = 0;
goto done;
}
What does this really mean?
Sorry to ask so many questions today ...
meg
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec