santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Neil Bennett <>
Subject Problem with verifying enveloped XML signatures
Date Wed, 26 Jan 2005 13:08:58 GMT
I am trying to verify an enveloped XML signature.  If the signed document is 
saved to a file and then read back in, there is no problem.  The signature is 
shown as valid.

However, as I am using enveloped signatures, I do not really want to save the 
signature to a file.  When I verify the signature, I just want to load in the 
signed DOM Document from memory and verify it directly rather than having to 
build a DOM Document from scratch and load in a signature file.

However, when I pass in my signed DOM Document, I always get an error stating 
that the signature is invalid.

I have manually checked the XML signatures generated by the two methods and 
they are identical (except for digest and signature values obviously).

My only guess is that the problem lies with the XMLSignature constructor.  I am 
using "new XMLSignature( signatureElement, baseURI )".  Where I am loading in a 
file, I just use the same baseURI as I used to generate the signature.  
However, when I am reading the DOM Document directly, what parameter should I 
pass in to the XMLSignature constructor, bearing in mind that there is no 
signature file?

Any help would be much appreciated.

View raw message