santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Raul Benito <>
Subject Re: Problem with verifying enveloped XML signatures
Date Wed, 09 Feb 2005 09:58:43 GMT
You need to add enveloped transformation to your reference. This will
fix your problem.


On Wed, 26 Jan 2005 13:08:58 +0000 (UTC), Neil Bennett <> wrote:
> I am trying to verify an enveloped XML signature.  If the signed document is
> saved to a file and then read back in, there is no problem.  The signature is
> shown as valid.
> However, as I am using enveloped signatures, I do not really want to save the
> signature to a file.  When I verify the signature, I just want to load in the
> signed DOM Document from memory and verify it directly rather than having to
> build a DOM Document from scratch and load in a signature file.
> However, when I pass in my signed DOM Document, I always get an error stating
> that the signature is invalid.
> I have manually checked the XML signatures generated by the two methods and
> they are identical (except for digest and signature values obviously).
> My only guess is that the problem lies with the XMLSignature constructor.  I am
> using "new XMLSignature( signatureElement, baseURI )".  Where I am loading in a
> file, I just use the same baseURI as I used to generate the signature.
> However, when I am reading the DOM Document directly, what parameter should I
> pass in to the XMLSignature constructor, bearing in mind that there is no
> signature file?
> Any help would be much appreciated.
> Neil

View raw message