Return-Path: Delivered-To: apmail-xml-security-dev-archive@www.apache.org Received: (qmail 64371 invoked from network); 27 Jul 2005 17:17:29 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 27 Jul 2005 17:17:29 -0000 Received: (qmail 57306 invoked by uid 500); 27 Jul 2005 17:17:27 -0000 Delivered-To: apmail-xml-security-dev-archive@xml.apache.org Received: (qmail 57290 invoked by uid 500); 27 Jul 2005 17:17:26 -0000 Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: Reply-To: security-dev@xml.apache.org List-Id: Delivered-To: mailing list security-dev@xml.apache.org Received: (qmail 57277 invoked by uid 99); 27 Jul 2005 17:17:26 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Jul 2005 10:17:26 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [192.18.42.13] (HELO nwkea-mail-1.sun.com) (192.18.42.13) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Jul 2005 10:17:19 -0700 Received: from phys-bur1-1 ([129.148.13.15]) by nwkea-mail-1.sun.com (8.12.10/8.12.9) with ESMTP id j6RHHO3t014049 for ; Wed, 27 Jul 2005 10:17:24 -0700 (PDT) Received: from conversion-daemon.bur-mail2.east.sun.com by bur-mail2.east.sun.com (iPlanet Messaging Server 5.2 HotFix 1.24 (built Dec 19 2003)) id <0IKA00101QMDXV@bur-mail2.east.sun.com> (original mail from Sean.Mullan@Sun.COM) for security-dev@xml.apache.org; Wed, 27 Jul 2005 13:17:24 -0400 (EDT) Received: from [129.148.174.155] (halfmarathon.East.Sun.COM [129.148.174.155]) by bur-mail2.east.sun.com (iPlanet Messaging Server 5.2 HotFix 1.24 (built Dec 19 2003)) with ESMTPA id <0IKA001MDQOZIF@bur-mail2.east.sun.com> for security-dev@xml.apache.org; Wed, 27 Jul 2005 13:17:23 -0400 (EDT) Date: Wed, 27 Jul 2005 13:19:30 -0400 From: Sean Mullan Subject: Re: how to build a valid XML Signature when the signature already exists In-reply-to: <07D45114BB096D47945E744D5EA9BD08F8B63F@nsildcw2k01.int.nsi-sa.be> To: security-dev@xml.apache.org Message-id: <42E7C222.8000604@Sun.COM> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 8BIT X-Accept-Language: en-us, en User-Agent: Mozilla Thunderbird 1.0 (X11/20041208) References: <07D45114BB096D47945E744D5EA9BD08F8B63F@nsildcw2k01.int.nsi-sa.be> X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N PKCS7 is based on a different format (ASN.1)/structure and isn't compatible with XML Signatures. You should use a PKCS7 validation tool/library. --Sean Frankinet Philippe wrote: > Dear, > How to do if the signature already exists (e.g stored as PKCS7 format on > a backup system) ?? How to give the existing signature bytes, > certificate, ... to the XML signature process ? > > We have all elements in hands but we don't know how to proceed. > Sample code will be appreciated > > Thanks a lot, > Philippe. > > > Frankinet Philippe > NSI s.a. > Chauss�e de Bruxelles 174A > B-4340 Awans > > T�l. +32 4 239 91 50 > Fax +32 4 246 13 08 > _Http://www.nsi-sa.be_ >