santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Scott Cantor" <>
Subject RE: cant verify after serialize/parse
Date Sun, 10 Sep 2006 23:57:43 GMT
> So... I am able to make this work be creating a new XMLSignature,
> setting the data of the SignatureValue node of the new XMLSignature to
> that of the original XMLSignature and then verifying the new
> XMLSignature. This seems to work. I'm just curious if anybody thinks
> that this is bad practice for some reason.

It's more like pointless practice, not bad practice. Whatever the problem
is, it's probably a bug (or bugs) in your overall handling of the XML.

Matter of fact, what you describe didn't even use to work well. There were
lots of issues adding signature elements and immediately verifying them. You
*had* to serialize and parse to use them.

If the signature is breaking after, that wouldn't be unusual, but recreating
the nodes with the same signature value would also fail in most cases
because the DOM itself has been corrupted. So I think your bug is somewhere
else, but no idea where.

-- Scott

View raw message