Heyjung
as I
understand it you first sign, then encrypt your XML document
(decrypt/verify to check it).
Depending on the xmlsec-jar you use there may be problems in
the
encryption mehtods.
The
problem in some case (note: XML encryption is in beta) is
that
the
encryption _may_ change contents of your XML data you just
signed. This breaks the signature. This happens e.g. if you
use
Content mode as opposed to Element mode, also if your
XML
contains CDATA or comments it may break.
Please
refer to some mails about this in the mail archive (December
and
January). There was a fix for one particular problem but not as
a
overall solution.
Regards,
Werner
-----Urspr�ngliche Nachricht-----
Von: Hye-Jung Kim [mailto:[EMAIL PROTECTED]
Gesendet: Montag, 2. Februar 2004 00:51
An: [EMAIL PROTECTED]
Betreff: Verification after decryptHello,I am trying to decrypt and verify data( signed & encrypted ) using the XML security suite and the signature.checkSignatureValue(cert) returns false which means the signature varification has failed. I am not sure why it failed since verification for signed only data and decrypt for encrypted only data work fine. Can I simply decrypt the signed & encrypted data first then pass it to my verifier to create XMLSignature to call checkSignatureValue ? Please advise!Thanks in advance.Hyejung
