Milan Tomic wrote :
> You haven't told us which libraries (and version) are you using:
> C++ or Java? Also, some code samples would help.
Oops, sorry, I'm using Java libraries version 1.0.4, here is how the
verfication is done :
public void verifySignature(String message) throws Exception {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder db = dbf.newDocumentBuilder();
m_document = db.newDocument();
// we got a string we want a stream
m_document = db.parse(new ByteArrayInputStream(message.getBytes()));
m_root = m_document.getDocumentElement();
Element nscontext = XMLUtils.createDSctx(m_document, "ds",
Constants.SignatureSpecNS);
Element sigElement = (Element) XPathAPI.selectSingleNode(m_document, "//
ds:Signature", nscontext);
XMLSignature signature = new XMLSignature(sigElement, "");
KeyInfo ki = signature.getKeyInfo();
X509Certificate cert = signature.getKeyInfo().getX509Certificate();
cert.checkValidity();
signature.checkSignatureValue(cert);
}
There are of course verfication if the message actually contains the signature
and the certificate but this would be too long to paste it here.
Regards, Akeru.
