I'm developing an application that signs and validate xml files using the apache xml security library.
To sign a file is easy, but the validation part is becoming a real problem for me.
I've been able to validate te signature itself, and its expiration dates, but i need more than just that. I need to validate the certification chain and rcl files as well.
To be honest I could find some examples to validate the chain, but I don't understand how the certification chain really works.
If you guys could give me some steps to follow would be very nice. My deadline is coming and i still have some pieces to put together.
My goals are:
- Assure that the certicate used was an end user certificate and not from a certification authority; (Didn't find nothing about this kind of validation)
- Adopt rules defined by RFC 3280 for RCL and chain of trust (certification chain); (Completely lost on this one)
- Verify if the revogation and chain lists are up to date; (Didn't get that far on my research)
- Validate the key type used accept only keys type A; (I didn't find anything about this types only when you pucharse your key you choose this kind of things, at least here on brazil.)
Thanks in advance.
- Need lots of help - Validating Signed XML files Cláudio Engelsdorff Avila
- Re: Need lots of help - Validating Signed ... Martin Labarthe Dubois
- Re: Need lots of help - Validating Sig... Cláudio Engelsdorff Avila
- Re: Need lots of help - Validating Signed ... Milan Tomic
- Re: Need lots of help - Validating Sig... Cláudio Engelsdorff Avila
- Re: Need lots of help - Validating... Martin Labarthe Dubois
- Re: Need lots of help - Valida... Cláudio Engelsdorff Avila
- Re: Need lots of help - V... Cláudio Engelsdorff Avila
- Re: Need lots of help... Martin Labarthe Dubois
- Re: Need lots of ... Cláudio Engelsdorff Avila
- Re: Need lots of ... Martin Labarthe Dubois
