Scott- Thanks for the reply. I'm running a slightly modified version of the sample code that uses my "raw" (not a certificate) DSA key and my XML file. I set XSEC_DEBUG_FILE in my environment to a world writable file, but it never wrote anything to that file. Do I need to trigger this debug output somehow?
I have signing & verifying working; however, there is something strange. If I ONLY apply the TRANSFORM_C14N_WITH_COMMENTS transform, the signature does not work. If I apply TRANSFORM_ENVELOPED_SIGNATURE, then TRANSFORM_C14N_WITH_COMMENTS it works, but the other way around does not. Any thoughts on why I cannot use TRANSFORM_C14N_WITH_COMMENTS without TRANSFORM_ENVELOPED_SIGNATURE? What am I missing/not understanding here? Bill- On Sat, Mar 26, 2011 at 3:40 PM, Cantor, Scott E. <[email protected]> wrote: >>So I am able to create a signed XML document; however, now I'm having >>issues trying to validate the XML signature in C++. I've attached the >>C++ code to this document. > > Assuming that's the sample from the library, if it's not working, it's > possible you're corrupting the XML before verifying it. > > Either way, the latest library finally has support for directing the > digested octets to a logfile so you can compare them to what the Java > logger is seeing. Just set XSEC_DEBUG_FILE to a path to dump the data to. > > -- Scott > >
