On 9/5/12 12:18 PM, "Renato Tegon Forti" <[email protected]> wrote:
> >1) >I am using ³sig->getErrMsgs()² to get signature information erro, but it >returns me a short description of error, like: ³Reference URI="#x1s" >failed to verify Validation of <SignedInfo> failed² > >I want know if have some way to get more detailed description of error? >That points me the real erro, like: certificated is expired etc.. I would guess there isn't one. That aspect of the code predates my involvement, so I'm not familiar with it. And, in any case, it certainly isn't looking at a certificate date, so that would never be the reason at that layer. If it's telling you that the reference failed, that's all it probably can say. That's all there is, the digest isn't correct for that reference. > >2) >Some of my files (xml to check) have certificated expired! How to >instruct to santuario, to validate these files, in any way. (Treating the >expired certificate, as if he had not expired.) Santuario doesn't do anything with certificates. Trust is your application's job, not the library's. I don't recall if there are even APIs to actually provide a certificate to use for verification. I only recall (and use) the ones that are based on a key alone, and you can pull the key out of the certificate (there is an API for that). -- Scott
