Berin,
I am still new at programming with this stuff (actually I am a manager type who
only programs a bit to keep my hand in). I have been extending the toy program
that I was working on and have found a more elegant solution to the problem of
how to check multiple DSIGs. I have found a standard Xerces method that will
search the DOM tree and return Named Nodes. So the whole routine that I sent to
you is not really needed. The following code snippet shows how to check
multiple DSIGs using the Xerces routine (instead of my routine). Again the
variable "result" is true if all DSIGs verify and the variable "sigcnt"
contains the index of the last DSIG that verified correctly.
Ta John
//Solution #2 (using Xerces methods)
DomList = theDOM->getElementsByTagNameNS
(DSIGConstants::s_unicodeStrURIDSIG, MAKE_UNICODE_STRING("Signature"));
sigNode = DomList->item(0);
sigcnt = 0;
result = true;
while ((result) && (sigNode != NULL)) {
sig = prov.newSignatureFromDOM(theDOM, sigNode);
// use your favourite Resolver
xxxKeyResolver ires(NULL);
sig->setKeyInfoResolver(&ires);
try {
sig->load();
result = sig->verify();
}
catch (XSECException &e) {
char * msg = XMLString::transcode(e.getMsg());
cerr << "An error occured during signature
verification"n Message: "
<< msg << endl;
XMLString::release(msg);
result = false;
}
catch (XSECCryptoException &e) {
cerr << "An error occured during signature
verification"n Message: "
<< e.getMsg() << endl;
ERR_load_crypto_strings();
BIO * bio_err;
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp
(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
ERR_print_errors(bio_err);
result = false;
}
sigcnt += 1;
sigNode = DomList->item(sigcnt);
}
