|
Hi all,
I want to create a detached XML signature over the contents of an arbitrary file. (The file could be XML or binary.)
Because the file will not be in a fixed location and will be moved around, I presume I should omit the URI attribute from the SignedInfo/Reference element. It will be up to the receiving application to know which signature relates to which file via other means.
Am I making sense so far?
Is there some example Java code that illustrates how to a) create a signature in the above manner using the XML Security library, and b) how to verify a signature so created. At the time of verification the app would need to indicate which object the signature relates to, as the signature would not contain a reference to the object itself.
Any help would be much appreciated.
Thanks in advance ...
Stephen Chell
|
