Scott Cantor wrote:
The output of my debugging shows the SignedInfo as:
Using email for this is pointless. Any whitespace will throw off the result,
so you'd need to compare them byte for byte on your own.
Also, you are comparing it to what is in the Signature, this is wrong,
because that is the pre-canonicalized representation of SignedInfo. You
need to modify your signature generation application and dump the
canonicalized bytes (which is cached by the implementation) after you
generate the signature. Then do the same in your validation application
and compare the bytes.
--Sean
