Hi! It seems to me from the answers I have gotten that there are no easy ways to verify XML-signatures against (the public key from) X509 PEM-certificate files. The xmlSecSimpleKeysMngrLoadPemKey does not accept loading public keys from such files. It does only accept public key files starting with -----BEGIN PUBLIC KEY----- So, does any of you know a way of creating such public key files from X509 PEM-certificates?
The question is really, how can one make sure the identity of the signer without verifying the signature against a public key you know belongs to the signer. Or is it possible to check who is the owner of the public key contained in the KeyInfo? :) _______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
