Tejkumar Arora wrote:
A related question: Are you accounting for multiple <X509Data> elements under <KeyInfo> ?.I see in the logic that you call *X509VerifyAndExtractKey immediately after reading one <X509Data> element.....
As I wrote in previous reply, I believe that all certificates from the same certificates
chain MUST be inside the same <dsig:X509Data/> element:
" All such elements that refer to a particular individual certificate MUST be grouped
inside a single
X509Data element and if the
certificate to which they refer appears, it MUST also be in that
X509Data element."Aleksey
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
