Hi Aleksey,
The attached file is a signature produced by Microsoft's InfoPath (XML
forms Manager from Office 2003). It's an enveloped signature with an extra
reference to a comment element. XMLSec verify reports data and digest
problem (as below). InfoPath uses the latest .Net Framework librairies which
is used across all Microsoft XMLDSIG implementations.
Is this the same problem as referenced in your FAQ section 3.2 ? Or is
this something else ?
Ed
C:\XMLSec>xmlsec verify --store-signatures --print-debug
inout/SimpleForm-2003-08-13.xml
func=xmlSecOpenSSLEvpDigestVerify:file=..\src\openssl\digests.c:line=164:obj
=sha1:subj=unknown:error=12:invalid data:data and digest do not match
FAIL
P.S. For all the XMLSec followers waiting for a MS CAPI implementation, we
have a work-around for our desktop signer which essentially exports the key
from the MS Crypto Store using CAPICOM. There XMLSEC can get at it as a
P12/PFX on the file system. There is a password prompt, but we enforce
password protection of the MS Crypto Store anyway. The only pre-requisite is
that the key/cert must be marked as exportable when initially loaded into
the MS Crypto Store. It has been getting us by while we wait. Our XMLSec is
running OpenSSL on the desktop.
SimpleForm-2003-08-13.zip
Description: Zip compressed data
