Hi Aleksey, The attached file is a signature produced by Microsoft's InfoPath (XML forms Manager from Office 2003). It's an enveloped signature with an extra reference to a comment element. XMLSec verify reports data and digest problem (as below). InfoPath uses the latest .Net Framework librairies which is used across all Microsoft XMLDSIG implementations.
Is this the same problem as referenced in your FAQ section 3.2 ? Or is this something else ? Ed C:\XMLSec>xmlsec verify --store-signatures --print-debug inout/SimpleForm-2003-08-13.xml func=xmlSecOpenSSLEvpDigestVerify:file=..\src\openssl\digests.c:line=164:obj =sha1:subj=unknown:error=12:invalid data:data and digest do not match FAIL P.S. For all the XMLSec followers waiting for a MS CAPI implementation, we have a work-around for our desktop signer which essentially exports the key from the MS Crypto Store using CAPICOM. There XMLSEC can get at it as a P12/PFX on the file system. There is a password prompt, but we enforce password protection of the MS Crypto Store anyway. The only pre-requisite is that the key/cert must be marked as exportable when initially loaded into the MS Crypto Store. It has been getting us by while we wait. Our XMLSec is running OpenSSL on the desktop.
SimpleForm-2003-08-13.zip
Description: Zip compressed data