Hello, I have am xml document and x509 public key that I'm trying to verify the signature on. I've compiled the unmodified verify3 example program that is in the xmlsec tarball and it is the program I'm using to try to verify the signature.
Here is the output: func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=229:obj=sha1:subj=unknown:error=12:invalid data:data and digest do not match Signature is OK I admit I'm very new to the security mechanism and I don't have a solid understanding of the specifications. However, it seems to me if there is invalid data (the data and digest do not match) then the signature verification should be considered a failure. How should the results of verify3 be interpreted? Was the signature verification really a success with that error? -- James Funny quotes: "There are 10 types of people in the world. Those who understand binary, and those who don't." -- Unknown "A computer once beat me at chess, but it was no match for me at kick boxing." -- Emo Philips _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
