Are you using the xml file from the example or some other file? If it is a custom file, then it would be helpful if you can share it.
Thanks Aleksey James Olsen wrote:
Hello, I have am xml document and x509 public key that I'm trying to verify the signature on. I've compiled the unmodified verify3 example program that is in the xmlsec tarball and it is the program I'm using to try to verify the signature. Here is the output: func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=229:obj=sha1:subj=unknown:error=12:invalid data:data and digest do not match Signature is OK I admit I'm very new to the security mechanism and I don't have a solid understanding of the specifications. However, it seems to me if there is invalid data (the data and digest do not match) then the signature verification should be considered a failure. How should the results of verify3 be interpreted? Was the signature verification really a success with that error?
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
