hi, I am using the following node for <KeyInfo/> under <Signature/> <KeyInfo><wsse:SecurityTokenReference><wsse:Reference URI="#binarytoken"/></wsse:SecurityTokenReference></KeyInfo>
When I verify it, of cause not like <X509Data/>, the above <KeyInfo/> can not be loaded by xmlsec library automatically. So how can I load it? I try to parser the pubkey out from the binarytoken by using: xmlSecOpenSSLAppKeyFromCertLoadBIO(bio, certformat); and then load the key into keymanager: xmlSecCryptoAppDefaultKeysMngrAdoptKey(keysmanager, key); I also loaded the trusted ca certificate by using: xmlSecCryptoAppKeysMngrCertLoad(...); But it seem is the loaded trusted certificate does not effect at all. Becase even if I comment the line "xmlSecCryptoAppKeysMngrCertLoad", the verification also works. SO I think the trust chain has not been checked. Could you tell me how can I load the non-standard <KeyInfo/>, and make the trusted chain checkin work as well. Thanks in advance. Weizhong Qiang
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
