I find that 'openssl dgst -sign' and 'xmlsec1 --sign' gives validatable signatures, but with 'pkcs11-tool' the following error appears on "--test" a smartcard:
SHA1-RSA-PKCS: couldn't get the pubkey VALUE attribute, no validation done warning: PKCS11 function C_GetAttributeValue(VALUE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12) and it is impossible to validate a signature by the receiver. Somewhat off topic as to xmlsec1, maybe, but I dare to ask..... -- Si St [email protected] -- http://www.fastmail.fm - Email service worth paying for. Try it for free _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
