Hi. I want to implement support for signing/verifying PSKC data (RFC 6030) which uses xmldsig. The XML schema is here:
http://tools.ietf.org/html/rfc6030#section-11 In particular it refer to xmldsig like this: <xs:element name="Signature" type="ds:SignatureType" minOccurs="0"/> As far as I can tell (and this is reinforced by the example in section 7 of RFC 6030), this means the XML will have a Signature element in the PSKC namespace but with children from the xmldsig namespace. For example: <?xml version="1.0" encoding="UTF-8"?> <KeyContainer xmlns="urn:ietf:params:xml:ns:keyprov:pskc" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; Version="1.0"> <KeyPackage> ... </KeyPackage> <Signature> <ds:SignedInfo> <ds:CanonicalizationMethod ... I'm having trouble making XMLSec cope with this. xmlSecDSigCtxSign calls xmlSecDSigCtxProcessSignatureNode which starts with: if(!xmlSecCheckNodeName(node, xmlSecNodeSignature, xmlSecDSigNs)) { xmlSecError(XMLSEC_ERRORS_HERE, So I get a hard error when trying to sign with a Signature node that isn't in the xmldsig namespace. Any ideas on what could be done here? (Sorry if you get a similar email later on, I recently subscribed to re-send this e-mail.) Thanks, /Simon _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
