I don't see example but "ds:SignatureType" defines Signature node in the DS namespace.
Aleksey On 10/15/12 12:56 PM, Simon Josefsson wrote: > Hi. I want to implement support for signing/verifying PSKC data (RFC > 6030) which uses xmldsig. The XML schema is here: > > http://tools.ietf.org/html/rfc6030#section-11 > > In particular it refer to xmldsig like this: > > <xs:element name="Signature" > type="ds:SignatureType" minOccurs="0"/> > > As far as I can tell (and this is reinforced by the example in section 7 > of RFC 6030), this means the XML will have a Signature element in the > PSKC namespace but with children from the xmldsig namespace. For > example: > > <?xml version="1.0" encoding="UTF-8"?> > <KeyContainer > xmlns="urn:ietf:params:xml:ns:keyprov:pskc" > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; > Version="1.0"> > <KeyPackage> > ... > </KeyPackage> > <Signature> > <ds:SignedInfo> > <ds:CanonicalizationMethod > ... > > I'm having trouble making XMLSec cope with this. xmlSecDSigCtxSign > calls xmlSecDSigCtxProcessSignatureNode which starts with: > > if(!xmlSecCheckNodeName(node, xmlSecNodeSignature, xmlSecDSigNs)) { > xmlSecError(XMLSEC_ERRORS_HERE, > > So I get a hard error when trying to sign with a Signature node that > isn't in the xmldsig namespace. Any ideas on what could be done here? > > (Sorry if you get a similar email later on, I recently subscribed to > re-send this e-mail.) > > Thanks, > /Simon > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec > _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
