Verifier is pretty stupid and can't do multiple signatures. With xmlsec1 command line tool you can specify the Signature node you want to verify using xpath
Aleksey On 2/26/13 8:57 AM, Gpe. Raquel Toledo wrote: > Right now i have a project includes 2 or many signatures, but i cant > found any example that is valid for verifier > (http://www.aleksey.com/xmlsec/xmldsig-verifier.html) with 2 signatures. > > Thanks on advanced. > > > <?xml version="1.0" encoding="ISO-8859-1"?> > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"; id="F01"> > <SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> > <CanonicalizationMethod > Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315";></CanonicalizationMethod> > <SignatureMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></SignatureMethod> > <Reference URI="#TA01"> > <DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></DigestMethod> > <DigestValue>...mAPUI=</DigestValue> > </Reference> > <Reference URI="#IC01"> > <DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></DigestMethod> > <DigestValue>.../wQ=</DigestValue> > </Reference> > </SignedInfo> > <SignatureValue>...tlwyE=</SignatureValue> > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"; Id="IC01"> > <KeyValue> > <RSAKeyValue><Modulus>...</Modulus> > <Exponent>AQAB</Exponent></RSAKeyValue> > </KeyValue><X509Data> > <X509Certificate>...ORnQBO5A=</X509Certificate> > </X509Data> > </KeyInfo> > <Object xmlns="http://www.w3.org/2000/09/xmldsig#"; Id="TA01"> > <DatosTramite> > <Informacion>...</Informacion> > </DatosTramite> > </Object> > </Signature> > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"; ID="F02"> > <SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> > <CanonicalizationMethod > Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315";></CanonicalizationMethod> > <SignatureMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></SignatureMethod> > <Reference ID="Id_Referencia002" URI="#F01" > TYPE="http://uri.etsi.org/01903#CountersignedSignature";> > <DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></DigestMethod> > <DigestValue>...</DigestValue> > </Reference> > <Reference URI="#IC02"> > <DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></DigestMethod> > <DigestValue>...</DigestValue> > </Reference> > </SignedInfo> > <SignatureValue ID="IS02">...</SignatureValue> > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"; Id="IC02"> > <KeyValue> > <RSAKeyValue><Modulus>...</Modulus> > <Exponent>AQAB</Exponent></RSAKeyValue> > </KeyValue> > <X509Data> > <X509Certificate>..RnQBO5A=</X509Certificate> > </X509Data> > </KeyInfo> > </Signature> > > > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec > _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
