Hi, Consider the following XML doc: https://gist.github.com/nimish/b00fb8a75a8b4c424553783c7adb7656
I’m trying to verify the wsu:Timestamp element using the sibling detached signature. xmlsec1 --verify --id-attr:ID "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:Timestamp"; --print-debug --store-references ./timestamp-wrapped.xml will fail signature verification. Output: https://gist.github.com/nimish/868029115e41fee5fe56b0b5b40872f4 I don’t see a “=== Transform: exc-c14n (href=http://www.w3.org/2001/10/xml-exc-c14n#)” under the “REFERENCE VERIFICATION CONTEXT” as I’d expect, which is likely what’s causing the verification to fail. The only defined c14n algo is xml-exc-c14n. The python package signxml, which was used to generate this signature, can verify this just fine. I am not sure if this is signxml behaving badly, or xmlsec1. Any idea what I’m doing wrong? Nimish
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
