mace-opensaml-users - RE: Enveloped signature accepted or not depending on LF inside the Signature element
Subject: OpenSAML user discussion
List archive
RE: Enveloped signature accepted or not depending on LF inside the Signature element
Chronological Thread
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: Enveloped signature accepted or not depending on LF inside the Signature element
- Date: Mon, 3 Mar 2008 11:32:51 -0500
- Organization: The Ohio State University
> Ah!. So the only part unsigned it's the KeyInfo! (and I pressume the
> SignatureValue, because that would be recursive).
Yes.
> versions. Thank you very much. So then the
>
> INFO [org.apache.xml.security.signature.Reference] Verification
successful
> for URI "..."
>
> only means that the part outside the Signature generates the same
> DigestValue as is in the Signature's SignedInfo, but later some digest
> of the SignedInfo (or it plus something more) is calculated before
> validating with the signer's public key, and that fails because of
> the whitespace differences. Right?
Well, yes, but that's not before validating, that is the validation. The
SignatureValue is a public key signature over the octets making up that c14n
step.
-- Scott
- Enveloped signature accepted or not depending on LF inside the Signature element, Xavier Drudis Ferran, 03/03/2008
- RE: Enveloped signature accepted or not depending on LF inside the Signature element, Scott Cantor, 03/03/2008
- <Possible follow-up(s)>
- Re: Enveloped signature accepted or not depending on LF inside the Signature element, Xavier Drudis Ferran, 03/03/2008
- RE: Enveloped signature accepted or not depending on LF inside the Signature element, Scott Cantor, 03/03/2008
- Re: Enveloped signature accepted or not depending on LF inside the Signature element, Xavier Drudis Ferran, 03/03/2008
Archive powered by MHonArc 2.6.16.