Closed andreas-hilti closed 6 days ago
If the signature uses a namespace prefix like ds:Signature, the cli fails to recongnize it.
ds:Signature
For instance, based on this xml example https://cyclonedx.org/use-cases/#authenticity with an arbitrary key file, you get:
cyclonedx.exe verify all signed_bom.xml --key-file public.key Loading public key... Loading XML BOM... Reading signatures... No signatures found
even though this document contains a signature (i.e. it should either pass or fail the test).
If the signature uses a namespace prefix like
ds:Signature, the cli fails to recongnize it.For instance, based on this xml example https://cyclonedx.org/use-cases/#authenticity with an arbitrary key file, you get:
even though this document contains a signature (i.e. it should either pass or fail the test).