Closed philiprbrenan closed 3 years ago
Pretty sure its related to multiple signatures. Drop the xml into https://tools.chilkat.io/xmlDsigVerify.cshtml and it will check each signature. It the originaly failed case there are three signatures, The signatures of the SignedInfo verify properly but only one of the digests verify. I have been rewriting the verify functions to ensure it deals with multiple signatures. The verification of SignedInfo works now I just need to figure out the digest issue
https://tools.chilkat.io/xmlDsigVerify.cshtml#generatedCode also confirms that the signature is valid:
Can you send me that XML? There is only one signature so that shoots my theory to ...
On Wed, Nov 25, 2020 at 10:02 AM philip r brenan notifications@github.com wrote:
https://tools.chilkat.io/xmlDsigVerify.cshtml#generatedCode also confirms that the signature is valid:
[image: image] https://user-images.githubusercontent.com/7548378/100237418-d2648d80-2f26-11eb-8bbb-8f889edd885b.png
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/perl-net-saml2/perl-XML-Sig/issues/8#issuecomment-733724937, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAH3N6ZDUKEIF23FUIJK5VDSRUFARANCNFSM4UCMPI7A .
Duplicate of #5
Another example of an XML (SAML) signed document that:
SamlTool
claims is valid, but which XML::Sig claims is invalid.
test.pl