Bug 41731 - More decription on signature verification
Summary: More decription on signature verification
Status: NEW
Alias: None
Product: Security - Now in JIRA
Classification: Unclassified
Component: Signature (show other bugs)
Version: unspecified
Hardware: Other other
: P2 enhancement
Target Milestone: ---
Assignee: XML Security Developers Mailing List
Depends on: 41662
  Show dependency tree
Reported: 2007-02-28 08:10 UTC by KUb4dg
Modified: 2007-03-09 06:04 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description KUb4dg 2007-02-28 08:10:12 UTC
signature.checkSignatureValue() should return more than true/false.  Ideally, an
exception with a method getFailedReference() to find out what part of the
signature failed the verification.

Possible Exception types:
  - reference hash failed (provide pointer to that reference)
  - certificate didn't produce this signature
  - reference's hashed correctly, but the top-level node hash failed

And so on.

To preserve the interface of true/false, perhaps provide a
getWhatDarnThingFailed() method returning a reference so the calling application
can point the user at the right place.
Comment 1 Raul Benito 2007-03-09 05:58:04 UTC
Change to enhance.