41731 – More decription on signature verification

Bug 41731 - More decription on signature verification

Summary: More decription on signature verification

Status:	NEW

Alias:	None

Product:	Security - Now in JIRA
Classification:	Unclassified
Component:	Signature (show other bugs)
Version:	unspecified
Hardware:	Other other

Importance:	P2 enhancement
Target Milestone:	---
Assignee:	XML Security Developers Mailing List

URL:
Keywords:

Depends on:	41662
Blocks:
	Show dependency tree

Reported:	2007-02-28 08:10 UTC by KUb4dg
Modified:	2007-03-09 06:04 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description KUb4dg 2007-02-28 08:10:12 UTC

signature.checkSignatureValue() should return more than true/false.  Ideally, an
exception with a method getFailedReference() to find out what part of the
signature failed the verification.

Possible Exception types:
  - reference hash failed (provide pointer to that reference)
  - certificate didn't produce this signature
  - reference's hashed correctly, but the top-level node hash failed

And so on.

To preserve the interface of true/false, perhaps provide a
getWhatDarnThingFailed() method returning a reference so the calling application
can point the user at the right place.

Comment 1 Raul Benito 2007-03-09 05:58:04 UTC

Change to enhance.