The Signature class / xml.Signature methods |
Verifies whether all references in this Signature object haven't changed.
Returns TRUE if valid, FALSE otherwise.
If the signature type is:
See XML Signature concepts for more details.
By default, the validation process uses the CryptoKey set with setKey() to verify the signature. However, if the signature contains a X509 certificate or a X509 retrieval method, it uses the list of trusted certificate, or if the signature contains a RSA or DSA retrieval method, it uses the RSA or DSA public key automatically loaded.
Before loading the XML document to verifiy the signature, you might need to set some options to retrieve the "id" nodes with the xml.DomDocument.setFeature() method:
DEFINE doc xml.DomDocument ... CALL doc.setFeature(feature, TRUE) ...
Here feature must be "auto-id-attribute" if the "id" attribute has no namespace, or "auto-id-qualified-attribute", when "id" has a namespace.
Xml security operation failed : libxml2 library function failed : expr=xpointer(id('id-1436767651')).
Meaning that the parser could not find the "id" attribute in the XML document.
Note that the "auto-id-*" features will declare all XML attributes where the name is "id", "ID", "Id" or "iD" to be of type ID, and thus be usable via xml.DomDocument.getElementById() method used during signature validation.
If needed, you can also set features for a specific attribute with the xml.DomNode.setIdAttribute() method, or with the xml.DomNode.setIdAttributeNS() method.
In case of error, the method throws an exception and sets the STATUS variable. Depending on the error, a human-readable description of the problem is available in the SQLCA.SQLERRM register. See Error handling in GWS calls (STATUS).