christopher skinner [https://community.jboss.org/people/ctskin] created the discussion "Re: Manual verification of SignatureValue" To view the discussion, visit: https://community.jboss.org/message/721979#721979 -------------------------------------------------------------- I have Similar problem: Client sent "demo" XML files... certificate OK, Public Key OK, Verified to Digest with 3021300906052b0e03021a05000414 and 20 bytes which MUST BE WHAT WAS SIGNED BUT the  digest value NOt = "Verified" digest ,ad I cant make a digest equal to either - some fiddle-de-dee has been going on I also use org.apache.xml.security.c14n.Canonicalizer ....   Now I can only hope the client can provide me with the exact byte array he used to get the digest. Unfortunately we are in an adverserial situation, the client has an interest in seeing us fail (its a long story!) so Im not holdingmybreath. -------------------------------------------------------------- Reply to this message by going to Community [https://community.jboss.org/message/721979#721979] Start a new discussion in JBoss Web Services at Community [https://community.jboss.org/choose-container!input.jspa?contentType=1&...]