verify_signature Method
Verifies signed XML.
Syntax
def verify_signature() -> None: ...
Remarks
This method verifies signatures contained in the XML.
When on_verify_signature is called, the class will scan the XML document and fire the on_signature_info event for each signature that is found. When the on_signature_info event fires the Reference* properties will be populated.
Within the on_signature_info event the reference_xml_element property must be set to the location of the XML element to which the signature applies. The reference_uri property may contain data helpful to locating the XML element.
The reference_xml_element property specifies the XPath to the element. For instance:
/root/myElement | XPath syntax |
/root/[1] | XPath syntax using an index |
/root/ns:myElement | XPath syntax where the element has a namespace |
myElement | Just the element name |
@id=myid | Attribute selector: This will select an element with an attribute "id" whose value is "myid". |
/root/myElement[1]/ns:name2[@attr=attrValue] | XPath syntax using an index and attribute selector |
The signature is verified either using a key parsed from the signed XML, or using the certificate specified by the SignerCert* properties. The class will automatically parse the signer certificate (if present) from the signed XML and populate the SignerCert* properties with the parsed value.
When on_signature_info fires, if the SignerCertParsed parameter is True the SignerCert* properties may be inspected to see the details of the parsed certificate. If SignerCertParsed is False, then the SignerCert* properties must be set to a valid certificate for signature verification to proceed.
When the on_signature_info event finishes firing, the certificate present in the SignerCert* properties will be used to verify the signature, whether this is the certificate automatically parsed by the class or a different certificate specified within the event.
If the signature was successfully verified the method will return without error. If the signature was not verified the method fails with an error.