I have generated a Security-Label which has the root Element: Binding-Information with the Children MetadataBindingContainer and Signature. When I generate the XML, the Reference with the URI"" digests everything, but the SignatureValue and the Reference itself.
After that I want to verify the label by verifying the References (and some other things, but that has nothing to do with the problem). Every Reference gets verified just fine. For example a Reference to a Data Object and a Reference to the Manifest. But as soon as it tries to verify the Reference over the whole Document (URI="") it fails. The DigesterOutputStream also shows, that it only points to the Manifest. So I stepped into the code and noticed, that when it calls the Function: context.attr.getOwnerElement().getOwnerDocument() in the Class ResolverFragment(engineResolveURI), it does not get the expected Document, but just the Manifest Element. I had the feeling, that the BaseURI was not correct, so I changed that in the XMLSignatureObject, that I was calling the .getSignedInfo().verifyRreferences(true). But it did not work either.
Another guess is, that the Exception is wanted and I have to verify the Reference in the Manifest in another way.
Any Suggestion on how to proceed are highly appreciated. Solving my problem would be even better.
