// is this call redundant given that signature.checkSignatureValue uses References ?
ref = getReference(signature);
Element signedElement = validateReference(root, ref);
// validate trust
new TrustValidator().validateTrust(crypto, cert, keyInfo.getPublicKey());
if (persistSignature) {
message.setContent(XMLSignature.class, signature);
message.setContent(Element.class, signedElement);
}