[xmlsec] Problem with ver 0.0.11
kltsai
kltsai at ecomuniversal.com.tw
Tue Dec 3 23:53:31 PST 2002
Hi Aleksey Sanin:
I sign an XML signature with the following templete with the default
dsakey.pem:(testApp sign --privkey dsakey.pem sample1.xml > kltsai6.xml)
==========================================================================
<?xml version="1.0"?>
<IFX>
<Data1 Id="anchor1">
<Name>May</Name>
</Data1>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="kenny at a.b.c">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
<Reference URI="#xpointer(/)">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
</SignedInfo>
<SignatureValue/>
<KeyInfo>
<KeyValue/>
</KeyInfo>
</Signature></IFX>
==========================================================================
And then I got the following result signature:
==========================================================================
<?xml version="1.0"?>
<IFX>
<Data1 Id="anchor1">
<Name>May</Name>
</Data1>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="kenny at a.b.c">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<Reference URI="#xpointer(/)">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>4x8bEd1KuMZOF4Yvyt9Eh3Y/9hs=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>jpbFT2G7aKr5WnZ3zoIXC8eAtwgn6lSqkDYgbuhdT8NguZb6tZKmxA==</SignatureValue>
<KeyInfo>
<KeyValue>
<DSAKeyValue>
<P>
imW6KYBPYXAf6itSAuYs1aLPfs8/vBEiusv/pl1XMiuMvB7vyiJgSj8/NTkRci/U
X/rVXv8rbCRjvYFX3x5/53f4hc6HKz7JQI4qqB7Fl5N86zp+BsQxNQ4tzous9S2H
Td2/zdTwVsvO+H9l3FahmVp/m2IHE4W27JYoF49qP10=
</P>
<Q>
v/xzWqjRviekk2rMW3wpYspT9Us=
</Q>
<G>
UIyzUDlLe6uCCgF4Rh98fiKZvg64UJ4FM5L+WbCSMmVsFN06fTwxy3naPPOCzzou
fsHv/Bve2gvrDvd078oXWJJf9A44pIZnJkdjEhm2RsDFpXNq0tPKZFcjVsdmqg4M
X6YNuwpvZuTwSoDG5u1QMN0mmH9gmbIT3j9x4MO+7EY=
</G>
<Y>
On+KBJE3q1TRhG9RspNX01VI5C0VzSy4N/QyC4YzEENoq3GJkKHIYq+grq9ZqV9x
g2Geo/3mqhdcENOtYRmWEfOZJj18oukD6TNceYRZ4HjHjK3WY3wK2OV6QOly+k3f
xgEQpP/7IlCka5YICLuHXrbqjn5b0XcK9L2GDtWOyjs=
</Y>
</DSAKeyValue>
</KeyValue>
</KeyInfo>
</Signature></IFX>
==========================================================================
The signing procedure signed silently and successfully. However, the signature seemd
wrong because I use "testApp verify kltsai6.xml", and it shows some errors:
C:\temp\xmlsec-0.0.11\TestApp\Release>testapp verify kltsai6.xml
(C:\temp\xmlsec-0.0.11\src\xmldsig.c:1493): error 51: invalid reference :
==========================================================================
= Status:
== Signatures ok: 0
== Signatures fail: 1
== SignedInfo Ref ok: 0
== SignedInfo Ref fail: 1
== Manifest Ref ok: 0
== Manifest Ref fail: 0
FAIL
Error: operation failed
==========================================================================
I realy had no idea, could anyone tell me what happened? Thanks a million~~
kltsai
--
More information about the xmlsec
mailing list