[xmlsec] Signing with root element not having namespace
Kiss Ádám
kiss.adam at prolan.hu
Thu Jun 4 03:57:14 PDT 2020
Thank you for your answer!
Unfortunately the standard is not public, but obfuscated version should be okay for investigation. I've attached the XSDs the standard specify. The XML I sent you earlier is just our interpretation, can be changed.
Do you have any idea we can go on?
Bests, Adam
________________________________
Feladó: Aleksey Sanin <aleksey at aleksey.com>
Elküldve: 2020. június 3. 17:39
Címzett: Kiss Ádám; xmlsec at aleksey.com
Tárgy: Re: [xmlsec] Signing with root element not having namespace
Indeed in your XML file the Signature node doesn't have the correct
namespace:
<Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
Is this standard publically available somewhere? This doesn't look
right to me.
Aleksey
On 6/3/20 7:50 AM, Kiss Ádám wrote:
> Hello!
>
>
> I've been using your lib for a long time with many success!
>
>
> Now I got a task which I cannot handle with my skills. I've attached a
> simplified version of the XML.
>
>
> The main problem is that an industry standard determines the whole
> structure of the XML in this application including the namespaces. When
> I tried to sign it with the standard method in the doc I got the error:
> 'node not found'. It turned out xmlsecGetNodeNSHref sees the <Signature>
> block with (null) namepspace, which doesn't fit xmlsec's requirement.
> Changing xmlSecFindNode to ignore the (null) namespace helped for a
> short time, but some function calls later a similar error was found in
> xmlSecFindParent. After getting over again C14N failed. I am not sure if
> that (null) is the problem during the canonization.
>
>
> I cannot see that deep into the code. Could you help me out?
>
>
> Bests,
>
> Adam
>
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20200604/2e3d14a7/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: XYZBlock.xsd
Type: application/xml
Size: 965 bytes
Desc: XYZBlock.xsd
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20200604/2e3d14a7/attachment-0004.xsd>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: xmldsig-core-schema.xsd
Type: application/xml
Size: 10293 bytes
Desc: xmldsig-core-schema.xsd
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20200604/2e3d14a7/attachment-0005.xsd>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Message.xsd
Type: application/xml
Size: 1878 bytes
Desc: Message.xsd
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20200604/2e3d14a7/attachment-0006.xsd>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: example.xml
Type: text/xml
Size: 1575 bytes
Desc: example.xml
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20200604/2e3d14a7/attachment-0002.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: example_dummy_signed.xml
Type: text/xml
Size: 1771 bytes
Desc: example_dummy_signed.xml
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20200604/2e3d14a7/attachment-0003.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: BaseTypes.xsd
Type: application/xml
Size: 1302 bytes
Desc: BaseTypes.xsd
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20200604/2e3d14a7/attachment-0007.xsd>
More information about the xmlsec
mailing list