<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    I tried many different combinations similar to the one you

    suggested, but neither worked.<br>

    Could it be because Id attribute in <soapenv:Body> has a

    namespace prefix?<br>

    <span class="sc3"><span class="re0"><br>

        wsu:Id="..."<br>

        <br>

        Is this causing problems?<br>

        <br>

        Davor.<br>

      </span></span><br>

    <div class="moz-cite-prefix">On 10.06.2019 22:51, Davor Perkovac

      wrote:<br>

    </div>

    <blockquote type="cite"

      cite="mid:a867a37c-83f5-e994-4830-3c883b90cf52@gmail.com">

      <pre class="moz-quote-pre" wrap="">This requires more parameters to xmlsec1

I'm using version 1.2.20 for win32:

xmlsec1.exe --version

xmlsec1 1.2.20 (openssl)

and it results in:

xmlsec1.exe --verify

--id-attr:Id:<a class="moz-txt-link-freetext" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</a>

Example_SOAP_PKI_Echo_1_sent.xml

Error: <file> parameter is required for this command

Usage: xmlsec <command> [<options>] [<files>]

I've pasted again this full/unchanged xml file, so it should be possible

for you to try to verify it as well:

<a class="moz-txt-link-freetext" href="https://pastebin.com/u7SqZTLB">https://pastebin.com/u7SqZTLB</a>

Davor.

On 10.06.2019 19:22, Aleksey Sanin wrote:

</pre>

      <blockquote type="cite">

        <pre class="moz-quote-pre" wrap="">Try something like this:

--id-attr:Id:<a class="moz-txt-link-freetext" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</a>

Aleksey

On 6/10/19 9:13 AM, Davor Perkovac wrote:

</pre>

        <blockquote type="cite">

          <pre class="moz-quote-pre" wrap="">Hi,

I assume it should be possible possible to verify and sign SOAP message

using WS-Security standard with xmlsec1 command line tool.

I see there was already discussion about this or something similar -

referring to Section 3.2 from the FAQ and I was reading it but somehow

failed to apply it to my actual example.

 From what I can see the problem is with setting the correct --id-attr

parameter.

Can someone please advise on how to verify (and then later also sign)

wss SOAP XML which looks like the example here:

<a class="moz-txt-link-freetext" href="https://pastebin.com/5Q3mUtNJ">https://pastebin.com/5Q3mUtNJ</a>

Thanks!

Davor.

_______________________________________________

xmlsec mailing list

<a class="moz-txt-link-abbreviated" href="mailto:xmlsec@aleksey.com">xmlsec@aleksey.com</a>

<a class="moz-txt-link-freetext" href="http://www.aleksey.com/mailman/listinfo/xmlsec">http://www.aleksey.com/mailman/listinfo/xmlsec</a>

</pre>

        </blockquote>

      </blockquote>

      <pre class="moz-quote-pre" wrap="">

</pre>

    </blockquote>

    <br>

  </body>

</html>