[xmlsec] verification for dsig2.c

vish ch hivisu at hotmail.com
Sat Dec 14 11:48:49 PST 2002


hi,
the error it gives is....

xmlSecSignedInfoRead (xmldsig.c:1493): error 51: invalid reference :
= XMLDSig Result (validate)
== result: FAIL
== sign method: http://www.w3.org/2000/09/xmldsig#dsa-sha1
== KEY
=== method: DSAKeyValue
=== key name: NULL
=== key type: Public
=== key origin: KeyManager
== SIGNED INFO REFERENCES
=== REFERENCE
==== ref type: SignedInfo Reference
==== result: FAIL
==== digest method: http://www.w3.org/2000/09/xmldsig#sha1
==== uri: NULL
==== type: NULL
==== id: NULL
==== start buffer:
FAIL
Error: operation failed
------------------------------------------------------------------


i used ./dsig2 DSAprivate test.xml > result.xml to generate the signature,

to verify i used

xmlsec verify --pubkey DSApubkey result.xml

Also one more thing i noticed was that the signature generated as above was 
different when compared to generated using xmlsec utility.

xmlsec sign --privkey DSApriavte test.xml > result.xml.

Here are the public and private keys i used

DSAprivate:
-----BEGIN DSA PRIVATE KEY-----
MIIBuwIBAAKBgQDUOekcieyjw7Hir0oNP8Spbt7dqhadGjMHV02a2jxGPzA8TbIc
MiQsoTHV9PVEjDdUcIWCnhkGO5UlpceknpITZk2PMpAbRZ7vd1jGttTj5GJqxsVx
D+8u78gp8lgC6u+XaHYfMbaotrSbre7qvqAXvIcRz/WX6ShL4gjI1joHPwIVAPMN
0iRyzPepJ5ddvCaf6Z/kFEK7AoGBAKKh3nIPvF5y9SHrDxm7cwCitnqA9G8sfdxX
CBEbwX+JBZ3aAnRPK06LIGhEIZ8c8Wdb1MukKY5K/cItL68ZML88l2lLw/70V4cS
yi7a0HtYlb5LEXzrnr3BHZpmFdWoTdSw8AjGh+CIdSXqRTon6Sy29VVbK6I0fAYL
K0MAlaTvAoGAPH8TuBGHuMUqUXvWF4TrWn5BTYJ2LhhCP6imncwoGIw1A/zumpt8
oSEfXVSfly98uNfaboC7/Tlz+QnjvX+dPgyGf/+A8PrZ8YvaFgkZVI5c8XXwSn6u
eIXU3oFy+8L5rRmuQLAijil/Ubl9FGHaMmu7P54Bus7DMCQOqOgfgvQCFE0JQm08
SvugJ4iyj8QfUzvf08Pk
-----END DSA PRIVATE KEY-----
DSApublic:
-----BEGIN PUBLIC KEY-----
MIIBtzCCASwGByqGSM44BAEwggEfAoGBANQ56RyJ7KPDseKvSg0/xKlu3t2qFp0a
MwdXTZraPEY/MDxNshwyJCyhMdX09USMN1RwhYKeGQY7lSWlx6SekhNmTY8ykBtF
nu93WMa21OPkYmrGxXEP7y7vyCnyWALq75dodh8xtqi2tJut7uq+oBe8hxHP9Zfp
KEviCMjWOgc/AhUA8w3SJHLM96knl128Jp/pn+QUQrsCgYEAoqHecg+8XnL1IesP
GbtzAKK2eoD0byx93FcIERvBf4kFndoCdE8rTosgaEQhnxzxZ1vUy6Qpjkr9wi0v
rxkwvzyXaUvD/vRXhxLKLtrQe1iVvksRfOuevcEdmmYV1ahN1LDwCMaH4Ih1JepF
OifpLLb1VVsrojR8BgsrQwCVpO8DgYQAAoGAPH8TuBGHuMUqUXvWF4TrWn5BTYJ2
LhhCP6imncwoGIw1A/zumpt8oSEfXVSfly98uNfaboC7/Tlz+QnjvX+dPgyGf/+A
8PrZ8YvaFgkZVI5c8XXwSn6ueIXU3oFy+8L5rRmuQLAijil/Ubl9FGHaMmu7P54B
us7DMCQOqOgfgvQ=
-----END PUBLIC KEY-----



thanks in advance,

Vish.




>What kind of errrors do you have?
>
>Aleksey
>
>vishveswar reddy challagonda wrote:
>
>>hi aleksey,
>>Thanks for your reply. I could resolve the problem just as you said and 
>>now am able to generate signature by running dsig2.c executable with 
>>dsakey.pem and test.xml. now the verification using online verifier or 
>>xmlsec utility fails. i also tried the same using public and private DSA 
>>keys generated through openssl. how do i verify the signatures?
>>thanks in advance
>>vish


_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail




More information about the xmlsec mailing list