[xmlsec] ref_id

Aleksey Sanin aleksey at aleksey.com
Wed Aug 13 08:41:42 PDT 2003

First of all, I would appreciate if you can use mailing list. This helps 
to share knowledge :)
Now the error you have means that this particular URI type is not 
allowed in current context
(if the error message is not enough you can look at  the line 805 in 
transforms.c). There is
a member "enabledReferenceUris" of xmlSecDSigCtx structure that 
describes which URI
types are allowed. By default, it is set to allow *any* URI type. In 
your case it is set to
something else. You either assigned a different value for this field 
somewhere or I would
guess that you have not called xmlSecDSigCtxInitialize or 
xmlSecDSigCtxCreate methods
to create the signature context and fill the structure with 0's instead.


Michiels Olivier wrote:

> Hi,
> I've added the code that register the id attribute to the verify 
> function like this:
>     if ((prototypeNode = 
> xmlSecFindNode(xmlDocGetRootElement(doc),"Prototype","http://www.xkms.org/schema/xkms-2001-01-20")) 
> == NULL) {
>         fprintf(stderr,"Error: failed to retrieve the Prototype 
> element\n");
> goto done;
>     }
>     if ((attr = xmlHasProp(prototypeNode,"Id")) == NULL) {
>         fprintf(stderr,"Error: failed to find the attribute Id\n");
> goto done;
>     }
>     if (xmlAddID(NULL,doc,"Id",attr) == NULL) {
>         fprintf(stderr,"Error: failed to add id\n");
> goto done;
>     }
> This code works but when I try to verify the xml file I've this error:
> func=xmlSecTransformCtxSetUri:file=transforms.c:line=803:obj=unknown:subj=unknown:error=33:invalid 
> URI type:uri=#refId_1
> func=xmlSecDSigReferenceCtxProcessNode:file=xmldsig.c:line=1435:obj=unknown:subj=xmlSecTransformCtxSetUri:error=1:xmlsec 
> library function failed:uri=#refId_1
> func=xmlSecDSigCtxProcessSignedInfoNode:file=xmldsig.c:line=804:obj=unknown:subj=xmlSecDSigReferenceCtxProcessNode:error=1:xmlsec 
> library function failed:node=Reference
> func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=547:obj=unknown:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec 
> library function failed:
> func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec 
> library function failed:
> Error: signature verify
> The id is defined as below:
> <xkms:Prototype Id="refId_1">
> and referenced like this:
> <dsig:Reference URI="#refId_1">
> Where is my mistake, maybe I didn't understood well what you said.
> Olivier
> On Wed, 2003-08-13 at 11:56, Aleksey Sanin wrote:
>> /Take a look at src/xmltree.c file in xmlsec distribution. There is a 
>> function
>> that registers ID attributes for <dsig:Signature/> or 
>> <enc:EncryptedData/>
>> subtrees. Just search for "xmlAddID" in the file.
>> Aleksey
>> Michiels Olivier wrote: /
>>> / Me again,
>>> sorry but it's the first time I use the libxml2 librairy and your 
>>> xmlsec librairy and I'm a little confused how to use some functions.
>>> You said that I can use the xmlAddId function to solve my problem, 
>>> but I don't know how to use that function, how to initialize the 
>>> xmlValidCtxtPtr parameter. I've check the doc of libxml2 but I 
>>> didn't found something.
>>> You're help is really appreciated.
>>> /
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20030813/0501af57/attachment.htm

More information about the xmlsec mailing list