[xmlsec] DigestValue, xmlsec failure, need guidance.

Artur BUJDOSO artur.bujdoso at saveas.hu
Thu Mar 11 04:17:10 PST 2004


Is there a way to declare an ID attribute, if it's not present by 
Id="Body" in the Referenced tag? I mean, I got <soapenv:Body> but no 
<soapenv:Body Id="Body">. The latter is accepted by XMLSEC, but true, it 
modifies the verified document.

Artur

Aleksey Sanin wrote:

>If you modified the signed document then you'll 
>get a different digest. Either use external DTD or 
>declare ID attributes from your program as explained
>in the FAQ.
>
>Aleksey
>
>
>Artur BUJDOSO wrote on 3/10/2004, 10:30 AM:
>  
>
>>Thanks for the reply. 
>>
>>Yes, I've read it and tried to declare at the beginning at the document 
>>the Reference ID, and even tried to replace the URI to ID. 
>>Following (short) result: 
>>
>>func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=164:obj=sha1:subj=unknown:error=12:invalid data:data and digest do not match 
>>
>>The PreDigest data buffer, seems to contain the whole document, is this 
>>normal? 
>>
>>Since the author of the document generator admitted that he isn't sure about standards at all, it might be a wrong DigestValue. 
>>
>>Artur 
>>
>>
>>
>>Aleksey Sanin wrote: 
>>
>>    
>>
>>>Section 3.2 from the FAQ http://www.aleksey.com/xmlsec/faq.html 
>>>
>>>Aleksey 
>>>
>>>Artur BUJDOSO wrote on 3/10/2004, 7:25 AM: 
>>> 
>>>
>>>      
>>>
>>>>func=xmlSecXPathDataExecute:file=xpath.c:line=273:obj=unknown:subj=xmlXPtrEval:error=5:libxml2 
>>>>library function failed:expr=xpointer(id('Body')) 
>>>>   
>>>>
>>>>        
>>>>
>>_______________________________________________ 
>>xmlsec mailing list 
>>xmlsec at aleksey.com 
>>http://www.aleksey.com/mailman/listinfo/xmlsec 
>>    
>>




More information about the xmlsec mailing list