[xmlsec] Enveloped signing with multiple signatures

Dmitry Belyavsky beldmit at cryptocom.ru
Tue Oct 5 05:38:25 PDT 2004


> On Mon, 4 Oct 2004, Aleksey Sanin wrote:
> > In some case, you may also need to include enveloped transform first
> > because of protocol requirements (for example, I believe ebxml requires
> > this).
> Yes, I include enveloped transform and XPath transform after that. I get
> identical digest values at 1st signatures, but digest value differs
> second time. Whether I am wrong, or it is expected result?

I have understood. I didn't really apply XPath transform but I only
added it to <Transforms> tag.

So I write smth like that:

  xpathTransform = xmlSecTransformCreate(xmlSecTransformXPathId);
  if(xpathTransform == NULL) {
    fprintf(stderr, "Error: failed to create XPath transform\n");
    goto done;
  xpathTransform->hereNode = xpathNode;

  xmlSecTransformCtxPrepend(&dsigCtx->transformCtx, xpathTransform);

and get backtrace:

func=xmlSecTransformXPathExecute:file=xpath.c:line=458:obj=unknown:subj=xmlSecPtrListGetSize(dataList) > 0:error=100:assertion:
func=xmlSecTransformDefaultPushXml:file=transforms.c:line=2371:obj=xpath:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:
func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1207:obj=unknown:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed:transform=xpath
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=614:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed:
func=xmlSecDSigCtxSign:file=xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec library function failed:
Error: signature failed

What shall I do to provide correct dataList? And what is expected as

Thank you.

SY, Dmitry Belyavsky (ICQ UIN 11116575)

More information about the xmlsec mailing list