[xmlsec] Still problems signing using Reference URI

Erik F. Andersen ea at ascott.dk
Thu Nov 4 01:57:41 PST 2004


I really feel that I have exhausted every approach that I can think of to solve this problem. I need to sign a document using a Reference URI but it fails every time. I can only sign the document using a Reference Id. I hope someone can help. Below is what I think are the essentials of my document (the whole document is much larger).

The call to xmlSecDSigCtxSign will fail. It fails in xpath.c in the function xmlSecXPathDataExecute with the message "expr=xpointer(id('Id-058b5a86-a1dd-4188-9920-8315c3f84eae'))".

I know what has been said about using wsu:Id but I don't have any choice. That's why I added the DOCTYPE. Please someone, make my day :-) This is driving me nuts.

It it matters any I'm running this on a Windows XP OS using the latest binaries of all necessary libraries.

Thanks all,

Erik F. Andersen

<?xml version="1.0"?>
<!DOCTYPE soap:Envelope [
<!ATTLIST soap:Body wsu:Id ID #IMPLIED>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext" soap:mustUnderstand="1">
   <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
     <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> 
     <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> 
      <Reference URI="#Id-058b5a86-a1dd-4188-9920-8315c3f84eae">
        <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> 
       <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> 
       <DigestValue /> 
 <soap:Body xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility" wsu:Id="Id-058b5a86-a1dd-4188-9920-8315c3f84eae">

More information about the xmlsec mailing list