[xmlsec] Missing namespace in keyinfo from xmlSecTmplSignatureEnsureKeyInfo ?

Sylvain MEILARD sylvain at meduse.homelinux.net
Tue Jul 12 08:16:05 PDT 2005

Hello !

While trying to validate with an xml schema an xmldsig/xades document i am
building, i get the following error :

element KeyInfo: Schemas validity error : Element 'KeyInfo': This element is
not expected. Expected is one of (
{http://www.w3.org/2000/09/xmldsig#}Object ).

My KeyInfo tag is generated with xmlSecTmplSignatureEnsureKeyInfo(), and when
i look at the corresponding code from xmlsec, it seems the dsig namespace is
added to the tag, but the error i get don't say so :-/

So i re-used a sample from the following page :
with a few modifications :
- removed the lines :
at the end of sign1-tmpl.xml to generate the keyinfo tag with the function i
want to use ( still xmlSecTmplSignatureEnsureKeyInfo() )

- added the following bloc in the code of sign1.c
    xmlNodePtr keyInfo = NULL;
    keyInfo = xmlSecTmplSignatureEnsureKeyInfo(node, NULL);
    if(keyInfo == NULL) {
        fprintf(stderr,"Error: keyInfo generation failed\n");
        goto done;
    xmlSecTmplKeyInfoAddX509Data(keyInfo );
    if (keyInfo->ns)
        printf("Ns of the KeyInfo tag : %x\n", keyInfo->ns->href);
        fprintf(stderr,"Error: no namespace for keyInfo !!:\n");
    if (keyInfo->nsDef)
        printf("Ns of the KeyInfo tag : %s\n", keyInfo->nsDef->href);
        fprintf(stderr,"Error: Still no namespace for keyInfo !!:\n");

just before the 2 lines :
    /* print signed document to stdout */
    xmlDocDump(stdout, doc);

When i run sign1, i got the following result :
Error: no namespace for keyInfo !!:
Error: Still no namespace for keyInfo !!:
<?xml version="1.0" encoding="UTF-8"?>
XML Security Library example: Simple signature template file for sign1 example.

So i see that :
my keyinfo tag as been added to the xml, but without any namespace :-(
If the namespace is not set, validation of my document with xml schema won't
work. Of course, i could set it manually, but i sure i missed something,
because namespace is set in all the othe tag, and what i see in the code let
me think it should be set even for keyinfo...

Could someone help me on this problem ?

thanks !!!


More information about the xmlsec mailing list