[xmlsec] xmlsec Digest, Vol 88, Issue 7

luiz at xharbour.com.br luiz at xharbour.com.br
Tue Aug 30 08:02:36 PDT 2011 

Hi cristian

I got an similar problem  as yours due Id keyword

i fixed by adding

    '<!DOCTYPE test [<!ATTLIST infNFe Id ID #IMPLIED>]>'

in my xml i have

<?xml version="1.0" encoding="utf-8"?><envEvento
xmlns="http://www.portalfiscal.inf.br/nfe"
versao="1.01"><idLote>000000000000001</idLote><evento
xmlns="http://www.portalfiscal.inf.br/nfe" versao="1.01"><infEvento
Id="ID1101103511080233882300023855213000003122199996877301"><cOrgao>35</cOrgao><tpAmb>2</tpAmb><CNPJ>02338823000238</CNPJ><chNFe>35110802338823000238552130000031221999968773</chNFe><dhEvento>2011-08-15T08:44:15-03:00</dhEvento><tpEvento>110110</tpEvento><nSeqEvento>1</nSeqEvento><verEvento>1.01</verEvento></infEvento></evento></envEvento>

Note the Id tag on infEvento

i fixed to sign/verify this xml by adding !DOCTYPE after xml tag

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE test [<!ATTLIST infEvento
Id ID #IMPLIED>]><envEvento xmlns="http://www.portalfiscal.inf.br/nfe"
versao="1.01"><idLote>000000000000001</idLote><evento
xmlns="http://www.portalfiscal.inf.br/nfe" versao="1.01"><infEvento
Id="ID1101103511080233882300023855213000003122199996877301"><cOrgao>35</cOrgao><tpAmb>2</tpAmb><CNPJ>02338823000238</CNPJ><chNFe>35110802338823000238552130000031221999968773</chNFe><dhEvento>2011-08-15T08:44:15-03:00</dhEvento><tpEvento>110110</tpEvento><nSeqEvento>1</nSeqEvento><verEvento>1.01</verEvento></infEvento></evento></envEvento>


Regards
Luiz


> Thank you for the quick reply
>
> Unfortunately I can't get it to work
>
> Here is what I tried (the first 3 lines are the commands I've tried, the
> id-attr in the last one is the actual ID from the saml doc - I am that
> desperate):
>
> ~/ xmlsec1 --verify --id-attr ID --enable-visa3d-hack --trusted-pem
> FedExOffice_SSO_Base64.pem saml.xml
>
> ~/ xmlsec1 --verify --id-attr "ID" --enable-visa3d-hack --trusted-pem
> FedExOffice_SSO_Base64.pem saml.xml
>
> ~/ xmlsec1 --verify --id-attr _3b47431b-02d2-44ca-bee9-b6a5a60c7c94
> --enable-visa3d-hack --trusted-pem FedExOffice_SSO_Base64.pem saml.xml
>
> and this is the output:
>
>
> func=xmlSecTransformVisa3DHackExecute:file=xpath.c:line=1114:obj=Visa3DHackTransform:subj=xmlGetID:error=5:libxml2
> library function failed:id="_3b47431b-02d2-44ca-bee9-b6a5a60c7c94"
> func=xmlSecTransformDefaultPushXml:file=transforms.c:line=2405:obj=Visa3DHackTransform:subj=xmlSecTransformExecute:error=1:xmlsec
> library function failed:
> func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1236:obj=unknown:subj=xmlSecTransformPushXml:error=1:xmlsec
> library function failed:transform=Visa3DHackTransform
> func=xmlSecTransformCtxExecute:file=transforms.c:line=1296:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec
> library function failed:
> func=xmlSecDSigReferenceCtxProcessNode:file=xmldsig.c:line=1571:obj=unknown:subj=xmlSecTransformCtxExecute:error=1:xmlsec
> library function failed:
> func=xmlSecDSigCtxProcessSignedInfoNode:file=xmldsig.c:line=804:obj=unknown:subj=xmlSecDSigReferenceCtxProcessNode:error=1:xmlsec
> library function failed:node=Reference
> func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=547:obj=unknown:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec
> library function failed:
> func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
> library function failed:
> Error: signature failed
> ERROR
> SignedInfo References (ok/all): 0/1
> Manifests References (ok/all): 0/0
> Error: failed to verify file "saml.xml"
>
>
>
> I really need the help on this one
> Tank you
>
> Cristian Radu
>
>
>
>
> ----- Original Message -----
> From: "xmlsec-request at aleksey.com" <xmlsec-request at aleksey.com>
> To: xmlsec at aleksey.com
> Cc:
> Sent: Monday, August 29, 2011 10:00 PM
> Subject: xmlsec Digest, Vol 88, Issue 7
>
> Send xmlsec mailing list submissions to
>     xmlsec at aleksey.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
>     http://www.aleksey.com/mailman/listinfo/xmlsec
> or, via email, send a message with subject or body 'help' to
>     xmlsec-request at aleksey.com
>
> You can reach the person managing the list at
>     xmlsec-owner at aleksey.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of xmlsec digest..."
>
>
> Today's Topics:
>
>    1. ID tag related error (cristian radu)
>    2. Re: ID tag related error (Aleksey Sanin)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 29 Aug 2011 02:28:12 -0700 (PDT)
> From: cristian radu <kris_ro at yahoo.com>
> To: "xmlsec at aleksey.com" <xmlsec at aleksey.com>
> Subject: [xmlsec] ID tag related error
> Message-ID:
>     <1314610092.84239.YahooMailNeo at web30303.mail.mud.yahoo.com>
> Content-Type: text/plain; charset="us-ascii"
>
> Hello,
>
> I've installed xmlsec library and run a xml doc through it to verify the
> signature. You can find the xml doc attached. The problem is that I get a
> list of errors and the first is:
> func=xmlSecXPathDataExecute:file=xpath.c:line=273:obj=unknown:subj=xmlXPtrEval:error=5:libxml2
> library function
> failed:expr=xpointer(id('_3b47431b-02d2-44ca-bee9-b6a5a60c7c94'))
>
> I looked on FAQ section and saw the fix there but it doesn't work on my
> case (the ID tag is uppercase and its value is compliant - from what I
> know).
>
> Any help would be greatly appreciated.
>
> Cristian Radu
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: saml.xml
> Type: application/octet-stream
> Size: 5470 bytes
> Desc: not available
> URL:
> <http://www.aleksey.com/pipermail/xmlsec/attachments/20110829/1ac705f3/attachment-0001.obj>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 29 Aug 2011 06:23:23 -0700
> From: Aleksey Sanin <aleksey at aleksey.com>
> To: cristian radu <kris_ro at yahoo.com>
> Cc: "xmlsec at aleksey.com" <xmlsec at aleksey.com>
> Subject: Re: [xmlsec] ID tag related error
> Message-ID: <4E5B92CB.10309 at aleksey.com>
> Content-Type: text/plain; charset="iso-8859-1"; Format="flowed"
>
> Do what FAQ says, that's the error.
>
> Aleksey
>
>
> On 8/29/11 2:28 AM, cristian radu wrote:
>> Hello,
>>
>> I've installed xmlsec library and run a xml doc through it to verify the
>> signature. You can find the xml doc attached. The problem is that I get
>> a list of errors and the first is:
>> func=xmlSecXPathDataExecute:file=xpath.c:line=273:obj=unknown:subj=xmlXPtrEval:error=5:libxml2
>> library function
>> failed:expr=xpointer(id('_3b47431b-02d2-44ca-bee9-b6a5a60c7c94'))
>>
>> I looked on FAQ section and saw the fix there but it doesn't work on my
>> case (the ID tag is uppercase and its value is compliant - from what I
>> know).
>>
>> Any help would be greatly appreciated.
>>
>> Cristian Radu
>>
>>
>> _______________________________________________
>> xmlsec mailing list
>> xmlsec at aleksey.com
>> http://www.aleksey.com/mailman/listinfo/xmlsec
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> <http://www.aleksey.com/pipermail/xmlsec/attachments/20110829/b977ee1d/attachment-0001.html>
>
> ------------------------------
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
>
>
> End of xmlsec Digest, Vol 88, Issue 7
> *************************************
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
>

More information about the xmlsec mailing list