[xmlsec] Building xmlsec for iOs
Aleksey Sanin
aleksey at aleksey.com
Tue Jan 10 07:49:14 PST 2012
You can definitely do that but remember that the signed content
might not be a valid XML.
You will need to set this flag in the signature context:
http://www.aleksey.com/xmlsec/api/xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNEDINFO-REFERENCES:CAPS
Take a look at --store-reference option in xmlsec command line utility
for the usage example.
Aleksey
On 1/10/12 2:41 AM, Dušan Križan wrote:
> Hi Aleksey,
>
> maybe I have missed something, but I cannot find how to get the verified content.
>
> My situation is this. In one xml file I have several contents, lets say c1, c2, c3. Every content has it own signature s1, s2, s3. What I am doing is that I search node with the signature let's say s1, call the xmlSecDSigCtxVerify(ctx, s1). Somewhere inside there have to be located the content c1 and verified. I would like to be able get the c1 somehow from xmlSecDSigCtx.
>
> Of course, you can say that I can use the original xml document and find the c1. But this approach is error prone. I can do the mistake or bug. I have to be 100% sure that I am working with the c1 which has been verified by xmlSecDSigCtxVerify.
>
> Thank you in advance
> Dusan
>
>
> On Jan 9, 2012, at 4:15 PM, Aleksey Sanin wrote:
>
>> Great!
>>
>> Aleksey
>>
>> On 1/9/12 6:57 AM, Dušan Križan wrote:
>>> Hi Have found a solution. Problem seams to be in this command:
>>>
>>> libtool: link: ar cru .libs/libxmlsec1-openssl.a XMLSec-iOS/../OpenSSL-iOS/bin/iPhoneSimulator5.0.sdk/lib/libcrypto.a libxmlsec1_open
>>> ssl_la-app.o libxmlsec1_openssl_la-bn.o libxmlsec1_openssl_la-ciphers.o libxmlsec1_openssl_la-crypto.o libxmlsec1_openssl_la-digests.o libxmlsec1_openssl_la-evp.o libx
>>> mlsec1_openssl_la-hmac.o libxmlsec1_openssl_la-kw_aes.o libxmlsec1_openssl_la-kw_des.o libxmlsec1_openssl_la-kt_rsa.o libxmlsec1_openssl_la-signatures.o libxmlsec1_ope
>>> nssl_la-symkeys.o libxmlsec1_openssl_la-x509.o libxmlsec1_openssl_la-x509vfy.o
>>>
>>> Solution is to remove "libcrypto.a" from ".libs/libxmlsec1-openssl.a".
>>>
>>> What I do is this: after ./configure I run following command: sed -ie "s!\$(OPENSSL_LIBS)!\$(xOPENSSL_LIBS)!" src/openssl/Makefile
>>>
>>> Dušan
>>>
>>> On Dec 22, 2011, at 5:20 PM, Aleksey Sanin wrote:
>>>
>>>> I am not an expert on iOS but this flag sounds wrong
>>>>
>>>> -arch i386
>>>>
>>>> Aleksey
>>>>
>>>> On 12/22/11 12:46 AM, Dušan Križan wrote:
>>>>> Hi All,
>>>>>
>>>>> is there any progress on this issue?
>>>>>
>>>>> I have found maybe something interesting, but I have to idea how to
>>>>> correct it.
>>>>>
>>>>> First of all I am using version 1.2.12 because there is no libXml2
>>>>> version 2.7.4 on the iPad, there is only version 2.7.3. There is no
>>>>> possibility to upgrade iPad and if I will try to compile my own libXml
>>>>> than Apple will refuse my app from App Store.
>>>>>
>>>>> So what I have found is:
>>>>>
>>>>> *There is libxmlsec1-openssl.a created by this command:*
>>>>> rm -fr .libs/libxmlsec1-openssl.a .libs/libxmlsec1-openssl.la
>>>>> .libs/libxmlsec1-openssl.lai
>>>>> ar cru .libs/libxmlsec1-openssl.a
>>>>> <path>/XMLSec-iOS/../OpenSSL-iOS/bin/iPhoneSimulator5.0.sdk//lib/libcrypto.a
>>>>> libxmlsec1_openssl_la-app.o libxmlsec1_openssl_la-bn.o
>>>>> libxmlsec1_openssl_la-ciphers.o libxmlsec1_openssl_la-crypto.o
>>>>> libxmlsec1_openssl_la-digests.o libxmlsec1_openssl_la-evp.o
>>>>> libxmlsec1_openssl_la-hmac.o libxmlsec1_openssl_la-kw_aes.o
>>>>> libxmlsec1_openssl_la-kw_des.o libxmlsec1_openssl_la-kt_rsa.o
>>>>> libxmlsec1_openssl_la-signatures.o libxmlsec1_openssl_la-symkeys.o
>>>>> libxmlsec1_openssl_la-x509.o libxmlsec1_openssl_la-x509vfy.o
>>>>> <path>/XMLSec-iOS/../OpenSSL-iOS/bin/iPhoneSimulator5.0.sdk//lib/libcrypto.a
>>>>> ranlib .libs/libxmlsec1-openssl.a
>>>>>
>>>>> *Than follows this link error about ignoring libxmlsec1-openssl.a:*
>>>>> /Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin/gcc
>>>>> -arch i386 -g -O2 -o xmlsec1 xmlsec.o crypto.o cmdline.o
>>>>> ../src/openssl/.libs/libxmlsec1-openssl.a
>>>>> <path>/XMLSec-iOS/src/xmlsec1-1.2.12/src/.libs/libxmlsec1.a
>>>>> ../src/.libs/libxmlsec1.a
>>>>> <path>/XMLSec-iOS/../OpenSSL-iOS/bin/iPhoneSimulator5.0.sdk//lib/libcrypto.a
>>>>> -ldl -lxslt -lxml2 -lz -lpthread -licucore -lm
>>>>> ld: warning: ignoring file ../src/openssl/.libs/libxmlsec1-openssl.a,
>>>>> file was built for archive which is not the architecture being linked (i386)
>>>>> Undefined symbols for architecture i386:
>>>>> "_xmlSecOpenSSLTransformDes3CbcGetKlass", referenced from:
>>>>> _main in xmlsec.o
>>>>>
>>>>> *But if I skip "a" file and replace it directly with "o" files. Than
>>>>> everything is working correctly:*
>>>>> /Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin/gcc
>>>>> -arch i386 -g -O2 -o xmlsec1 xmlsec.o crypto.o cmdline.o
>>>>> <path>/XMLSec-iOS/src/xmlsec1-1.2.12/src/.libs/libxmlsec1.a
>>>>> ../src/.libs/libxmlsec1.a
>>>>> <path>/XMLSec-iOS/../OpenSSL-iOS/bin/iPhoneSimulator5.0.sdk//lib/libcrypto.a
>>>>> ../src/openssl/libxmlsec1_openssl_la-app.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-bn.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-ciphers.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-crypto.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-digests.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-evp.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-hmac.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-kw_aes.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-kw_des.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-kt_rsa.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-signatures.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-symkeys.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-x509.o
>>>>> ../src/openssl/libxmlsec1_openssl_la-x509vfy.o -ldl -lxslt -lxml2 -lz
>>>>> -lpthread -licucore -lm
>>>>>
>>>>> *That means there is something wrong with "ar" and "ranlib" commands.*
>>>>> Can anybody help me?
>>>>>
>>>>> Here is how xmlenc.o is compiled. It is part of libxmlsec1.a, which is
>>>>> not causing error.
>>>>> /Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin/gcc
>>>>> -arch i386 -DHAVE_CONFIG_H -I. -I. -I.. -DPACKAGE=\"xmlsec1\"
>>>>> -I../include -I../include -D__XMLS
>>>>> EC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1
>>>>> -DXMLSEC_NO_CRYPTO_DYNAMIC_LOADING=1 -I/usr/include/libxml2
>>>>> -l/usr/include/libxml2 -g -O2 -MT xmlenc.lo -MD -MP -MF .deps/xmlenc.Tpo
>>>>> -c xmlenc.c -o xmlenc.o
>>>>>
>>>>> Here is how libxmlsec1_openssl_la-symkeys.o is compiled. It is part of
>>>>> libxmlsec1-openssl.a, which is causing error.
>>>>> /Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin/gcc
>>>>> -arch i386 -DHAVE_CONFIG_H -I. -I. -I../.. -DPACKAGE=\"xmlsec1\"
>>>>> -I../../include -I../../include
>>>>> -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1
>>>>> -DXMLSEC_NO_CRYPTO_DYNAMIC_LOADING=1
>>>>> -I<path>/XMLSec-iOS/../OpenSSL-iOS/bin/iPhoneSimulator5.0.sdk//include
>>>>> -DXMLSEC_OPENSSL_098=1 -DXMLSEC_CRYPTO_OPENSSL=1 -I/usr/include/libxml2
>>>>> -I/usr/include/libxml2 -g -O2 -MT libxmlsec1_openssl_la-symkeys.lo -MD
>>>>> -MP -MF .deps/libxmlsec1_openssl_la-symkeys.Tpo -c symkeys.c -o
>>>>> libxmlsec1_openssl_la-symkeys.o
>>>>>
>>>>> Thanks a lot in advance
>>>>> Dusan
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> xmlsec mailing list
>>>>> xmlsec at aleksey.com
>>>>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>>
>
More information about the xmlsec
mailing list