[xmlsec] xmlsec1 command

Aleksey Sanin aleksey at aleksey.com
Mon Jun 11 21:17:56 PDT 2012


Nope. You need all 3 to verify the signature. Or you can
build another pkcs12 file.

Aleksey


On 6/11/12 9:14 PM, Giancarlo Piva wrote:
> Aleksey
> 
> Thanks for your answer and apologies again for my limited knowledge
> Is there any way I can tell xmlsec1 to pick one them?
> 
> regards,
> 
> Carlo
> 
> On Tue, Jun 12, 2012 at 2:05 PM, Aleksey Sanin <aleksey at aleksey.com> wrote:
>> It depends on the certificate or to be precise pkcs12 file
>> you are signing with. Yours contains 3 certs.
>>
>> Aleksey
>>
>>
>> On 6/11/12 9:03 PM, Giancarlo Piva wrote:
>>> Aleksey
>>>
>>> My crypto knowledge is limited
>>> I am just trying to sign a document from the command line tool xmlsec1
>>> as proof of concept...
>>> before reading a book on cryptography.... I will better document
>>> myself for sure..
>>> and eventually read the manual.. and code my client using the xmlsec library...
>>> I was looking only for a hint as your X509 example on the web site the
>>> output file have only one "X509Certificate" node
>>> when I run the same example the output I get have multiple
>>> "X509Certificate" nodes... I dont understand why?
>>>
>>> anyway thanks for your help
>>>
>>> Carlo
>>>
>>> On Tue, Jun 12, 2012 at 1:52 PM, Aleksey Sanin <aleksey at aleksey.com> wrote:
>>>> X509Certificate nodes do not contain signatures. You might want
>>>> to read a book on cryptography.
>>>>
>>>> Aleksey
>>>>
>>>>
>>>> On 6/11/12 8:50 PM, Giancarlo Piva wrote:
>>>>> Hi Alekey
>>>>>
>>>>> That is right and that is what I am expecting as well..
>>>>>
>>>>> I tried to run my command using your xml on the web site:
>>>>>
>>>>> xmlsec1 --sign --output test.xml --pkcs12
>>>>> ./certs/8003620833337558-general.p12 --pwd Password --trusted-pem
>>>>> ./certs/output.pem ./xml/template_test.xml
>>>>>
>>>>> in the output I get multiple <X509Certificate> nodes is that normal??
>>>>>
>>>>> this is what i get:
>>>>>
>>>>> <?xml version="1.0"?>
>>>>> <References>
>>>>>  <Book>
>>>>>   <Author>
>>>>>    <FirstName>Bruce</FirstName>
>>>>>    <LastName>Schneier</LastName>
>>>>>   </Author>
>>>>>   <Title>Applied Cryptography</Title>
>>>>>  </Book>
>>>>>  <Web>
>>>>>   <Title>XMLSec</Title>
>>>>>   <Url>http://www.aleksey.com/xmlsec/</Url>
>>>>>  </Web>
>>>>>  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
>>>>>   <SignedInfo>
>>>>>    <CanonicalizationMethod
>>>>> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
>>>>>    <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
>>>>>    <Reference URI="">
>>>>>     <Transforms>
>>>>>      <Transform
>>>>> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
>>>>>     </Transforms>
>>>>>     <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>>>>>     <DigestValue>o/5EifW/Q4LVtDznvqMgBAAC21M=</DigestValue>
>>>>>    </Reference>
>>>>>   </SignedInfo>
>>>>>   <SignatureValue>jk5S8exrQmxJPwBtz4YsEY3+zhWpAaRYW2rJNRLoo7+Rkq7PWoOAkHki63Gx5BEb
>>>>> CSmk8bQ5jjqDLoxrbFVsYCmKQiiEpq+r8Kup9lyReA9aA4PRu/FpxufkPYqBXpfN
>>>>> YML85F+LCoG44xt4LQMwaZtdE7H1KX3HZ1EX3Q+yIxoVxVp2HQjO9Y+3OJUlXUGk
>>>>> t0yn/q11H/AV4mmZ2CWK+4uUKySYTg0KEhu/Z3RpG/S2VX3zHPUg769bQy/1Bihq
>>>>> 3bwyO4INAHgP3dMjuc+iTJMMLChy/ZA5zahs5npfmWKFyJSw0ggMApZsRN4Mf8s8
>>>>> oDNtKPTja7/HbFBwdbiSdA==</SignatureValue>
>>>>>   <KeyInfo>
>>>>>    <X509Data>
>>>>>
>>>>>
>>>>>
>>>>>    <X509Certificate>MIIHLDCCBhSgAwIBAgIETXl5dTANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJB
>>>>> VTESMBAGA1UEChMJTkVIVEFEZW1vMQ8wDQYDVQQLEwZSb290Q0EwHhcNMTEwNjAy
>>>>> MTUyMjQwWhcNMjEwMzExMDA0NjMzWjAxMQswCQYDVQQGEwJBVTESMBAGA1UEChMJ
>>>>> TkVIVEFEZW1vMQ4wDAYDVQQLEwVTdWJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
>>>>> ADCCAQoCggEBAN9Zc8dkNxg9pEaPRxx9Z5H8Fsxt5G7QTXhuVSqwFsxOJNLiuQq+
>>>>> Z7q9fr8nry9ulmLj9HgGiPpMqQuFhbRH0aM2kSWhiZtjybVK4d52zwiapa+WcabG
>>>>> djg8ZRZaevV6wRflwESUdyRM0g+Re8Bc+u8vEli7spKJgVNf31hvo3/zmIqiR3Vs
>>>>> YFMeT9NgqWC/rUmguwScS4v5ZLBHaJG3WfPemTvmkd8iKxxTchG0uYhoBYtOd2Gc
>>>>> vcLcj/ZWY3GRcJZIMKTIy34yWhIr1G95ZfdAD5TGfrGrv5WOgTRNGln7Kb00sedZ
>>>>> UpyIfYMeR6X6tbVsqLquS8yPgrKCc+2a9UsCAwEAAaOCBEkwggRFMA4GA1UdDwEB
>>>>> /wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMIICcAYDVR0gBIICZzCCAmMwggHY
>>>>> BgwqJAGPUYdqAQEBAQEwggHGMGgGCCsGAQUFBwIBFlxodHRwOi8vcG9saWN5LnBy
>>>>> b2Ryb290aGlnaDEucGtpLmVsZWN0cm9uaWNoZWFsdGgubmV0LmF1L3Byb2Ryb290
>>>>> aGlnaDEvcG9saWN5L05BU0hfUkNBX0NQLnBkZjCCAVgGCCsGAQUFBwICMIIBShqC
>>>>> AUZDZXJ0aWZpY2F0ZXMgdW5kZXIgdGhpcyBwb2xpY3kgYXJlIGlzc3VlZCBieSB0
>>>>> aGUgTkFTSCBSb290IENBIHRvIGl0c2VsZiBhbmQgdG8gQ0FzIHN1Ym9yZGluYXRl
>>>>> IHRvIHRoZSBOQVNIIFJvb3QgQ0EuIFJlZmVyIHRvIGh0dHA6Ly9wcm9kcm9vdGhp
>>>>> Z2gxLnBraS5lbGVjdHJvbmljaGVhbHRoLm5ldC5hdS9wcm9kcm9vdGhpZ2gxLyBm
>>>>> b3IgbW9yZSBpbmZvcm1hdGlvbi4gVXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgaXMg
>>>>> c3ViamVjdCB0byBBZ3JlZW1lbnRzIGF0IGh0dHA6Ly9wcm9kcm9vdGhpZ2gxLnBr
>>>>> aS5lbGVjdHJvbmljaGVhbHRoLm5ldC5hdS9wcm9kcm9vdGhpZ2gxLzAqBgkqJAGP
>>>>> UYdqBQIwHTAbBggrBgEFBQcCAjAPGg1Mb3cgQXNzdXJhbmNlMC8GCSokAY9Rh2oF
>>>>> AzAiMCAGCCsGAQUFBwICMBQaEk1vZGVyYXRlIEFzc3VyYW5jZTAoBgoqJAGPUYdq
>>>>> BgQAMBowGAYIKwYBBQUHAgIwDBoKSXNzdWluZyBDQTCBswYIKwYBBQUHAQEEgaYw
>>>>> gaMwVQYIKwYBBQUHMAKGSWh0dHA6Ly9uZWh0YWRlbW8ubWFuYWdlZC5lbnRydXN0
>>>>> LmNvbS9BSUEvQ2VydHNJc3N1ZWR0b05FSFRBRGVtb1Jvb3RDQS5wN2MwSgYIKwYB
>>>>> BQUHMAGGPmh0dHA6Ly9uZWh0YWRlbW8ubWFuYWdlZC5lbnRydXN0LmNvbS9PQ1NQ
>>>>> L05FSFRBUm9vdENBUmVzcG9uZGVyMIGZBgNVHR8EgZEwgY4wQaA/oD2GO2h0dHA6
>>>>> Ly9uZWh0YWRlbW8ubWFuYWdlZC5lbnRydXN0LmNvbS9DUkxzL05FSFRBREVNT1Jv
>>>>> b3QuY3JsMEmgR6BFpEMwQTELMAkGA1UEBhMCQVUxEjAQBgNVBAoTCU5FSFRBRGVt
>>>>> bzEPMA0GA1UECxMGUm9vdENBMQ0wCwYDVQQDEwRDUkwxMB8GA1UdIwQYMBaAFBDg
>>>>> Yh+sUVo0ZnLXWMH0NWk/6JFbMB0GA1UdDgQWBBRaPSKrShmC/GJzkLtwm/s56ZsS
>>>>> rDAZBgkqhkiG9n0HQQAEDDAKGwRWOC4xAwIAgTANBgkqhkiG9w0BAQUFAAOCAQEA
>>>>> XQTFvV+bBpJshxlfy9bm1gq2ZALukwYPkVB8GhKM43yqT+ZbxwC0im8PYNhbvzRB
>>>>> lzo5b50mfZcYaC97Ey5zs511qvyFAiJuZdtPTtmrEw10G+uyGqdLjL+OZTcyVwk3
>>>>> 8KAYAaSxc7BhBGxsnLf01bKUmK1HSj2anrKk/81PLIaJId2L7IfcrZFi+OlUZfAK
>>>>> THa5ayk8fxu/pI1WjHQy6+HW1IfDmKQJz+uVbTIq03XmuCW4Bwd3U2qjFhtVuQd3
>>>>> TjWcRm05d+1p/LSAKFH+jSzorewiG+URvef8Lznwbg/ChbNSaRnlLV9WQqBMsELZ
>>>>> 54vPc3pZhOkfrthJYni8jA==</X509Certificate>
>>>>> <X509SubjectName>OU=SubCA,O=NEHTADemo,C=AU</X509SubjectName>
>>>>> <X509IssuerSerial>
>>>>> <X509IssuerName>OU=RootCA,O=NEHTADemo,C=AU</X509IssuerName>
>>>>> <X509SerialNumber>1299806581</X509SerialNumber>
>>>>> </X509IssuerSerial>
>>>>> <X509Certificate>MIIDJDCCAgygAwIBAgIETXlw6TANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJB
>>>>> VTESMBAGA1UEChMJTkVIVEFEZW1vMQ8wDQYDVQQLEwZSb290Q0EwHhcNMTEwMzEx
>>>>> MDAxNjMzWhcNMjEwMzExMDA0NjMzWjAyMQswCQYDVQQGEwJBVTESMBAGA1UEChMJ
>>>>> TkVIVEFEZW1vMQ8wDQYDVQQLEwZSb290Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
>>>>> DwAwggEKAoIBAQCz3qq/Tw5CkP+gQl+uhyislJauKGzJS/uyTveAjnuqzdTR4+bC
>>>>> MFeMjIH3da770r2n52MtLgYxhCo50YJzaAKAchV2+GDK0q+KRnut7d+obSamr9Vp
>>>>> fMFtYctNvZFaRpPKCOqyz7WfOleOmtaNLv26CUnszM4/nZBcD7CNuoItyX81e4a0
>>>>> edMFvg3rqIv7OPg+NSDNYpnBB9rdmbSe1FCLBERon5gsdPGFzh8x5DLtMpZZCwL6
>>>>> Q1srclXWLMpnfMAgXDcH8FaLGHVYSfsrHQh9uCCuoV602eic+SgE66/xQ5Uy/OHV
>>>>> oZJeB1bLzAk2OxIo8pHuVCMeH178xCI1tAGdAgMBAAGjQjBAMA4GA1UdDwEB/wQE
>>>>> AwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQQ4GIfrFFaNGZy11jB9DVp
>>>>> P+iRWzANBgkqhkiG9w0BAQUFAAOCAQEAcMwGYh5iXTWjYev2+Mmm5IIUD9xRntah
>>>>> qWo/lNsWP/Lb3dVpdyxQ5hQt/nFmER7SkXHZT394/deWCdh3E2LE6AE2cIZuQYr+
>>>>> 1aHbKWYeAkCnHUjdzszuZ2bEp9FW4Y0+dlH4V71LnobHwWQre/PZFTFNlZjf1xYF
>>>>> giI5YK2MeOSsWaB2ACPkq4gDY4JnsNKK3QCX2xR/zeSG1l3Zjp8A07Z0ldvUiwfa
>>>>> IFGo8rkHkbbNifCco7d8+6NPiy0qwTG5/Htt9hb7pJ5IStoLSX6AAzKevt/GaRga
>>>>> xChYv35zMQF6Bgjkk8LXsQiA2oi8r995oFTKCDbDMYdksyK7FyoFHQ==</X509Certificate>
>>>>> <X509SubjectName>OU=RootCA,O=NEHTADemo,C=AU</X509SubjectName>
>>>>> <X509IssuerSerial>
>>>>> <X509IssuerName>OU=RootCA,O=NEHTADemo,C=AU</X509IssuerName>
>>>>> <X509SerialNumber>1299804393</X509SerialNumber>
>>>>> </X509IssuerSerial>
>>>>> <X509Certificate>MIIIvjCCB6agAwIBAgIETXqLsTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJB
>>>>> VTESMBAGA1UEChMJTkVIVEFEZW1vMQ4wDAYDVQQLEwVTdWJDQTAeFw0xMjAzMDUw
>>>>> MTQyNDlaFw0xMzAzMDUwMDAwMDBaMIGfMRIwEAYKCZImiZPyLGQBGRYCQVUxEzAR
>>>>> BgoJkiaJk/IsZAEZFgNORVQxIDAeBgoJkiaJk/IsZAEZFhBFTEVDVFJPTklDSEVB
>>>>> TFRIMRQwEgYDVQQKEwtNZWRpY2FyZTMwNTE8MDoGA1UEAxMzZ2VuZXJhbC44MDAz
>>>>> NjIwODMzMzM3NTU4LmlkLmVsZWN0cm9uaWNoZWFsdGgubmV0LmF1MIIBIjANBgkq
>>>>> hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21303diBXMqVg0Z366xYZc4qCTeHd9zf
>>>>> oHWJRAd7/YQlfMu3q21sb7MqQI3N88bmQxICn2tg5HRPKh8rB9RqGT8gzGpKiMbz
>>>>> KFxz81dzzj87gkYkLF57WiuKARKqp98nx2mTIELKcN1ahejHbo2cVjHpkQ+m17Dt
>>>>> TZJ5sUxna2OT6+qTWEBlilnjsiit2M96iNs1/Y4eySRRCDKNXF2virN/5cqzjfRk
>>>>> iKTwfgKNQ09MNeCN+wl588JKuGmIzZ8kKQveXzHEvS9eUFQid1ZOVy8x+0jeoUHO
>>>>> YTNoRb1wckdtV7eFFx5fERE/KuTvjvMchCBezZWYz0WwUXiSKX0/qQIDAQABo4IF
>>>>> bTCCBWkwDgYDVR0PAQH/BAQDAgSwMIIBMAYIKwYBBQUHAQEEggEiMIIBHjBJBggr
>>>>> BgEFBQcwAYY9aHR0cDovL25laHRhZGVtby5tYW5hZ2VkLmVudHJ1c3QuY29tL09D
>>>>> U1AvTkVIVEFTdWJDQVJlc3BvbmRlcjBUBggrBgEFBQcwAoZIaHR0cDovL25laHRh
>>>>> ZGVtby5tYW5hZ2VkLmVudHJ1c3QuY29tL0FJQS9DZXJ0c0lzc3VlZHRvTkVIVEFE
>>>>> ZW1vU3ViQ0EucDdjMHsGCCsGAQUFBzAChm9sZGFwOi8vbmVodGFkZW1vLm1hbmFn
>>>>> ZWQuZW50cnVzdC5jb20vb3U9U3ViQ0Esbz1ORUhUQURlbW8sYz1BVT9jQUNlcnRp
>>>>> ZmljYXRlO2JpbmFyeSxjcm9zc0NlcnRpZmljYXRlUGFpcjtiaW5hcnkwHQYDVR0l
>>>>> BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwggIyBgNVHSAE
>>>>> ggIpMIICJTCCAcQGDCokAY9Rh2oBAwEEAzCCAbIwZQYIKwYBBQUHAgEWWWh0dHA6
>>>>> Ly9wb2xpY3kudGVzdHN1Ym1vZDEucGtpLmVsZWN0cm9uaWNoZWFsdGgubmV0LmF1
>>>>> L3Rlc3RzdWJtb2QxL3BvbGljeS9OQVNIX0hQSU9fQ1AucGRmMIIBRwYIKwYBBQUH
>>>>> AgIwggE5GoIBNUNlcnRpZmljYXRlcyB1bmRlciB0aGlzIHBvbGljeSBhcmUgaXNz
>>>>> dWVkIGJ5IHRoZSBOQVNIIFN1Ym9yZGluYXRlIENBIHRvIEhlYWx0aGNhcmUgUHJv
>>>>> dmlkZXIgT3JnYW5pc2F0aW9ucy4gUmVmZXIgdG8gaHR0cDovL3Rlc3RzdWJtb2Qx
>>>>> LnBraS5lbGVjdHJvbmljaGVhbHRoLm5ldC5hdS90ZXN0c3VibW9kMS8gZm9yIG1v
>>>>> cmUgaW5mb3JtYXRpb24uIFVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGlzIHN1Ympl
>>>>> Y3QgdG8gQWdyZWVtZW50cyBhdCBodHRwOi8vdGVzdHN1Ym1vZDEucGtpLmVsZWN0
>>>>> cm9uaWNoZWFsdGgubmV0LmF1L3Rlc3RzdWJtb2QxLzAqBgkqJAGPUYdqBQIwHTAb
>>>>> BggrBgEFBQcCAjAPGg1Mb3cgQXNzdXJhbmNlMC8GCiokAY9Rh2oGBwMwITAfBggr
>>>>> BgEFBQcCAjATGhFXZWJTZXJ2aWNlIERldmljZTCBgQYDVR0RBHoweIIzZ2VuZXJh
>>>>> bC44MDAzNjIwODMzMzM3NTU4LmlkLmVsZWN0cm9uaWNoZWFsdGgubmV0LmF1hkFo
>>>>> dHRwOi8vbnMuZWxlY3Ryb25pY2hlYWx0aC5uZXQuYXUvaWQvaGkvaHBpby8xLjAv
>>>>> ODAwMzYyMDgzMzMzNzU1ODCB+wYDVR0fBIHzMIHwMIGjoIGgoIGdhjpodHRwOi8v
>>>>> bmVodGFkZW1vLm1hbmFnZWQuZW50cnVzdC5jb20vQ1JMcy9ORUhUQURFTU9TdWIu
>>>>> Y3Jshl9sZGFwOi8vbmVodGFkZW1vLm1hbmFnZWQuZW50cnVzdC5jb20vb3U9U3Vi
>>>>> Q0Esbz1ORUhUQURlbW8sYz1BVT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0O2Jp
>>>>> bmFyeTBIoEagRKRCMEAxCzAJBgNVBAYTAkFVMRIwEAYDVQQKEwlORUhUQURlbW8x
>>>>> DjAMBgNVBAsTBVN1YkNBMQ0wCwYDVQQDEwRDUkw4MB8GA1UdIwQYMBaAFFo9IqtK
>>>>> GYL8YnOQu3Cb+znpmxKsMB0GA1UdDgQWBBTJ0D/1ayPl4d+NQZLxTUdJVGr/ZDAN
>>>>> BgkqhkiG9w0BAQUFAAOCAQEAEFvbTBlGeI1rj8mNZDQtoNN7pFdR1WH3N1Exbcez
>>>>> +zoUncZXAIqmvVG/pTxuDpaLx2Kg+JIBbYZSvFp/RRiea3DuV416c7yqcsbfBhMO
>>>>> pwqZs8e0UUKKMugrSy7Z2DXCTjGlxNw9gR8QDdz+ddn98dRqAlh/UV289sFBNEbK
>>>>> 5PLtjgtUxhqzn9CKmxgLO2RUkIJvWmVDRF+SvOzb8/QcGk3OX3YlWFlMeTsaHMyK
>>>>> KKnbmkrGRlj1sfK4OUWmdaLKWbIhvA2eBf5iHlwSiZ0I2LuXp2TI29KCPmCaHmkd
>>>>> h1AZzEQWh1sXCpUScS+dNkKaJiqMvuPRVBFniv5W/XZjNg==</X509Certificate>
>>>>> <X509SubjectName>CN=general.8003620833337558.id.electronichealth.net.au,O=Medicare305,DC=ELECTRONICHEALTH,DC=NET,DC=AU</X509SubjectName>
>>>>> <X509IssuerSerial>
>>>>> <X509IssuerName>OU=SubCA,O=NEHTADemo,C=AU</X509IssuerName>
>>>>> <X509SerialNumber>1299876785</X509SerialNumber>
>>>>> </X509IssuerSerial>
>>>>> </X509Data>
>>>>>    <KeyValue>
>>>>> <RSAKeyValue>
>>>>> <Modulus>
>>>>> 21303diBXMqVg0Z366xYZc4qCTeHd9zfoHWJRAd7/YQlfMu3q21sb7MqQI3N88bm
>>>>> QxICn2tg5HRPKh8rB9RqGT8gzGpKiMbzKFxz81dzzj87gkYkLF57WiuKARKqp98n
>>>>> x2mTIELKcN1ahejHbo2cVjHpkQ+m17DtTZJ5sUxna2OT6+qTWEBlilnjsiit2M96
>>>>> iNs1/Y4eySRRCDKNXF2virN/5cqzjfRkiKTwfgKNQ09MNeCN+wl588JKuGmIzZ8k
>>>>> KQveXzHEvS9eUFQid1ZOVy8x+0jeoUHOYTNoRb1wckdtV7eFFx5fERE/KuTvjvMc
>>>>> hCBezZWYz0WwUXiSKX0/qQ==
>>>>> </Modulus>
>>>>> <Exponent>
>>>>> AQAB
>>>>> </Exponent>
>>>>> </RSAKeyValue>
>>>>> </KeyValue>
>>>>>   </KeyInfo>
>>>>>  </Signature>
>>>>> </References>
>>>>>
>>>>>
>>>>>
>>>>> On Tue, Jun 12, 2012 at 12:53 PM, Aleksey Sanin <aleksey at aleksey.com> wrote:
>>>>>> Not sure what do you mean. There should be 3 digests and one signature.
>>>>>>
>>>>>> Aleksey
>>>>>>
>>>>>>
>>>>>> On 6/11/12 6:58 PM, Giancarlo Piva wrote:
>>>>>>> Hi Aleksey,
>>>>>>>
>>>>>>> I am tring to use xmlsec1 in linux to sign multiple parts of an xml
>>>>>>> document (header, body, timestamp)
>>>>>>> in my template i have 3 digests with 3 uris
>>>>>>> xmlsec works fine but I end up with three signature instead of one in
>>>>>>> the output file
>>>>>>>
>>>>>>> I am using xmlsec1 --sign --output test.xml --pkcs12 ./certs/cert.p12
>>>>>>> --pwd Password --trusted-pem ./certs/RootCA.crt ./xml/template.xml
>>>>>>>
>>>>>>> is there an option to sign multiple part of a doc via command line?
>>>>>>>
>>>>>>> Kind Regards,
>>>>>>>
>>>>>>> Carlo
>>>>>>>
>>>>>>
>>>>
>>



More information about the xmlsec mailing list