[xmlsec] Cannot validate W3C's XMLDSIG examples

Mak Kolybabi mak at kolybabi.com
Tue Feb 5 11:27:56 PST 2013


I have been trying to get the XMLDSIG examples that the W3C provides working,
but the hash appears to be wrong (either in the example or calculated by
XMLSEC). Does anyone have a suggestion on how to fix this? I'm hoping that I'm
just doing something wrong.

> % xmlsec1 --version                                                                           
> xmlsec1 1.2.18 (openssl)

> % fetch http://www.w3.org/TR/xmldsig-core/signature-example-rsa.xml                                                            
> signature-example-rsa.xml                     100% of 2543  B   17 MBps
> 
> % xmlsec1 --verify signature-example-rsa.xml                       
> func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=229:obj=sha1:subj=unknown:error=12:invalid data:data and digest do not match
> FAIL
> SignedInfo References (ok/all): 0/1
> Manifests References (ok/all): 0/0
> Error: failed to verify file "signature-example-rsa.xml"

> % fetch http://www.w3.org/TR/xmldsig-core/signature-example-dsa.xml
> signature-example-dsa.xml                     100% of 3167  B 3895 kBps
> 
> % xmlsec1 --verify signature-example-dsa.xml                       
> func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=229:obj=sha1:subj=unknown:error=12:invalid data:data and digest do not match
> FAIL
> SignedInfo References (ok/all): 0/1
> Manifests References (ok/all): 0/0
> Error: failed to verify file "signature-example-dsa.xml"

-- 
Mak Kolybabi
<mak at kolybabi.com>

() ASCII Ribbon Campaign | Against HTML e-mail
/\  www.asciiribbon.org  | Against proprietary extensions



More information about the xmlsec mailing list