[xmlsec] xmlsec1 can't verify a signature (problem with --id-attr or --node-id ?)

pfx pf.prologue at gmail.com
Mon Nov 10 07:32:51 PST 2014 

I'm not sure ... Even if the signature is not valid, xmlsec can displays 
the PreDidest data

After a lot of debug, I found the reason (but not the solution)

The file I want to check is strange ...

It contains 2 references in <ds:SignedInfo>

The first reference is correct (#B01201438 references an id of a parent 
element)

                     <ds:Reference URI="#B01201438">
                         <ds:Transforms>
                             <ds:Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                             <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </ds:Transforms>
                         [...]

The second reference also contains a <ds:Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
(#IDC1141029105704p0100_SP references a Xades SignedProperties element 
=> Signature/Object/QualifyingProperties/SignedProperties, therefore 
it's a child element of ds:Signature)

                     <ds:Reference URI="#IDC1141029105704p0100_SP">
                         <ds:Transforms>
                             <ds:Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                             <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </ds:Transforms>
                         [...]

When xmlsec processes this reference, the output of C14N is empty
If I remove the <ds:Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>, the 
output of C14N is correct
my knowledge is that "enveloped-signature" removes the node "Signature" 
from the tree of signed data

I do not understand the side effect of "enveloped-signature". In the 
best case, xmlsec should ignore the additional <ds:Transform ... 
enveloped-signature"/> (ie returns the whole sub tree)

what is your opinion ?

Le 07/11/2014 17:25, Aleksey Sanin a écrit :
> Well, according to the output.txt file, xmlsec simply stops on the
> first failed Reference element since the signature will not be valid
> anyway (see while() loop at the end of the
> xmlSecDSigCtxProcessSignedInfoNode() function).
>
> Aleksey
>
> On 11/7/14 4:31 AM, pfx wrote:
>> Hi!
>>
>> I have a signed xml file with Xades information
>> I try to verify the signature with:
>>
>> $ xmlsec1 --verify --id-attr:Id Bordereau --id-attr:Id Signature
>> --id-attr:Id SignedProperties --node-id IDC1141029105800p0100 test.xml
>> func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=229:obj=sha1:subj=unknown:error=12:invalid
>> data:data and digest do not match
>> FAIL
>> SignedInfo References (ok/all): 1/2
>>
>> The first part of the signature is validate by xmlsec1
>> but it seems that xmlsec1 can't access to the second part (Xades
>> information)
>>
>> If I use the "--store-references" flags, I can see the "PreDigest data"
>> of the first part, but xmlsec1 never displays the "PreDigest data" of
>> the second part
>>
>> Here an extract of the file
>>          <Bordereau Id="*B01201462*">
>>              <BlocBordereau>
>>              ...
>>              <ds:Signature Id="IDC1141029105800p0100">
>>                  <ds:SignedInfo>
>>                      <ds:CanonicalizationMethod
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>>                      <ds:SignatureMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
>>                      <ds:Reference URI="#*B01201462*">
>>                          <ds:Transforms>
>>                              <ds:Transform
>> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
>>                              <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>>                          </ds:Transforms>
>>                          <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>>                         
>> <ds:DigestValue>m24cE8pHsEwYBbVnCcUGUT49i3g=</ds:DigestValue>
>>                      </ds:Reference>
>>                      <ds:Reference URI="#*IDC1141029105800p0100_SP*">
>>                          <ds:Transforms>
>>                              <ds:Transform
>> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
>>                              <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>>                          </ds:Transforms>
>>                          <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>>                         
>> <ds:DigestValue>OgLDEJDln8+bp7jX1pxs5j/0poM=</ds:DigestValue>
>>                      </ds:Reference>
>>                  </ds:SignedInfo>
>>                  ...
>>                  <ds:Object Id="IDC1141029105800p0100_QI">
>>                      <xad:QualifyingProperties
>> Target="IDC1141029105800p0100">
>>                          <xad:SignedProperties
>> Id="*IDC1141029105800p0100_SP*">
>>                              <xad:SignedSignatureProperties>
>>                                 
>> <xad:SigningTime>2014-10-29T09:58:00.191Z</xad:SigningTime>
>>              </ds:Signature>
>>          </Bordereau>
>>
>> And an extract of the output
>>      = REFERENCE VERIFICATION CONTEXT
>>      == Status: succeeded
>>      == URI: "#B01201462"
>> [...]
>>      === uri:
>>      === uri xpointer expr: #B01201462
>>      === Transform: xpointer
>> (href=http://www.w3.org/2001/04/xmldsig-more/xptr)
>>      === Transform: enveloped-signature
>> (href=http://www.w3.org/2000/09/xmldsig#enveloped-signature)
>>      === Transform: exc-c14n (href=http://www.w3.org/2001/10/xml-exc-c14n#)
>>      === Transform: membuf-transform (href=NULL)
>>      === Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1)
>>      === Transform: membuf-transform (href=NULL)
>>      == Digest Method:
>>      === Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1)
>>      == PreDigest data - start buffer:
>>      <Bordereau Id="B01201462"><BlocBordereau><Exer
>> V="2014"></Exer>.........</Bordereau>
>>      == PreDigest data - end buffer
>>      = REFERENCE VERIFICATION CONTEXT
>>      == Status: invalid
>>      == URI: "#IDC1141029105800p0100_SP"
>> [...]
>>      === uri:
>>      === uri xpointer expr: #IDC1141029105800p0100_SP
>>      === Transform: xpointer
>> (href=http://www.w3.org/2001/04/xmldsig-more/xptr)
>>      === Transform: enveloped-signature
>> (href=http://www.w3.org/2000/09/xmldsig#enveloped-signature)
>>      === Transform: exc-c14n (href=http://www.w3.org/2001/10/xml-exc-c14n#)
>>      === Transform: membuf-transform (href=NULL)
>>      === Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1)
>>      === Transform: membuf-transform (href=NULL)
>>      == Digest Method:
>>      === Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1)
>> => No PreDigest data here !
>>
>> where is my mistake ?
>>
>> I use xmlsec 1.2.18 (openssl)
>> (here the full xml file and xmlsec output => http://dl.free.fr/ekDbPkF63)
>>
>> Regards,
>>
>>
>>
>> _______________________________________________
>> xmlsec mailing list
>> xmlsec at aleksey.com
>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20141110/545dfa3a/attachment.html>

More information about the xmlsec mailing list