[xmlsec] Error "libxml2 library function failed:expr=xpointer"

Florent contact at florentguilleux.fr
Fri Apr 24 09:06:10 PDT 2015 

Thanks for your help Aleksey.

I get "Error: <file> parameter is required for this command".

If I try

xmlsec1 --verify --id-attr:ID '' /tmp/saml-payload.xml

I get the same error:

func=xmlSecXPathDataExecute:file=xpath.c:line=273:obj=unknown:subj=xmlXPtrEval:error=5:libxml2
library function
failed:expr=xpointer(id('_16f38644-6274-4ed9-b616-dfec0ba7f160'))
func=xmlSecXPathDataListExecute:file=xpath.c:line=373:obj=unknown:subj=xmlSecXPathDataExecute:error=1:xmlsec
library function failed:
func=xmlSecTransformXPathExecute:file=xpath.c:line=483:obj=xpointer:subj=xmlSecXPathDataExecute:error=1:xmlsec
library function failed:
func=xmlSecTransformDefaultPushXml:file=transforms.c:line=2405:obj=xpointer:subj=xmlSecTransformExecute:error=1:xmlsec
library function failed:
func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1236:obj=unknown:subj=xmlSecTransformPushXml:error=1:xmlsec
library function failed:transform=xpointer
func=xmlSecTransformCtxExecute:file=transforms.c:line=1296:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec
library function failed:
func=xmlSecDSigReferenceCtxProcessNode:file=xmldsig.c:line=1571:obj=unknown:subj=xmlSecTransformCtxExecute:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxProcessSignedInfoNode:file=xmldsig.c:line=804:obj=unknown:subj=xmlSecDSigReferenceCtxProcessNode:error=1:xmlsec
library function failed:node=Reference
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=547:obj=unknown:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSignatureProcessNode:error=1:xmlsec
library function failed:
Error: signature failed
ERROR
SignedInfo References (ok/all): 0/1
Manifests References (ok/all): 0/0
Error: failed to verify file "/tmp/saml-payload.xml"

-- 
Florent

Le Ven 24 avr 2015, à 10:33, Aleksey Sanin a écrit :
> Try this command:
> 
> xmlsec1 --verify --id-attr:ID /tmp/saml-payload.xml
> 
> Aleksey
> 
> On 4/24/15 7:57 AM, Florent wrote:
> > Thanks for your answer! I checked the FAQ and tried to use the --id-attr
> > option like this
> > 
> > xmlsec1 --verify --id-attr:ID urn:oasis:names:tc:SAML:2.0:protocol
> > /tmp/saml-payload.xml
> > 
> > but I still get the same error. There is probably something obvious I'm
> > missing, here is the element where is the ID attribute.
> > 
> > <saml2p:Response Destination='https://login.myapp.com'
> > ID='_16f38644-6274-4ed9-b616-dfec0ba7f160'
> > IssueInstant='2015-04-17T15:25:40.250Z' Version='2.0'
> > xmlns:saml2p='urn:oasis:names:tc:SAML:2.0:protocol'>
> > 
> > (full xml is at http://pastebin.com/raw.php?i=irxdfPsj)
> >

More information about the xmlsec mailing list