[xmlsec] Online verifier: signed XML inside signed XML

Aleksey Sanin aleksey at aleksey.com
Thu Jul 2 20:02:43 PDT 2015 

FAQ section 3.2 if I remember correctly 

Aleksey

> On Jul 2, 2015, at 11:39 AM, miguel galvez cendegui <hdimac at gmail.com> wrote:
> 
> I am trying to verify a signed XML that contains more signed XML inside. All the signed info is referenced via ID.
> 
> I tryed <!DOCTYPE Document [<!ATTLIST Document ID ID #IMPLIED>]>
> 
> The XML structure is:
> 
> <?xml version="1.0"?>
> <DocumentEnvelope ...>
>     <Document ... ID="d1">
>         <name>Some document</name>
>         <ItemEnvelope ...>
>             <Item ... ID ="i1">Some item data</Item>
>             <Signature...>...</Signature> (Reference URI="#i1")
>         </ItemEnvelope>
>         <ItemEnvelope ...>
>             <Item ... ID="i2">Other item data</Item>
>             <Signature...>...</Signature> (Reference URI="#i2")
>         </ItemEnvelope>
>     </Document>
>     <Signature ...>...</Signature> (Reference URI="#d1")
> </DocumentEnvelope>
> 
> I can verify "the items" individually in the online verifier, but i cannot do the same with the parent "Document" and i get this error message:
> 
> func=xmlSecXPathDataExecute:file=xpath.c:line=273:obj=unknown:subj=xmlXPtrEval:error=5:libxml2 library function failed:expr=xpointer(id('DOCT33F13924P33'))
> func=xmlSecXPathDataListExecute:file=xpath.c:line=356:obj=unknown:subj=xmlSecXPathDataExecute:error=1:xmlsec library function failed: 
> func=xmlSecTransformXPathExecute:file=xpath.c:line=466:obj=xpointer:subj=xmlSecXPathDataExecute:error=1:xmlsec library function failed: 
> func=xmlSecTransformDefaultPushXml:file=transforms.c:line=2405:obj=xpointer:subj=xmlSecTransformExecute:error=1:xmlsec library function failed: 
> func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1236:obj=unknown:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed:transform=xpointer
> func=xmlSecTransformCtxExecute:file=transforms.c:line=1296:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: 
> func=xmlSecDSigReferenceCtxProcessNode:file=xmldsig.c:line=1571:obj=unknown:subj=xmlSecTransformCtxExecute:error=1:xmlsec library function failed: 
> func=xmlSecDSigCtxProcessSignedInfoNode:file=xmldsig.c:line=804:obj=unknown:subj=xmlSecDSigReferenceCtxProcessNode:error=1:xmlsec library function failed:node=Reference
> func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=547:obj=unknown:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec library function failed: 
> func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec library function failed: 
> Error: signature verification failed
> 
> How to that verification with the Xmlsec online verifier?
> 
> Thank you so much
> 
> -- 
> Miguel Gálvez

More information about the xmlsec mailing list