[xmlsec] bug or failure to undestand ?

Skip Carter skip@taygeta.com
Mon, 22 Apr 2002 17:36:54 -0700 

This is a multi-part message in MIME format.
--------------9CC1A3F9AA4944D112806AE8
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

I am experimenting with your XMLsec library (0.0.3 on
Linux) and have found it to be very helpful in the
practical aspects of learning XML Digital Signatures.
Between reading the specs and playing with your
code (I compiled it with debugging turned on
and used testDSig) I think I mostly have the hang of it.

Everything seemed to be going along just fine until
I started playing with using XPath.  I created a
test file (attached) and tried to set up a signature
with an XPath transformation to just sign one elements of
the file (all the 'location' nodes).  I tried a couple of
different XPath statements but whatever I did, either
signed the entire document or signed none of the document
(I tested by changing the doc and then using testDSig
in verify mode).

Does your library presently support XPath ?
If so, I'd appreciate a pointer on how to do what I
am trying to do.

I tried:
  <XPath> self::document/content/weather/location </XPath>
and:
  <XPath> .//location </XPath>

which should be equivalent in selecting all of the
location nodes, but they did not seem to
work (they looked to me to act as if none of the file
was signed).

I have searched around the Web a bit, but I haven't
found any COMPLETE examples of the use of XPath,
so I built my tests from what I understood from the
XPath documentation.


Also, a minor problem with the configure script:
It failed to automatically find the location of
my openSSL installation in spite of it being in
the standard location ( /usr/local/ssl ), I had
to explicitly provide it with the switch
      --with-openssl=/usr/local/ssl

before the library would compile.


Thanks in advance for your help,

Skip



-- 
 Dr. Everett (Skip) Carter      Phone: 831-641-0645 FAX:  831-641-0647
 Taygeta Scientific Inc.        INTERNET: skip@taygeta.com
 1340 Munras Ave., Suite 314    WWW: http://www.taygeta.com
 Monterey, CA. 93940
--------------9CC1A3F9AA4944D112806AE8
Content-Type: text/html; charset=us-ascii;
 name="weather.xml"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="weather.xml"

<?xml version="1.0" encoding="UTF-8"?>
<document>
<header>
   <title>The latest weather</title>
</header>
<content>

<weather Id="KMRY">
<location> Monterey, Monterey Peninsula Airport, CA, United States (KMRY) 36-35-26N 121-50-51W 66M </location>
<time> Apr 19, 2002 - 10:54 AM EST / 2002.04.19 1554 UTC </time>
<wind>  from the WNW (300 degrees) at 6 MPH (5 KT) </wind>
<visibility>  10 mile(s) </visibility>
<sky> clear </sky>
<temperature>  54.0 F (12.2 C) </temperature>
<dewpt>  46.0 F (7.8 C) </dewpt>
<humidity>  74% </humidity>
<press> 30.15 in. Hg (1020 hPa) </press>
<!--  KMRY 191554Z 30005KT 10SM CLR 12/08 A3015 RMK AO2 SLP223 T01220078 -->
<!--  16 -->
</weather>

<weather Id="KSFO">
<location> San Francisco, San Francisco International Airport, CA, United States (KSFO) 37-37-11N 122-21-53W 26M </location>
<time> Apr 19, 2002 - 10:56 AM EST / 2002.04.19 1556 UTC </time>
<wind>  from the W (260 degrees) at 5 MPH (4 KT) </wind>
<visibility>  10 mile(s) </visibility>
<sky> clear </sky>
<temperature>  55.9 F (13.3 C) </temperature>
<dewpt>  39.0 F (3.9 C) </dewpt>
<humidity>  52% </humidity>
<press>  30.15 in. Hg (1020 hPa) </press>
<!--  KSFO 191556Z 26004KT 10SM CLR 13/04 A3015 RMK AO2 SLP211 T01330039 -->
<!--  16 -->
</weather>

<weather Id="KMVY">
<location> Vineyard Haven, Marthas Vineyard Airport, MA, United States (KMVY) 41-23-32N 070-37-00W 16M </location>
<time> Apr 19, 2002 - 10:53 AM EST / 2002.04.19 1553 UTC </time>
<wind>  from the S (170 degrees) at 9 MPH (8 KT) </wind>
<visibility>  6 mile(s) </visibility>
<sky> overcast </sky>
<note> haze </note>
<temperature>  55.0 F (12.8 C) </temperature>
<dewpt>  48.9 F (9.4 C) </dewpt>
<humidity>  79% </humidity>
<press>  30 in. Hg (1015 hPa) </press>
<!--  KMVY 191553Z 17008KT 6SM HZ OVC005 13/09 A3000 RMK AO2 SLP159 T01280094 -->
<!--  16 -->
</weather>

</content>
</document>

--------------9CC1A3F9AA4944D112806AE8
Content-Type: text/plain; charset=us-ascii;
 name="w4.tmpl"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="w4.tmpl"

<?xml version="1.0" encoding="UTF-8"?>
<Envelope xmlns="urn:envelope">
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
    <SignedInfo>
      <CanonicalizationMethod
               Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
      <SignatureMethod
               Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
      <Reference URI="file:///home/skip/xml/weather.xml">
        <Transforms>
	  <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
	  <XPath>
	   .//location
	  </XPath>
	  </Transform>
        </Transforms>
        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <DigestValue></DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue/>
    <KeyInfo>
	<KeyValue/>
    </KeyInfo>
  </Signature>
</Envelope>

--------------9CC1A3F9AA4944D112806AE8--