[xmlsec] support
leonid_antanovskii@myob.com.au
leonid_antanovskii@myob.com.au
Wed, 13 Nov 2002 15:04:12 +1100
Dear Sir/Madam,
I attempted to verify the XML doc below at your OnlineVerifier
http://www.aleksey.com/xmlsec/xmldsig-verifier.html
and received the response:
####################################################################################
xmlSecSimpleX509MngrVerify: cert verification failed (18)
xmlDSigSignedInfoRead: failed to find signature key
xmlDSigSignatureRead: failed to read SignedInfo node
xmlDSigValidate: signature read failed
xmlDSigValidate: children validate failed
Error: signature failed
####################################################################################
I would appreciate it very much if you could let me know what the problem
was.
The XML doc was signed using Wedgetail XMLDsig APIs
(http://www.wedgetail.com/jcsi/xmldsig/index.html).
####################################################################################
<?xml version="1.0" encoding="UTF-8"?>
<MYOBPayload>
<SignedBusinessTransaction Id="sign_here">
<BankDetails>Bank Details</BankDetails>
<Amount>$1,000,000.00</Amount>
</SignedBusinessTransaction>
<Signature Id="signed_by_alice" xmlns="http://www.w3.org/2000/09/xmldsig#">
<!-- JCSI XMLDSig 1.0, http://www.wedgetail.com/xmlsecurity/ -->
<SignedInfo>
<CanonicalizationMethod Algorithm
="http://www.w3.org/TR/2001/REC-xml-c14n-20010315">
</CanonicalizationMethod>
<SignatureMethod Algorithm
="http://www.w3.org/2000/09/xmldsig#dsa-sha1">
</SignatureMethod>
<Reference URI="#sign_here">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1">
</DigestMethod>
<DigestValue>
5hrKLLCSqaMDMd/OJHIy5rtBkkM=
</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>
lL9rpSLexV1TNyHUxKek7fibulJmKCSclQh1obf/FbGTHWWXl13ALw==
</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>
MIIDKDCCAuYCBD2ienEwCwYHKoZIzjgEAwUAMHoxCzAJBgNVBAYTAkFVMREwDwYDVQQIEwhWaWN0b3JpYTESMBAGA1UEBxMJTWVsYm91cm5lMRQwEgYDVQQKEwtDbGVhciBXYXRlcjETMBEGA1UECxMKQWNjb3VudGluZzEZMBcGA1UEAxMQQWxpY2UgV29uZGVybGFuZDAeFw0wMjEwMDgwNjI1NTNaFw0wMzAxMDYwNjI1NTNaMHoxCzAJBgNVBAYTAkFVMREwDwYDVQQIEwhWaWN0b3JpYTESMBAGA1UEBxMJTWVsYm91cm5lMRQwEgYDVQQKEwtDbGVhciBXYXRlcjETMBEGA1UECxMKQWNjb3VudGluZzEZMBcGA1UEAxMQQWxpY2UgV29uZGVybGFuZDCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kqA4GEAAKBgC9qlsAKMJ4gUK5YfudoNE1gf279GGkg2xJeJIr1F2Liq8vPWzBrbgn5xLlW+VMQw7tqi3mv52KMGAvcJssUIlqEB8TcieBQYnBnMN1PXRsKX2pVlOVhjgY8O9WgSRkjg8SGfqOZU7qr/NhMpZYus6od2xZB2YjwoTgDfLE9++egMAsGByqGSM44BAMF
AAMvADAsAhQolkEtemvgKSAJgsp0OlmHEC3KcgIUJWVDLPVDFlxOL4YOKpC/7K5uZG4=
</X509Certificate>
</X509Data>
</KeyInfo>
</Signature><Signature Id="signed_by_bob" xmlns
="http://www.w3.org/2000/09/xmldsig#">
<!-- JCSI XMLDSig 1.0, http://www.wedgetail.com/xmlsecurity/ -->
<SignedInfo>
<CanonicalizationMethod Algorithm
="http://www.w3.org/TR/2001/REC-xml-c14n-20010315">
</CanonicalizationMethod>
<SignatureMethod Algorithm
="http://www.w3.org/2000/09/xmldsig#dsa-sha1">
</SignatureMethod>
<Reference URI="#sign_here">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1">
</DigestMethod>
<DigestValue>
5hrKLLCSqaMDMd/OJHIy5rtBkkM=
</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>
Z+PzSocQRfsG17qz4ojaEnGk22Yg0LZNhZkOrs9ycBF9zQPveHDCyg==
</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>
MIIDKDCCAuYCBD2iexMwCwYHKoZIzjgEAwUAMHoxCzAJBgNVBAYTAkFVMREwDwYDVQQIEwhWaWN0b3JpYTESMBAGA1UEBxMJTWVsYm91cm5lMRQwEgYDVQQKEwtDbGVhciBXYXRlcjEXMBUGA1UECxMOUGF5cm9sbCBPZmZpY2UxFTATBgNVBAMTDEJvYiBIb29saWdhbjAeFw0wMjEwMDgwNjI4MzVaFw0wMzAxMDYwNjI4MzVaMHoxCzAJBgNVBAYTAkFVMREwDwYDVQQIEwhWaWN0b3JpYTESMBAGA1UEBxMJTWVsYm91cm5lMRQwEgYDVQQKEwtDbGVhciBXYXRlcjEXMBUGA1UECxMOUGF5cm9sbCBPZmZpY2UxFTATBgNVBAMTDEJvYiBIb29saWdhbjCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kqA4GEAAKBgFv9kM4Dh3Mtfcz49yeyttUAonEXFODBzP6+VR/ZVAcogxLEnkEoLRf0on12C4nbZ1U82VHrkd6cdCN/FAV42ijwbzQGqvAdeJ6CRkq1yQcZyMdid2vqnOetNGFqAxISjuZkkW62IMKH/i8kONctgODCXxOujWR17zDQezYnhXySMAsGByqGSM44BAMF
AAMvADAsAhQbV3kohFPiVUQtyTkel7WteZKUnAIUFU9nzwBr3kxa25v+MarEuIxw9Zo=
</X509Certificate>
</X509Data>
</KeyInfo>
</Signature></MYOBPayload>
####################################################################################
Thanks you very much,
Leonid Antanovskii