[xmlsec] support

leonid_antanovskii@myob.com.au leonid_antanovskii@myob.com.au
Wed, 13 Nov 2002 15:04:12 +1100


Dear Sir/Madam,

I attempted to verify the XML doc below at your OnlineVerifier
http://www.aleksey.com/xmlsec/xmldsig-verifier.html
and received the response:

####################################################################################
xmlSecSimpleX509MngrVerify: cert verification failed (18)
xmlDSigSignedInfoRead: failed to find signature key
xmlDSigSignatureRead: failed to read SignedInfo node
xmlDSigValidate: signature read failed
xmlDSigValidate: children validate failed
Error: signature failed
####################################################################################

I would appreciate it very much if you could let me know what the problem
was.

The XML doc was signed using Wedgetail XMLDsig APIs
(http://www.wedgetail.com/jcsi/xmldsig/index.html).

####################################################################################
<?xml version="1.0" encoding="UTF-8"?>

<MYOBPayload>

  <SignedBusinessTransaction Id="sign_here">

    <BankDetails>Bank Details</BankDetails>

    <Amount>$1,000,000.00</Amount>

  </SignedBusinessTransaction>

<Signature Id="signed_by_alice" xmlns="http://www.w3.org/2000/09/xmldsig#">

  <!-- JCSI XMLDSig 1.0, http://www.wedgetail.com/xmlsecurity/ -->

  <SignedInfo>

    <CanonicalizationMethod Algorithm
="http://www.w3.org/TR/2001/REC-xml-c14n-20010315">

    </CanonicalizationMethod>

    <SignatureMethod Algorithm
="http://www.w3.org/2000/09/xmldsig#dsa-sha1">

    </SignatureMethod>

    <Reference URI="#sign_here">

      <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1">

      </DigestMethod>

      <DigestValue>

        5hrKLLCSqaMDMd/OJHIy5rtBkkM=

      </DigestValue>

    </Reference>

  </SignedInfo>

  <SignatureValue>

    lL9rpSLexV1TNyHUxKek7fibulJmKCSclQh1obf/FbGTHWWXl13ALw==

  </SignatureValue>

  <KeyInfo>

    <X509Data>

      <X509Certificate>


MIIDKDCCAuYCBD2ienEwCwYHKoZIzjgEAwUAMHoxCzAJBgNVBAYTAkFVMREwDwYDVQQIEwhWaWN0b3JpYTESMBAGA1UEBxMJTWVsYm91cm5lMRQwEgYDVQQKEwtDbGVhciBXYXRlcjETMBEGA1UECxMKQWNjb3VudGluZzEZMBcGA1UEAxMQQWxpY2UgV29uZGVybGFuZDAeFw0wMjEwMDgwNjI1NTNaFw0wMzAxMDYwNjI1NTNaMHoxCzAJBgNVBAYTAkFVMREwDwYDVQQIEwhWaWN0b3JpYTESMBAGA1UEBxMJTWVsYm91cm5lMRQwEgYDVQQKEwtDbGVhciBXYXRlcjETMBEGA1UECxMKQWNjb3VudGluZzEZMBcGA1UEAxMQQWxpY2UgV29uZGVybGFuZDCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kqA4GEAAKBgC9qlsAKMJ4gUK5YfudoNE1gf279GGkg2xJeJIr1F2Liq8vPWzBrbgn5xLlW+VMQw7tqi3mv52KMGAvcJssUIlqEB8TcieBQYnBnMN1PXRsKX2pVlOVhjgY8O9WgSRkjg8SGfqOZU7qr/NhMpZYus6od2xZB2YjwoTgDfLE9++egMAsGByqGSM44BAMF
AAMvADAsAhQolkEtemvgKSAJgsp0OlmHEC3KcgIUJWVDLPVDFlxOL4YOKpC/7K5uZG4=

      </X509Certificate>

    </X509Data>

  </KeyInfo>

</Signature><Signature Id="signed_by_bob" xmlns
="http://www.w3.org/2000/09/xmldsig#">

  <!-- JCSI XMLDSig 1.0, http://www.wedgetail.com/xmlsecurity/ -->

  <SignedInfo>

    <CanonicalizationMethod Algorithm
="http://www.w3.org/TR/2001/REC-xml-c14n-20010315">

    </CanonicalizationMethod>

    <SignatureMethod Algorithm
="http://www.w3.org/2000/09/xmldsig#dsa-sha1">

    </SignatureMethod>

    <Reference URI="#sign_here">

      <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1">

      </DigestMethod>

      <DigestValue>

        5hrKLLCSqaMDMd/OJHIy5rtBkkM=

      </DigestValue>

    </Reference>

  </SignedInfo>

  <SignatureValue>

    Z+PzSocQRfsG17qz4ojaEnGk22Yg0LZNhZkOrs9ycBF9zQPveHDCyg==

  </SignatureValue>

  <KeyInfo>

    <X509Data>

      <X509Certificate>


MIIDKDCCAuYCBD2iexMwCwYHKoZIzjgEAwUAMHoxCzAJBgNVBAYTAkFVMREwDwYDVQQIEwhWaWN0b3JpYTESMBAGA1UEBxMJTWVsYm91cm5lMRQwEgYDVQQKEwtDbGVhciBXYXRlcjEXMBUGA1UECxMOUGF5cm9sbCBPZmZpY2UxFTATBgNVBAMTDEJvYiBIb29saWdhbjAeFw0wMjEwMDgwNjI4MzVaFw0wMzAxMDYwNjI4MzVaMHoxCzAJBgNVBAYTAkFVMREwDwYDVQQIEwhWaWN0b3JpYTESMBAGA1UEBxMJTWVsYm91cm5lMRQwEgYDVQQKEwtDbGVhciBXYXRlcjEXMBUGA1UECxMOUGF5cm9sbCBPZmZpY2UxFTATBgNVBAMTDEJvYiBIb29saWdhbjCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kqA4GEAAKBgFv9kM4Dh3Mtfcz49yeyttUAonEXFODBzP6+VR/ZVAcogxLEnkEoLRf0on12C4nbZ1U82VHrkd6cdCN/FAV42ijwbzQGqvAdeJ6CRkq1yQcZyMdid2vqnOetNGFqAxISjuZkkW62IMKH/i8kONctgODCXxOujWR17zDQezYnhXySMAsGByqGSM44BAMF
AAMvADAsAhQbV3kohFPiVUQtyTkel7WteZKUnAIUFU9nzwBr3kxa25v+MarEuIxw9Zo=

      </X509Certificate>

    </X509Data>

  </KeyInfo>

</Signature></MYOBPayload>
####################################################################################

Thanks you very much,

Leonid Antanovskii