[xmlsec] example 1 always give the same digest value
Derek Lei Liu
leiliu98 at yahoo.com
Wed Sep 25 11:28:12 PDT 2002
Emm, I don't see errors, maybe just overlooked.
Putting the couple of lines made it work. Thanks.
Derek
--- Aleksey Sanin <aleksey at aleksey.com> wrote:
> BTW, forgot to say that xmlsec application should
> print an error message
> about empty nodes set (something like "invalid nodes
> set : empty"). And you
> should have an error in OpenSSL errors stack in the
> application.
>
> Aleksey
>
> Aleksey Sanin wrote:
>
> > You can check xmlsec mailing list for detailed
> explanation but briefly
> > Id attribute
> > means *nothing* w/o a DTD or schema. In your case,
> XMLSec always
> > digests an
> > empty value simply because
> URI="#msg.194549.signedook" could not be
> > found.
> > I believe that adding something like
> > <!DOCTYPE test [
> > <!ATTLIST Data Id ID #IMPLIED>
> > ]>
> > should solve your problem (see
> xmlsec/docs/examples/dsig3/tests.tmpl
> > file for details).
> > Of course, the DTD may be external or you may add
> Id attribute manualy by
> > calling LibXML2 xmlAddID() function after loading
> the document.
> >
> > Aleksey.
> >
> >
> >
> >
> > Derek Lei Liu wrote:
> >
> >> Hi,
> >>
> >> I am trying to use example1 on Solaris. The test
> xml
> >> and the private key are attached in following. I
> >> tried to use local reference here, but found the
> >> digested value never changed even I changed the
> >> content in <Data>. I am relatively new to this
> area
> >> and the project I am working on is rather urgent
> on
> >> this part. I gdb into the test program and found
> that
> >> the first time SHA1_Update was called as for
> >> <SignInfo> (signature stuff). This function is
> >> supposed to be called for the digested value,
> right?
> >>
> >> thanks
> >>
> >> Derek
> >>
> >>
> >>
> >> <?xml version="1.0" encoding="UTF-8"?>
> >> <Top>
> >> <SecondTop id="1">
> >> <Data Id="msg.194549.signedook">
> >> <version>1.0.1</version>
> >> <StudentName>
> >> <StudentID>12111111111</StudentID>
> >>
>
<TotalCredits>111111111111111-11111111</TotalCredits>
> >> </StudentName>
> >> <Course>
> >> <CourseID>English Literature</CourseID>
> >> <date>20020901 17:20:37</date>
> >> </Course>
> >> <State>California</State>
> >> <TX>
> >> <time>20020902 00:13:24</time>
> >> <status>A</status>
> >> <Enroll>Y</Enroll>
> >> </TX>
> >> </Data>
> >> <Signature
> xmlns="http://www.w3.org/2000/09/xmldsig#">
> >> <SignedInfo>
> >> <CanonicalizationMethod
> >>
>
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-200103
> >> 15" />
> >> <SignatureMethod
> >>
>
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
> >> />
> >> <Reference URI="#msg.194549.signedook">
> >> <DigestMethod
> >>
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
> />
> >> <DigestValue></DigestValue>
> >> </Reference>
> >> </SignedInfo>
> >> <SignatureValue/>
> >> <KeyInfo>
> >> </KeyInfo>
> >> </Signature>
> >> </SecondTop>
> >> </Top>
> >>
> >>
> >> Key:
> >> ==============================
> >> -----BEGIN RSA PRIVATE KEY-----
> >>
>
MIIBOwIBAAJBAOfDoFCPxDstNv7rBqK+B9s2kU+S2JX8xWwu8mF/hbNn35EtHCz4
> >>
>
8sLANc2yFZx4/OaoTTdbCwPEpZlG3G9y6QkCAwEAAQJAA/CFVxk6gq8AElE4aafF
> >>
>
RmqlCa87U0Fasb4SjKm4QhZnovu+3ipCku2QHjAejTNWDOrV5A6GEWJXMP5GkZDX
> >>
>
AQIhAP0eADYcJbzGdvg9QinSe73jNKaJSD/EhUh/IOsWVkVRAiEA6mdeHFHUa3x8
> >>
>
BCu6qq5wUcyOH1ne1HXYvVALYugvWjkCID4D8LdRNCnJUnLFx4Uprem7VjYLYqlF
> >>
>
BAbcJvuSUHbRAiEAs3DyMIfML4Sag67eNW9YeKY5XnK0DL0ycKpoLQ1FwrECIQCB
> >> o+JQ0HvhH+v7f21QWTxA6yd+T2cPlKMTUbK6Mn+AdA==
> >> -----END RSA PRIVATE KEY-----
> >>
> >>
> >>
> __________________________________________________
> >> Do you Yahoo!?
> >> New DSL Internet Access from SBC & Yahoo!
> >> http://sbc.yahoo.com
> >> _______________________________________________
> >> xmlsec mailing list
> >> xmlsec at aleksey.com
> >> http://www.aleksey.com/mailman/listinfo/xmlsec
> >>
> >>
> >
> >
> > _______________________________________________
> > xmlsec mailing list
> > xmlsec at aleksey.com
> > http://www.aleksey.com/mailman/listinfo/xmlsec
>
>
>
__________________________________________________
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo!
http://sbc.yahoo.com
More information about the xmlsec
mailing list