[xmlsec] invalid reference
Ferenc Raffael
raffaelf@ieb.hu
Tue, 1 Apr 2003 16:31:47 +0200
--YiEDa0DAkWCtVeE4
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Hi!
There's a signed xml file, which could not be validated
with xmlsec because a reference error. However, xmlsec
doesn't tell anything about the wrong reference.
Could you take a look at it, please?
Message and cert are attached.
Thank you
--
Raffael Ferenc __,--=====-.__
Developer _________,--'_,--'/_-__-___`--._
Inter-Európa Bank Rt. {======>________,._.-------------'
+36-1-373-6495 ``---._____/
Cure the disease and kill the patient.
-- Francis Bacon
--YiEDa0DAkWCtVeE4
Content-Type: text/xml; charset=us-ascii
Content-Disposition: attachment; filename="3dsecure_dtd.xml"
<!ELEMENT ThreeDSecure (Message)*>
<!ELEMENT Message ((CRReq|CRRes|VEReq|VERes|PAReq|(PARes,Signature)|Error))>
<!ATTLIST Message id ID #REQUIRED>
<!ELEMENT CRReq (version,Merchant,serialNumber?)>
<!ELEMENT CRRes (version,CR*,serialNumber?,IReq?)>
<!ELEMENT VEReq (version,pan,Merchant,Brower?,Extension*)>
<!ELEMENT VERes (version,CH,url?,protocol*,IReq?,Extension*)>
<!ELEMENT PAReq (version,Merchant,Purchase,CH,Extension*)>
<!ELEMENT PARes (version,Merchant,Purchase,pan,TX,IReq?,Extension*)>
<!ATTLIST PARes id ID #REQUIRED>
<!ELEMENT Signature (SignedInfo,SignatureValue,KeyInfo*)>
<!ATTLIST Signature xmlns CDATA #REQUIRED>
<!ELEMENT Error (version,errorCode,errorMessage,errorDetail,vendorCode?)>
<!ELEMENT Browser (deviceCategory?,accept?,userAgent?)>
<!ELEMENT CR (begin,end,action)>
<!ELEMENT CH (enrolled?,acctID?,expiry?)>
<!ELEMENT IReq (iReqCode,iReqDetail?,vendorCode?)>
<!ELEMENT Merchant (acqBIN,merID,password?,name?,country?,url?)>
<!ELEMENT Purchase (xid,date,amount?,purchAmount,currency,exponent,desc?,Recur?,install?)>
<!ELEMENT Recur (frequency,endRecur)>
<!ELEMENT TX (time,status,cavv?,eci?,cavvAlgorithm?)>
<!ELEMENT Extension ANY>
<!ATTLIST Extension id ID #REQUIRED critical (true|false) #REQUIRED>
<!ELEMENT SignedInfo (CanonicalizationMethod,SignatureMethod,Reference)>
<!ATTLIST SignedInfo xmlns CDATA #IMPLIED>
<!ELEMENT CanonicalizationMethod (#PCDATA)>
<!ATTLIST CanonicalizationMethod Algorithm CDATA #REQUIRED>
<!ELEMENT SignatureMethod (#PCDATA)>
<!ATTLIST SignatureMethod Algorithm CDATA #REQUIRED>
<!ELEMENT Reference (DigestMethod,DigestValue)>
<!ATTLIST Reference Id ID #IMPLIED>
<!ATTLIST Reference URI CDATA #REQUIRED>
<!ELEMENT DigestMethod (#PCDATA)>
<!ATTLIST DigestMethod Algorithm CDATA #REQUIRED>
<!ELEMENT DigestValue (#PCDATA)>
<!ELEMENT SignatureValue (#PCDATA)>
<!ELEMENT KeyInfo (X509Data)>
<!ELEMENT X509Data (X509SubjectName,X509Certificate*)>
<!ELEMENT X509SubjectName (#PCDATA)>
<!ELEMENT X509Certificate (#PCDATA)>
<!ELEMENT accept (#PCDATA)>
<!ELEMENT acctID (#PCDATA)>
<!ELEMENT action (#PCDATA)>
<!ELEMENT acqBIN (#PCDATA)>
<!ELEMENT amount (#PCDATA)>
<!ELEMENT begin (#PCDATA)>
<!ELEMENT cavv (#PCDATA)>
<!ELEMENT cavvAlgorithm (#PCDATA)>
<!ELEMENT country (#PCDATA)>
<!ELEMENT currency (#PCDATA)>
<!ELEMENT date (#PCDATA)>
<!ELEMENT desc (#PCDATA)>
<!ELEMENT deviceCategory (#PCDATA)>
<!ELEMENT eci (#PCDATA)>
<!ELEMENT end (#PCDATA)>
<!ELEMENT endRecur (#PCDATA)>
<!ELEMENT enrolled (#PCDATA)>
<!ELEMENT errorCode (#PCDATA)>
<!ELEMENT errorDetail (#PCDATA)>
<!ELEMENT errorMessage (#PCDATA)>
<!ELEMENT expiry (#PCDATA)>
<!ELEMENT exponent (#PCDATA)>
<!ELEMENT frequency (#PCDATA)>
<!ELEMENT install (#PCDATA)>
<!ELEMENT iReqCode (#PCDATA)>
<!ELEMENT iReqDetail (#PCDATA)>
<!ELEMENT merID (#PCDATA)>
<!ELEMENT name (#PCDATA)>
<!ELEMENT pan (#PCDATA)>
<!ELEMENT password (#PCDATA)>
<!ELEMENT protocol (#PCDATA)>
<!ELEMENT purchAmount (#PCDATA)>
<!ELEMENT erialNumber (#PCDATA)>
<!ELEMENT status (#PCDATA)>
<!ELEMENT time (#PCDATA)>
<!ELEMENT url (#PCDATA)>
<!ELEMENT userAgent (#PCDATA)>
<!ELEMENT vendorCode (#PCDATA)>
<!ELEMENT version (#PCDATA)>
<!ELEMENT xid (#PCDATA)>
--YiEDa0DAkWCtVeE4
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: attachment; filename="GP2ROOTW.B64"
-----BEGIN CERTIFICATE-----
MIIDgDCCAmigAwIBAgICAx4wDQYJKoZIhvcNAQEFBQAwYTELMAkGA1UEBhMCVVMxDTALBgNV
BAoTBFZJU0ExLzAtBgNVBAsTJlZpc2EgSW50ZXJuYXRpb25hbCBTZXJ2aWNlIEFzc29jaWF0
aW9uMRIwEAYDVQQDEwlHUCBSb290IDIwHhcNMDAwODE2MjI1MTAwWhcNMjAwODE1MjM1OTAw
WjBhMQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h
dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xEjAQBgNVBAMTCUdQIFJvb3QgMjCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkBcLWqxEDwq2omYXkZAPy/mzdZDK9vZBv42pWU
JGkzEXDK41Z0ohdXZFwgBuHW73G3O/erwWnQSaSxBNf0V2KJXLB1LRckaeNCYOTudNargFbY
iCjh+20i/SN8RnNPflRzHqgsVVh1t0zzWkWlAhr62p3DRcMiXvOL8WAp0sdftAw6UYPvMPjU
58fy+pmjIlC++QU3o63tmsPm7IgbthknGziLgE3sucfFicv8GjLtI/C1AVj59o/ghalMCXI5
Etuz9c9OYmTaxhkVOmMd6RdVoUwiPDQyRvhlV7or7zaMavrZ2UT0qt2E1w0cslSsMoW0ZA3e
QbuxNMYBhjJk1Z8CAwEAAaNCMEAwHQYDVR0OBBYEFJ59SzS/ca3CBfYDdYDOqU8axCRMMA8G
A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQAhpXYU
VfmtJ3CPPPTVbMjMCqujmAuKBiPFyWHbmQdpNSYx/scuhMKZYdQN6X0uEyt8joW2hcdLzzW2
LEc9zikv2G+fiRxkk78IvXbQkIqUs38oW26sTTMs7WXcFsziza6kPWKSBpUmv9+55CCmc2rB
vveURNZNbyoLaxhNdBA2aGpawWqn3TYpjLgwi08hPwAuVDAHOrqK5MOeyti12HvOdUVmB/Rt
Ldh6yumJivIj2C/LbgA2T/vwLwHMD8AiZfSr4k5hLQOCfZEWtTDVFN5ex5D8ofyrEK9ca3Cn
B+8phuiyJccg/ybdd+95RBTEvd07xQObdyPsoOy7Wjm1zK0G
-----END CERTIFICATE-----
--YiEDa0DAkWCtVeE4
Content-Type: text/xml; charset=us-ascii
Content-Disposition: attachment; filename="pares.xml"
Content-Transfer-Encoding: quoted-printable
<ThreeDSecure><Message id=3D"msg.176"><PARes id=3D"msg.561748.signed"><vers=
ion>1.0.2</version><Merchant><acqBIN>401200</acqBIN><merID>401200123456789<=
/merID></Merchant><Purchase><xid>pIWnzlMVEdeR86A+LgoBxwECAwc=3D</xid><date>=
20030310 16:30:45</date><purchAmount>100</purchAmount><currency>840</curren=
cy><exponent>2</exponent></Purchase><pan>0000XXXXXXXX1237</pan><TX><time>20=
030310 16:31:55</time><status>Y</status><cavv>AAABIDdEMyF5JoIgYEQzAAAAAAA=
=3D</cavv><eci>05</eci><cavvAlgorithm>2</cavvAlgorithm></TX></PARes><Signat=
ure xmlns=3D"http://www.w3.org/2000/09/xmldsig#"><SignedInfo xmlns=3D"http:=
//www.w3.org/2000/09/xmldsig#"><CanonicalizationMethod Algorithm=3D"http://=
www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod><Signatu=
reMethod Algorithm=3D"http://www.w3.org/2000/09/xmldsig#rsa-sha1"></Signatu=
reMethod><Reference URI=3D"#msg.561748.signed"><DigestMethod Algorithm=3D"h=
ttp://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>5kKWY2Km=
uMEOGV5tWyG1tEu3uUk=3D</DigestValue></Reference></SignedInfo><SignatureValu=
e>oaXVKiahTtY9/T6wN26rVMW8klIZqC7DlNjTjknwmJ1yuObv8PDGIJkW6WKtMawRYr7PzKK0n=
NMXtucpOXED4m8LuS5Qu1esTgDYgIT7O8KwL3/rTQ8xnaQ7iLeiyIuQr2V+TZO53YN8Yk1zFRzi=
svNTIYGVWZVVveCAELvhkJA=3D</SignatureValue><KeyInfo><X509Data><X509Certific=
ate>MIIDFTCCAn6gAwIBAgICB8swDQYJKoZIhvcNAQEFBQAwdTELMAkGA1UEBhMCVVMxDTALBgN=
VBAoTBFZJU0ExLzAtBgNVBAsTJlZpc2EgSW50ZXJuYXRpb25hbCBTZXJ2aWNlIEFzc29jaWF0aW=
9uMSYwJAYDVQQDEx1WaXNhIEF1dGhlbnRpY2F0ZWQgUGF5bWVudCBDQTAeFw0wMjA1MDIwMTAwM=
DBaFw0wNDA1MDEyMzU5MDBaMFkxCzAJBgNVBAYTAkdCMRUwEwYDVQQKEwxWaXNhIEVVIFRlc3Qx=
EjAQBgNVBAsTCUJUIElnbml0ZTEfMB0GA1UEAxMWVGVzdCBCYW5rIDEwMSBwcm90b2NvbDCBnzA=
NBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzlxvoPfSFjkZ+vD8ev5NAAs7vPqqs7NHjTfl7tORmS=
K36YTNlZ0JQ7kV0judaGosWCm/IftHYvDEXTH+r92SL4kXI4k0RK/jTQHZQU11pTYX68vCCAZzD=
1uXIlnppHZG1UFMAxvxj7sY6oBPuwpW0odXErr2mLT0JaT7tzYn9McCAwEAAaOBzzCBzDCBjAYD=
VR0jBIGEMIGBgBSrtlIq7sQcr6+YBN1fqyAIOBOeoaFlpGMwYTELMAkGA1UEBhMCVVMxDTALBgN=
VBAoTBFZJU0ExLzAtBgNVBAsTJlZpc2EgSW50ZXJuYXRpb25hbCBTZXJ2aWNlIEFzc29jaWF0aW=
9uMRIwEAYDVQQDEwlHUCBSb290IDKCAgZOMB0GA1UdDgQWBBS7lsM7bLGRO6Ku+vTD0U6wlTN43=
zAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOBgQAGOQmymV22=
wnfIQHdE32h7IO170PAY/SAM3YokxbG9qGc8wbe3nH2k7420206rNIeLeCvV12J1b2A763qcfi/=
1ZIaP8vb6rCEN2YuMuwfS90/V4iA4onFdTdh0DFckgZ2SuDJd3+84eMLQ+gDAYG9uwF6vYtg5kS=
JpMcGQsdcxRQ=3D=3D</X509Certificate><X509Certificate>MIIDgDCCAmigAwIBAgICAx=
4wDQYJKoZIhvcNAQEFBQAwYTELMAkGA1UEBhMCVVMxDTALBgNVBAoTBFZJU0ExLzAtBgNVBAsTJ=
lZpc2EgSW50ZXJuYXRpb25hbCBTZXJ2aWNlIEFzc29jaWF0aW9uMRIwEAYDVQQDEwlHUCBSb290=
IDIwHhcNMDAwODE2MjI1MTAwWhcNMjAwODE1MjM1OTAwWjBhMQswCQYDVQQGEwJVUzENMAsGA1U=
EChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb2=
4xEjAQBgNVBAMTCUdQIFJvb3QgMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkBc=
LWqxEDwq2omYXkZAPy/mzdZDK9vZBv42pWUJGkzEXDK41Z0ohdXZFwgBuHW73G3O/erwWnQSaSx=
BNf0V2KJXLB1LRckaeNCYOTudNargFbYiCjh+20i/SN8RnNPflRzHqgsVVh1t0zzWkWlAhr62p3=
DRcMiXvOL8WAp0sdftAw6UYPvMPjU58fy+pmjIlC++QU3o63tmsPm7IgbthknGziLgE3sucfFic=
v8GjLtI/C1AVj59o/ghalMCXI5Etuz9c9OYmTaxhkVOmMd6RdVoUwiPDQyRvhlV7or7zaMavrZ2=
UT0qt2E1w0cslSsMoW0ZA3eQbuxNMYBhjJk1Z8CAwEAAaNCMEAwHQYDVR0OBBYEFJ59SzS/ca3C=
BfYDdYDOqU8axCRMMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQE=
BBQUAA4IBAQAhpXYUVfmtJ3CPPPTVbMjMCqujmAuKBiPFyWHbmQdpNSYx/scuhMKZYdQN6X0uEy=
t8joW2hcdLzzW2LEc9zikv2G+fiRxkk78IvXbQkIqUs38oW26sTTMs7WXcFsziza6kPWKSBpUmv=
9+55CCmc2rBvveURNZNbyoLaxhNdBA2aGpawWqn3TYpjLgwi08hPwAuVDAHOrqK5MOeyti12HvO=
dUVmB/RtLdh6yumJivIj2C/LbgA2T/vwLwHMD8AiZfSr4k5hLQOCfZEWtTDVFN5ex5D8ofyrEK9=
ca3CnB+8phuiyJccg/ybdd+95RBTEvd07xQObdyPsoOy7Wjm1zK0G</X509Certificate><X50=
9Certificate>MIIDpDCCAoygAwIBAgICBk4wDQYJKoZIhvcNAQEFBQAwYTELMAkGA1UEBhMCVV=
MxDTALBgNVBAoTBFZJU0ExLzAtBgNVBAsTJlZpc2EgSW50ZXJuYXRpb25hbCBTZXJ2aWNlIEFzc=
29jaWF0aW9uMRIwEAYDVQQDEwlHUCBSb290IDIwHhcNMDEwOTEzMTgxODAwWhcNMTEwOTEzMjM1=
OTAwWjB1MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5=
hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xJjAkBgNVBAMTHVZpc2EgQXV0aGVudGljYXRlZC=
BQYXltZW50IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQPU2Cfw5rT6UmOOX/Icybj=
vzm7wo21baeTkkubNJ7s3RqtOrfuocCM7ZB1PglF1/FM9PUU3zGHkT9DJp9V7yEt6Lkg6IhtHxY=
JOBJJX6UDgXPWvnaz5fCORU1M1YqZSZk1IJd9p2OwZ5wa06XWG+xV304nnNIdtuXzbAYGh2MFQI=
DAQABo4HVMIHSMB0GA1UdDgQWBBSrtlIq7sQcr6+YBN1fqyAIOBOeoTCBjAYDVR0jBIGEMIGBgB=
SefUs0v3GtwgX2A3WAzqlPGsQkTKFlpGMwYTELMAkGA1UEBhMCVVMxDTALBgNVBAoTBFZJU0ExL=
zAtBgNVBAsTJlZpc2EgSW50ZXJuYXRpb25hbCBTZXJ2aWNlIEFzc29jaWF0aW9uMRIwEAYDVQQD=
EwlHUCBSb290IDKCAgMeMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEDMA0GCSq=
GSIb3DQEBBQUAA4IBAQBskqiCO5o3mxUYXfAQi/XyVTkS89aa7MsSleqqQMsGq3kGhlfqMmBwq7=
yH+INXjS3uvfdc+3u63tJnxhqGFxKCAWDQaY6xSBrfomwa9+tz/XeYRguilIDj01h1POodIaj4I=
O4h3dyW+x1hKmnPo6LUXF74Yr9orNCaquLM1kmKwynYzvdOA0FINvJOahCmPjp/wl/ganWol2V2=
uHt4McyWcrxLA/p8w42LQoyzlzpvhOR5LEOJvsB+V6bGDDVKpvsLmKec8qei9Nh8pnnk6l+f8OE=
5wIrqMHJHABvgyn8JkbclRof5Tqd64tj4pJA9m7yM2PjMVR+3bSEGKluKblX6</X509Certific=
ate></X509Data></KeyInfo></Signature></Message></ThreeDSecure>
--YiEDa0DAkWCtVeE4--