[xmlsec] Verification fail using <x509data> element info

kjho80 at freechal.com kjho80 at freechal.com
Sat Feb 22 02:19:00 PST 2003 

i try to verify signature using info of <x509data> element.
signature is follow.

<?xml version="1.0" encoding="utf-8"?>
<envelope xmlns="urn:envelope">
  <data>
 hello, world!
  </data>
  <signature xmlns="http://www.w3.org/2000/09/xmldsig#">
    <signedinfo>
      <canonicalizationmethod algorithm="http://www.w3.org/tr/2001/rec-xml-c14n-20010315"/>
      <signaturemethod algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
      <reference uri="">
      <transforms>
          <transform algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
        </transforms>
        <digestmethod algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
        <digestvalue>9h/rqr2axe9hytv2n/tcp+3uiqq=</digestvalue>
      </reference>
    </signedinfo>
    <signaturevalue>mese9vu3j9r1/zmellcr7swateff6tq7jcr+bmd+adrmvk1kncgxymhvfcszxeuswgvpzua/hewu7xh3atg0zhkd25fwhg48z+gxqdqm9rw2caq3q1auq+f8zb6edvs6repply5ubdqxf7qpbbeyjk0mv4u+f9xnqr88hgg54oe=</signaturevalue>
    <keyinfo>
  <keyvalue/>
    <x509data>
<x509certificate>
miicujccabscbteymzq1ma0gcsqgsib3dqebbauamigamqswcqydvqqgewjlujesmbaga1ue
cbmjq2hvb25ntmftmrawdgydvqqhewdzb29tdw5nmq0wcwydvqqkewrfvfjjmrswgqydvqql
exjeuk0grgv2zwxvcgvyifrlyw0xftatbgnvbamtdevuukkgu29od2fuzzeimcagcsmgsib3
dqejarytc293agfuz0bldhjplnjllm5lddaefw0wmja1mdewmde5mzdafw0wmza1mdiwndew
mdbameqxczajbgnvbaytaktsmq4wdaydvqqiewvtzw91bdepma0ga1uebxmgr29vbkphmrqw
egydvqqkewttzwpvbmcgvw5pdjcbnzanbgkqhkig9w0baqefaaobjqawgykcgyearekqkvki
eymrb+kl+eh2z3avevksemy/s+lbwhcgobol8+lxhsm8lqnhp1dvfrdt9eqc1oucei4nscmr
y9fpc3amggaj6s+ux13wchyj2ymb+zib+pyy8k0khk5wueg84cyk+ytifmx8eiuenjwqtm13
knmaxq00yse7zhmvbiscaweaatanbgkqhkig9w0baqqfaaobgqcdkbvhtugxiaevrxykmex/
3dompcjbl9wzkvio/xndflwgmlk7jyoxe7emrjqtnujclu7r4st6woquigkfokeyvfafjozr
i3cmexceewydkthc3bl9bxw5amuirsi1aepppvkqms9rl8muowe8la+icsueinvjrzngb1qp
y20s7g==
</x509certificate>
</x509data>
    </keyinfo>
  </signature>
</envelope>

but verification failed because x509_store_ctx's error attribute assigns x509_v_err_unable_to_get_issuer_cert_locally in x509_verify_cert().

what is wrong?

system environment
 -xmlsec lib : 0.0.7
 -os : windows xp
 -openssl : 0.9.6d
 -certificate : self signed


이제 마스터하자! FMS 신청하고 혜택 받기
http://home.freechal.com/etc/event/fms/FMSEvent20.asp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20030222/fad4d031/attachment.htm

More information about the xmlsec mailing list