[xmlsec] Problem in verifying XML signature

aLexwU alexwu at hyweb.com.tw
Tue May 4 00:52:08 PDT 2004 

Hello,

    There is one strange case.
    By using xmlSec, I was failed to verify XML signature with error 'signature do not match' returned.
    But it can be successful verifyed by using other software. (http://www.infomosaic.net/XMLSign/SecureXMLVerifyWS.htm)

    I modified the example code (verify3.c) to do this task.
    The message is 3-D secure message, I add the needed code according the FAQ 3.1, 3.2. 
    I've successful to verify other messages. But just only this one is failed .

    Do I lost something?

    Thanks.

aLexwU.


testing message:

<ThreeDSecure>
  <Message id="PAReq20040504000723bMiUUBqRm">
    <PARes id="PARes11333">
      <version>1.0.2</version>
      <Merchant>
        <acqBIN>11111111111</acqBIN>
        <merID>12AB,cd/34-EF  -g,5/H-67</merID>
      </Merchant>
      <Purchase>
        <xid>MTkzOTExMzkwMDEyMzQ1Njc4OTA=</xid>
        <date>20030919 12:10:43</date>
        <purchAmount>123456</purchAmount>
        <currency>840</currency>
        <exponent>2</exponent>
      </Purchase>
      <pan>0000000000000771</pan>
      <TX>
        <time>20030919 14:19:18</time>
        <status>Y</status>
        <cavv>AAABASOUYINCIYFQKZRgAAAAAAA=</cavv>
        <eci>05</eci>
        <cavvAlgorithm>1</cavvAlgorithm>
      </TX>
    </PARes>
    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
      <SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
        <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod>
        <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></SignatureMethod>
        <Reference URI="#PARes11333">
          <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod>
          <DigestValue>10gmc514zBMGZy2Rh75QBIqt748=</DigestValue>
        </Reference>
      </SignedInfo>
      <SignatureValue>jaFSdIFgkz349SwKU++mPbZLs0ImjWnMLSjPwQ4IOfpm/S+jIJkjMzbDgLMomqBwlhnvGijozscCSZXHot0D8qo1Hk1tF5h/QzJHZlo1h6+GW1j3odDmrK7Oyq5FpNYO9k7AOylSmifNccaWkdLQmuQQymWZibIuai4D9C5bdBJeWi5MawNa3GRiHH0qSQ2azIGTIlcHCkAhSkScY/qI83u/AYdSGm85wkCl88dYNN5RDJcNE0XyilbRh3Ug8MnIAaax428sJ9AQQ/kUyEBUFQEVxJjufZCruVwIE3Mgj/XA/9ZXXm04N/Ez/+BPno7I/k5In+CmCFDN7bBDkDDyOg==</SignatureValue>
      <KeyInfo>
        <X509Data>
<X509Certificate>
MIIDDjCCAnegAwIBAgIUFb4qZmymJ2NbpeCaz6//yCSjRAswDQYJKoZIhvcN
AQEFBQAwRzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0NhcmFkYXMxFTATBgNV
BAsTDENhcmFkYXMgTGFiczEPMA0GA1UEAxMGQ1RIIENBMB4XDTAzMDkxMjEy
NTcyNFoXDTA1MDkxMTEyNTcyNFowgakxCzAJBgNVBAYTAlBMMREwDwYDVQQI
EwhNYXpvd3N6ZTERMA8GA1UEBxMIV2Fyc3phd2ExFTATBgNVBAoTDFBvbENh
cmQgUy5BLjEgMB4GA1UECxMXWmVzcG9sIE5vd3ljaCBQcm9kdWt0b3cxFzAV
BgNVBAMTDnBvbGNhcmQuY29tLnBsMSIwIAYJKoZIhvcNAQkBFhN3b2p1QHBv
bGNhcmQuY29tLnBsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
oO9E0U20S89DUnKMEGvZBNIjVN+eILVuAIWe7IvPBxff+sJGSAJMGaXcGudI
Xwb9SktQlyAz1A9zPf6nebfQO74O3IdOnK7BEBFP4rj1DcSV/uUU6n8hfHAJ
XPnvwet0oYRmvImnLSLYFzXqMO3c+wPd94HZ8sA1p20eQQREPRlV7VcO2nz7
BuXjfhf5x1wGF7EPxXwZD+MUnja01khKBXz7IFLOdhfD/pkzHiEPY/v2GxKg
Si5uNUwQBQC0f9uOTFavliU3yXpVYsPq8Qx+470bMRcINbBd1BHknFO3v05O
aLSS6qNUXllucGvGUzBwdT2kDLvHPHgX+1OChMsgWQIDAQABoxAwDjAMBgNV
HRMBAf8EAjAAMA0GCSqGSIb3DQEBBQUAA4GBAEsduNjOZ2Ji9Hkh+k4sJVIp
7Y6eNeKn2x7EsbRMTZXrCrTKLLqGLWHZIlX9/oPn9DvnVZ/t3YMFSuuaDHdl
U+g/dG4Ldup5j9ejFMOJAK9sq7MsSTzxYZ5AT23/i0fNraERgohxp2zugn2a
XzQVMTyMd/Ce7H7dP4xtz+Fv8mCQ</X509Certificate>
<X509Certificate>
MIICMjCCAZugAwIBAgIVAJoV+yURqXHF8zXECfEhRqpwzCMwMA0GCSqGSIb3
DQEBBQUAMEkxCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdDYXJhZGFzMRUwEwYD
VQQLEwxDYXJhZGFzIExhYnMxETAPBgNVBAMTCENUSCBST09UMB4XDTAzMDgx
OTE0MjI1MVoXDTExMDgxNzE0MjI1MVowSTELMAkGA1UEBhMCVVMxEDAOBgNV
BAoTB0NhcmFkYXMxFTATBgNVBAsTDENhcmFkYXMgTGFiczERMA8GA1UEAxMI
Q1RIIFJPT1QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAIrpC9h6fesI
1FnpSHH+dP+JaY3FitHMW9LHBLpdCSEzAVe6VJOZO7Ycw49iDKkhPCrSZk/5
9RXD+3+vYqukFL0FLfG2GFTA1c9YU94dqBovrmwbMP7HYN82PmQtifzGMeS9
d7znDx+AqlDU1eXCZMVdHSsz/qneP8LSydrMaU/RAgMBAAGjFjAUMBIGA1Ud
EwEB/wQIMAYBAf8CAQEwDQYJKoZIhvcNAQEFBQADgYEAZdRIyN/SSPQ3bLun
DVKxanOLDiXfczxGMnQZWK47fQfWdbqqEINrcObagSw44Ba9pFZ796DXn5XP
ZOkLuhrgLSwVVVqkUWLeUaRPEFGDXQMk9XqrbCpivQix1Hr+9DgWWiqg0snC
7JkD6rieQ8NIuj+bD83vnuhOW/nLEuLSfxk=</X509Certificate>
</X509Data>
      </KeyInfo>
    </Signature>
  </Message>
</ThreeDSecure>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20040504/06239258/attachment.htm

More information about the xmlsec mailing list