[xmlsec] Verifying SOAP signature with the Xmlsec utility
Aleksey Sanin
aleksey at aleksey.com
Fri Jun 10 00:02:58 PDT 2005
Good! Thanks for letting me know :)
Aleksey
Geir S. Eidissen wrote:
> Sorry for the late response. It was as you first suggested a mismatch
> between applications, and xmlsec was right.
> Problem is now solved. There were no xml attributes in the actual message.
>
> G.
>
> -----Original Message-----
> From: Aleksey Sanin [mailto:aleksey at aleksey.com]
> Sent: 6. juni 2005 19:23
> To: Geir Ståle Eidissen; xmlsec at aleksey.com
> Subject: Re: [xmlsec] Verifying SOAP signature with the Xmlsec utility
>
>
> If you are using exc-c14n (and I guess you are using it because of SOAP :) )
> and you have xml attributes (e.g. xml:lang) in the signed xml fragment then
> it is likely that you might be affected by the following bug in exc c14n
> implementation:
>
> http://mail.gnome.org/arives/xml/2005-June/msg00001.html
>
> It would be really great if you can try the latest LibXML2 CVS snapshot
> tomorrow and let me know if it fixes your problem.
>
> Thanks,
> Aleksey
>
>
>
> Geir S.Eidissen wrote:
>
>>Thanks for answering!
>>
>>So, if I understand you correctly, verifying a signed SOAP message
>>should work OK with the utility, given that the message is unmodified
>>and the c14n implementation of the sender is correct.
>>
>>Best regards
>>Geir S. Eidissen
>>
>>
>>
>>-----Original Message-----
>>From: Aleksey Sanin [mailto:aleksey at aleksey.com]
>>Sent: 17. april 2005 18:01
>>To: Geir Ståle Eidissen
>>Cc: xmlsec at aleksey.com
>>Subject: Re: [xmlsec] Verifying SOAP signature with the Xmlsec utility
>>
>>
>>I don't think that the problem is in the xmlsec flags. It looks like
>>Reference's digests do not match. The possible reasons are:
>>1) Document was modified after signature was done (intentionaly or not
>>intentionaly).
>>2) There is an incompatibility between the app you used to sign
>>document and xmlsec (most likely, in c14n).
>>3) Something else very bad happened.
>>
>>Aleksey
>>
>>
>
>
More information about the xmlsec
mailing list