[xmlsec] Problems signing document instance

Thomas Jones securebuddha at gmail.com
Tue Feb 7 18:00:57 PST 2006


I am utilizing the following command sequence:

buddha at bodhitsattva:~> xmlsec1 --sign --privkey-pem
projects/xsdl/doc/keys.bak/sb_rsa_private.pem
projects/xsdl/osstmm/tests/xsdl_osstmm_lc_test.xml

Which elicits the following errors:

func=xmlSecTransformNodeRead:file=transforms.c:line=1511:obj=unknown:subj=xmlSecTransformIdsListFindByHref:error=1:xmlsec
library function
failed:href=http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
func=xmlSecTransformCtxNodeRead:file=transforms.c:line=666:obj=unknown:subj=xmlSecTransformNodeRead:error=1:xmlsec
library function failed:name=SignatureMethod
func=xmlSecDSigCtxProcessSignedInfoNode:file=xmldsig.c:line=742:obj=unknown:subj=xmlSecTransformCtxNodeRead:error=1:xmlsec
library function failed:node=SignatureMethod
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=547:obj=unknown:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxSign:file=xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed:
Error: signature failed
Error: failed to sign file "projects/xsdl/osstmm/tests/xsdl_osstmm_lc_test.xml

The following markup is composed for signing:
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
        <SignedInfo>
            <CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
            <SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <Reference URI="#test">
                <DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                <DigestValue></DigestValue>
            </Reference>
        </SignedInfo>
        <SignatureValue></SignatureValue>
        <KeyInfo>
            <KeyName></KeyName>
        </KeyInfo>
    </Signature>

The Reference URI is valid and points to the root node that is parent
to everything in the document. What is the problem?

Thanks.


More information about the xmlsec mailing list