[xmlsec] Verification using mscrypto library
Tomas Stejskal
tomas.stejskal at abra.eu
Wed Jan 28 05:36:54 PST 2009
Hello,
I'm trying to verify document with included X509 certificate using
mscrypto library, but without success.
When I call xmlSecDSigCtxVerify, I get these errors:
func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
library function failed: ;last error=-2146885628 (0x80092004);last error
msg=Objekt nebo vlastnost nebyly nalezeny.
func=xmlSecDSigCtxProcessKeyInfoNode:file=..\src\xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
is not found: ;last error=-2146885628 (0x80092004);last error msg=Objekt
nebo vlastnost nebyly nalezeny.
func=xmlSecDSigCtxProcessSignatureNode:file=..\src\xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
library function failed: ;last error=-2146885628 (0x80092004);last error
msg=Objekt nebo vlastnost nebylynalezeny.
func=xmlSecDSigCtxVerify:file=..\src\xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed: ;last error=-2146885628 (0x80092004);last error
msg=Objekt nebo vlastnost nebyly nalezeny.
I'd be very grateful for any example code or an advice how to achieve it.
Here is the signature element:
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference>
<Transforms>
<Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>kT3vE5dshcYoBF1J8GbMjAKvW4s=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>IdSs9cYLCcpf+CpC0vHR1pK4isgQ6fEpaiHPN6x0f8kpcIijEbJH5kcoGcWmPT6B
HioeZAj3qiVKzZiNQ1WX6w==</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIID0jCCArqgAwIBAgIEAJjIuzANBgkqhkiG9w0BAQUFADBtMQswCQYDVQQGEwJD
WjEvMC0GA1UEAwwmSS5DQSAtIFRlc3QgcXVhbGlmaWVkIHJvb3QgY2VydGlmaWNh
dGUxLTArBgNVBAoMJFBydm7DrSBjZXJ0aWZpa2HEjW7DrSBhdXRvcml0YSwgYS5z
LjAeFw0wOTAxMjcxNDU2NTBaFw0wOTAyMjYxNDU2NTBaMIGvMQswCQYDVQQGEwJD
WjEZMBcGA1UEAwwQVG9tw6HFoSBTdGVqc2thbDESMBAGA1UECAwJw5pzdGVja8O9
MSQwIgYDVQQHDBtMb20sIMWgcsOhbWtvdmEgODQ3LCA0MzUgMTExJTAjBgkqhkiG
9w0BCQEWFnRvbWFzLnN0ZWpza2FsQGFicmEuZXUxCzAJBgNVBCsMAlRTMRcwFQYD
VQQFEw5JQ0EgLSAxMDAwMjI1MDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDs59S9
JrKzxhrsI1P6jGWBuvmJFM9E1pKNdIVCH75gHRcQE2PRlCvs+RIQFpeIPaNEhgIm
lE7BQFa1BylsdnlLAgMBAAGjgf4wgfswDgYDVR0PAQH/BAQDAgTwMDAGA1UdHwQp
MCcwJaAjoCGGH2h0dHA6Ly90ZXN0cS5pY2EuY3ovdHFpY2EwNi5jcmwwHwYDVR0j
BBgwFoAUlrYHnGKx3omHNUXjlVFsOcbW7sowHQYDVR0OBBYEFBsUyCY3AHj3qea3
UdAHa3u1erzcMF0GA1UdIARWMFQwUgYLKwYBBAGBuEgBaAowQzBBBggrBgEFBQcC
AjA1GjNUZW50byBjZXJ0aWZpa2F0IChRQykgamUgdnlkYW4gcHJvIHRlc3RvdmFj
aSB1Y2VseS4wGAYIKwYBBQUHAQMEDDAKMAgGBgQAjkYBATANBgkqhkiG9w0BAQUF
AAOCAQEACbugMYumCOcBAUcmwiP/tjtPc8h836XLWmHzcYwyNtpOGold0AYmoQvR
KxWyeb1jYAi5JAKlUgMSx55h+9+FBzyrKayQVwT9gzeU5dVg3QmbpPNzd+e0BFuq
h3vE6WU547zvHiAnRfYDUvlB6uw1NhxjVolPi9gQ53WU4n6FGffdplxJ8cOnF6dB
x+jQvq08qkrA/WtYFYM+6o3q0cJEC4rCZSt1Tq0a3uNO0MxXM314yXhlyMDMBBtB
OKUQirBdVnafrrz+V49adzidng5RFLS5dp0l5G1MmHNxOvMQlHkxkIrl3GOt7cwu
P5Egz9c1Qza0WqeaSI3uo22C0bV9hA==</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
Thanks, Tomas
More information about the xmlsec
mailing list