[xmlsec] Problem with 1.2.18 and mscrypto - key not found

EdShallow ed.shallow at gmail.com
Sat Jun 18 10:59:46 PDT 2011


Hi Aleksey,

     The template below work fine with 1.2.13 xmlsec command line on the
same machine and the same crypto keys using all Igor's 1.2.13 binaries.

     I kept everything the same except I compiled your 1.2.18 .... all
clean. I spoke with you yesterday about this. I am using VC7.1 with
msvcr71.dll and Igor's includes, libs, and binaries for libxml, libxslt.

    This signing template works at the command line with Igor's 1.2.13
binaries but does not work with my compiled 1.2.18 dll's.
Igor has not updated his binaries for a very long time. He is still at
1.2.13 and I need your new mscrypto algorithms introduced in 1.2.15

Any suggestions for me to try ?

Thanks,
Ed

Template as follows:

<?xml version="1.0" encoding="UTF-8"?>
<!--
Signature created by XMLDSIG Engine and XMLSec Lib V1.2.18
-->
<Document>
    <Data>
        <SubData1>
            <SubSubData1 MimeType="text/plain">This is the data to be
signed.</SubSubData1>
            <SubSubData2 MimeType="text/plain">This is the data to be
signed.</SubSubData2>
            <SubSubData3 MimeType="text/plain">This is the data to be
signed.</SubSubData3>
        </SubData1>
        <SubData2>This is the data to be signed.</SubData2>
        <SubData3>This is the data to be signed.</SubData3>
    </Data>
    <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
        <dsig:SignedInfo>
            <dsig:CanonicalizationMethod Algorithm="
http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
            <dsig:SignatureMethod Algorithm="
http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                <dsig:Reference URI="">
                    <dsig:Transforms>
                        <dsig:Transform Algorithm="
http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    </dsig:Transforms>
                    <dsig:DigestMethod Algorithm="
http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <dsig:DigestValue></dsig:DigestValue>
                </dsig:Reference>
        </dsig:SignedInfo>
        <dsig:SignatureValue></dsig:SignatureValue>
        <dsig:KeyInfo>
            <dsig:KeyName>Shallow, Ed</dsig:KeyName>

<dsig:X509Data><dsig:X509Certificate/><dsig:X509SubjectName/><dsig:X509IssuerSerial/>
            </dsig:X509Data>
        </dsig:KeyInfo>
    </dsig:Signature>
</Document>

Output from command line tool as follows:

C:\XMLSec>xmlsec sign --crypto mscrypto --output
inout/edsigned-enveloped.xml tmpl/tmpl-EPM-sign-enveloped.xml
func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1370:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
library function failed: ;last error=-2146885628 (0x80092004);
last error
msg=func=xmlSecDSigCtxProcessKeyInfoNode:file=..\src\xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
is not found: ;last error=-2146885628 (0x80092004);last error
msg=func=xmlSecDSigCtxProcessSignatureNode:file=..\src\xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
library function failed: ;last error=-2146885628 (0x80092004);last error
msg=
func=xmlSecDSigCtxSign:file=..\src\xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed: ;last error=-2146885628 (0x80092004);last error
msg=
Error: signature failed
Error: failed to sign file "tmpl/tmpl-EPM-sign-enveloped.xml"

Suggestions ?

-- 
Ed's Contact Information:
Mobile Phone: 613-852-6410
Gmail: ed.shallow at gmail.com
VOIP Address: 107529 at sip.ca1.voip.ms
VOIP DID#: 613-458-5004
Skype ID: edward.shallow
Home Phone: 613-482-2090
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20110618/be3724eb/attachment.html>


More information about the xmlsec mailing list