[xmlsec] Cannot validate W3C's XMLDSIG examples
Aleksey Sanin
aleksey at aleksey.com
Tue Feb 5 19:47:56 PST 2013
well, both examples reference an external entity
http://www.w3.org/TR/xml-stylesheet
May be someone changed it? :)
Aleksey
On 2/5/13 11:27 AM, Mak Kolybabi wrote:
> I have been trying to get the XMLDSIG examples that the W3C provides working,
> but the hash appears to be wrong (either in the example or calculated by
> XMLSEC). Does anyone have a suggestion on how to fix this? I'm hoping that I'm
> just doing something wrong.
>
>> % xmlsec1 --version
>> xmlsec1 1.2.18 (openssl)
>
>> % fetch http://www.w3.org/TR/xmldsig-core/signature-example-rsa.xml
>> signature-example-rsa.xml 100% of 2543 B 17 MBps
>>
>> % xmlsec1 --verify signature-example-rsa.xml
>> func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=229:obj=sha1:subj=unknown:error=12:invalid data:data and digest do not match
>> FAIL
>> SignedInfo References (ok/all): 0/1
>> Manifests References (ok/all): 0/0
>> Error: failed to verify file "signature-example-rsa.xml"
>
>> % fetch http://www.w3.org/TR/xmldsig-core/signature-example-dsa.xml
>> signature-example-dsa.xml 100% of 3167 B 3895 kBps
>>
>> % xmlsec1 --verify signature-example-dsa.xml
>> func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=229:obj=sha1:subj=unknown:error=12:invalid data:data and digest do not match
>> FAIL
>> SignedInfo References (ok/all): 0/1
>> Manifests References (ok/all): 0/0
>> Error: failed to verify file "signature-example-dsa.xml"
>
More information about the xmlsec
mailing list