[xmlsec] Bad digest in #Manifest
François Plou
fplou at webank.fr
Thu Apr 3 05:46:44 PDT 2014
Hi,
I am facing an issue trying to sign an xml document which makes
reference to an external file.
xmlsec1 gives me a digest for the URI=#Manifest which is not verified by
tool like Apache XML Security.
I am pretty sure there is something missing in the XML document I give
to xmlsec but can't figure what.
I sign the document named acmt.007.001.02_1.skel.1sign.object2.xml.
The command I use is : xmlsec1 -- sign --output fpl.xml --privkey <key>
acmt.007.001.02_1.skel.1sign.object2.xml
The output document is fpl.xml
The digest which is not the same as the one computed by Apache XML
Security is 2jmj7l5rSw0yVb/vlWAYkK/YBwk=
Apache Security is expecting M3eHHYZ3d//5HW/Gp583TrV/K4I=
I found that the expecting digest match the manifest3.xml file enclosed
(I built it manually).
So it seems xmlsec is not creating the same manifest part.
Do you have any idea what can be wrong in my
acmt.007.001.02_1.skel.1sign.object2.xml file ? Do I need to add a
transform ?
Thanks for your help.
Francois
-------------- next part --------------
A non-text attachment was scrubbed...
Name: acmt.007.001.02_1.skel.1sign.object2.xml
Type: text/xml
Size: 2970 bytes
Desc: not available
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20140403/188fbce5/attachment.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fpl.xml
Type: text/xml
Size: 3848 bytes
Desc: not available
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20140403/188fbce5/attachment-0001.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: manifest3.xml
Type: text/xml
Size: 627 bytes
Desc: not available
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20140403/188fbce5/attachment-0002.xml>
More information about the xmlsec
mailing list