[xmlsec] Strange issue in verify2.c in Xcode on Mac OS X

Ian Hlavats ian at tarantulaconsulting.com
Mon May 5 14:48:05 PDT 2014


Hello,

I am trying to run the verify2.c program in Xcode and I noticed a strange issue while debugging the following code:

    /* Verify signature */
    if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
        fprintf(stderr,"Error: signature verify\n");
        goto done;
    }

    // print status (my code)
    xmlSecDSigCtxDebugXmlDump(dsigCtx, stdout);

    /* print verification result to stdout */
    if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
        fprintf(stdout, "Signature is OK\n");
    } else {
        fprintf(stdout, "Signature is INVALID\n");
    }

I am running the program successfully from the command line using a valid XML file with a valid public key with the following arguments:

./verify2 file.xml rsa_pub.pem

However, while stepping through this code in debug mode in Xcode, I can see the XML digital signature is validated successfully in the output from xmlSecDSigCtxDebugXmlDump(), but the if statement always prints “Signature is INVALID”. Looking at the value of the dsigCtx->status enum, it no longer has the enum value “xmlSecDSigStatusSucceeded" but rather some random number.

Can someone explain to me what could be happening that would cause the status to be lost while returning from the xmlSecDSigCtxVerify() function?

As a workaround, I have added a function to xmldsig.h named xmlSecDSigCtxStatusOK  that simply returns 0 (false) or 1 (true) if the dsigCtx->status is equal to xmlSecDSigStatusSucceeded.

Any help would be appreciated.

Thanks.

Regards,
Ian




More information about the xmlsec mailing list