[xmlsec] WSSE signature validation fails
Aleksey Sanin
aleksey at aleksey.com
Wed Aug 22 08:36:33 PDT 2018
Section 3.2 from the FAQ if I recall correctly.
Aleksey
On 8/21/18 1:24 PM, Tomer Azran wrote:
> Hello,
>
> We are trying to use xmlsec1 utility in order to verify a soap response
> with a <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> element.
>
> This is the KeyInfo element in the soap envelope (I removed the actual
> key identifier data):
>
> <KeyInfo>
>
> <wsse:SecurityTokenReference xmlns="">
>
> <wsse:KeyIdentifier
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier"
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">[BASE64
> STRING]</wsse:KeyIdentifier>
>
> </wsse:SecurityTokenReference>
>
> </KeyInfo>
>
> I'm running the following command in order to verify the signature:
>
> /usr/bin/xmlsec1 --verify answer.xml
>
> Getting the following error:
>
> func=xmlSecXPathDataExecute:file=xpath.c:line=273:obj=unknown:subj=xmlXPtrEval:error=5:libxml2
> library function
> failed:expr=xpointer(id('Id-c96770b6-807c-44e5-b070-9a01f2fcf9ef'))
>
> func=xmlSecXPathDataListExecute:file=xpath.c:line=373:obj=unknown:subj=xmlSecXPathDataExecute:error=1:xmlsec
> library function failed:
>
> func=xmlSecTransformXPathExecute:file=xpath.c:line=483:obj=xpointer:subj=xmlSecXPathDataExecute:error=1:xmlsec
> library function failed:
>
> func=xmlSecTransformDefaultPushXml:file=transforms.c:line=2405:obj=xpointer:subj=xmlSecTransformExecute:error=1:xmlsec
> library function failed:
>
> func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1236:obj=unknown:subj=xmlSecTransformPushXml:error=1:xmlsec
> library function failed:transform=xpointer
>
> func=xmlSecTransformCtxExecute:file=transforms.c:line=1296:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec
> library function failed:
>
> func=xmlSecDSigReferenceCtxProcessNode:file=xmldsig.c:line=1571:obj=unknown:subj=xmlSecTransformCtxExecute:error=1:xmlsec
> library function failed:
>
> func=xmlSecDSigCtxProcessSignedInfoNode:file=xmldsig.c:line=804:obj=unknown:subj=xmlSecDSigReferenceCtxProcessNode:error=1:xmlsec
> library function failed:node=Reference
>
> func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=547:obj=unknown:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec
> library function failed:
>
> func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSignatureProcessNode:error=1:xmlsec
> library function failed:
>
> Error: signature failed
>
> ERROR
>
> SignedInfo References (ok/all): 0/1
>
> Manifests References (ok/all): 0/0
>
> Error: failed to verify file "answer.xml"
>
> Can you please advise?
>
> Tomer.
>
>
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
>
More information about the xmlsec
mailing list