All
I have created a test case using the script provided in the w3c
test-suite. The test case is created successfully. But when I tried to
validate the created widget using the validate script, the signature
does not get validated.
1)Test- Case creation:
--------------------------------------------------------------------------
$ ./create-test-case.sh ta-99 99a
* Creating
/home/BORQSADC/rajshekark/w3c_testsuite/2006/waf/widgets-digsig/test-suite/test-cases/ta-99
...
* Copying template to
/home/BORQSADC/rajshekark/w3c_testsuite/2006/waf/widgets-digsig/test-suite/test-cases/ta-99/99a
...
* Adding correct IDs to files...
* Generating signatures
Key type rsa
Widget is a directory
Signed author-signature.xml
Signed
/home/BORQSADC/rajshekark/w3c_testsuite/2006/waf/widgets-digsig/test-suite/test-cases/ta-99/99a
Key type rsa
Widget is a directory
Signed signature1.xml
Signed
/home/BORQSADC/rajshekark/w3c_testsuite/2006/waf/widgets-digsig/test-suite/test-cases/ta-99/99a
Key type rsa
Widget is a directory
Signed signature2.xml
Validating... SUCCESS
Signed
/home/BORQSADC/rajshekark/w3c_testsuite/2006/waf/widgets-digsig/test-suite/test-cases/ta-99/99a
* Zipping widget...
adding: CVS/ (stored 0%)
adding: LICENSE (deflated 7%)
adding: author-signature.xml (deflated 45%)
adding: config.xml (deflated 25%)
adding: index.html (deflated 33%)
adding: signature1.xml (deflated 47%)
adding: signature2.xml (deflated 60%)
/home/BORQSADC/rajshekark/w3c_testsuite/2006/waf/widgets-digsig/test-suite/tools
* Adding test to test-suite.xml...
Done.
--------------------------------------------------------------------------
2) Test-case Validation
--------------------------------------------------------------------------
$ ./validate-widget.sh --trusted-pem
/home/BORQSADC/rajshekark/w3c_testsuite/2006/waf/widgets-digsig/test-suite/keys/root.cert.pem
/home/BORQSADC/rajshekark/w3c_testsuite/2006/waf/widgets-digsig/test-suite/test-cases/ta-99/99a/99a.wgt
Working in /tmp/.15779
./author-signature.xml
Signature method RSA
if xmlsec1 verify --trusted-pem
/home/BORQSADC/rajshekark/w3c_testsuite/2006/waf/widgets-digsig/test-suite/keys/root.cert.pem
./author-signature.xml
func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=360:obj=x509-store:subj=X509_verify_cert:error=4:crypto
library function failed:subj=/C=NO/ST=Oslo/O=World Wide Web
Consortium/OU=w3c-widgets-digsig-testsuite sig and encryption
certificate/CN=http://www.w3.org//[email protected];err=20;msg=unable
to get local issuer certificate
func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=408:obj=x509-store:subj=unknown:error=71:certificate
verification failed:err=20;msg=unable to get local issuer certificate
func=xmlSecKeysMngrGetKey:file=keys.c:line=1370:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
is not found:
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed:
Error: signature failed
ERROR
SignedInfo References (ok/all): 4/4
Manifests References (ok/all): 0/0
Error: failed to verify file "./author-signature.xml"
INVALID SIGNATURE: ./author-signature.xml
./signature1.xml
Signature method RSA
if xmlsec1 verify --trusted-pem
/home/BORQSADC/rajshekark/w3c_testsuite/2006/waf/widgets-digsig/test-suite/keys/root.cert.pem
./signature1.xml
func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=360:obj=x509-store:subj=X509_verify_cert:error=4:crypto
library function failed:subj=/C=NO/ST=Oslo/O=World Wide Web
Consortium/OU=w3c-widgets-digsig-testsuite sig and encryption
certificate/CN=http://www.w3.org//[email protected];err=20;msg=unable
to get local issuer certificate
func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=408:obj=x509-store:subj=unknown:error=71:certificate
verification failed:err=20;msg=unable to get local issuer certificate
func=xmlSecKeysMngrGetKey:file=keys.c:line=1370:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
is not found:
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed:
Error: signature failed
ERROR
SignedInfo References (ok/all): 5/5
Manifests References (ok/all): 0/0
Error: failed to verify file "./signature1.xml"
INVALID SIGNATURE: ./signature1.xml
./signature2.xml
Signature method RSA
if xmlsec1 verify --trusted-pem
/home/BORQSADC/rajshekark/w3c_testsuite/2006/waf/widgets-digsig/test-suite/keys/root.cert.pem
./signature2.xml
func=xmlSecKeysMngrGetKey:file=keys.c:line=1370:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
is not found:
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed:
Error: signature failed
ERROR
SignedInfo References (ok/all): 5/5
Manifests References (ok/all): 0/0
Error: failed to verify file "./signature2.xml"
INVALID SIGNATURE: ./signature2.xml
--------------------------------------------------------------------------
When we use our widgets for validation, we are getting the same error.
Could you let us know that we are missing something while creating the
case. If that is correct then what might be the issue while validating.
Note: In this we are using test-certificates provided by test-suite.
rgds
viji
