subject:"\[xmlsec\] Brackets in Reference"

[xmlsec] Brackets in Reference

2004-03-27 Thread Edward Shallow

Hello Aleksey,

Please find enclosed a signature produced by another toolkit which uses
left and right brackets in its reference element. XMLSec seems to be
objecting to the presence of the brackets. If I take them out, XMLSec gets
further, but naturally complains about the data to digest compare.   

Reference URI=#Object[040327174718Z]

Is this use legitimate ? Any ideas ?

Ed
C:\XMLSecxmlsec verify --store-references --crypto mscrypto inout/signedXMLDSIG
.xml
func=xmlSecXPathDataExecute:file=..\src\xpath.c:line=273:obj=unknown:subj=xmlXPt
rEval:error=5:libxml2 library function failed:expr=xpointer(id('Object[040327174
718Z]'));last error=0 (0x);last error msg=The operation completed succes
sfully.

func=xmlSecXPathDataListExecute:file=..\src\xpath.c:line=356:obj=unknown:subj=xm
lSecXPathDataExecute:error=1:xmlsec library function failed: ;last error=0 (0x00
00);last error msg=The operation completed successfully.

func=xmlSecTransformXPathExecute:file=..\src\xpath.c:line=466:obj=xpointer:subj=
xmlSecXPathDataExecute:error=1:xmlsec library function failed: ;last error=0 (0x
);last error msg=The operation completed successfully.

func=xmlSecTransformDefaultPushXml:file=..\src\transforms.c:line=2371:obj=xpoint
er:subj=xmlSecTransformExecute:error=1:xmlsec library function failed: ;last err
or=0 (0x);last error msg=The operation completed successfully.

func=xmlSecTransformCtxXmlExecute:file=..\src\transforms.c:line=1207:obj=unknown
:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed:transform=xp
ointer;last error=0 (0x);last error msg=The operation completed successf
ully.

func=xmlSecTransformCtxExecute:file=..\src\transforms.c:line=1267:obj=unknown:su
bj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: ;last er
ror=0 (0x);last error msg=The operation completed successfully.

func=xmlSecDSigReferenceCtxProcessNode:file=..\src\xmldsig.c:line=1568:obj=unkno
wn:subj=xmlSecTransformCtxExecute:error=1:xmlsec library function failed: ;last
error=0 (0x);last error msg=The operation completed successfully.

func=xmlSecDSigCtxProcessSignedInfoNode:file=..\src\xmldsig.c:line=804:obj=unkno
wn:subj=xmlSecDSigReferenceCtxProcessNode:error=1:xmlsec library function failed
:node=Reference;last error=0 (0x);last error msg=The operation completed
 successfully.

func=xmlSecDSigCtxProcessSignatureNode:file=..\src\xmldsig.c:line=547:obj=unknow
n:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec library function failed
: ;last error=0 (0x);last error msg=The operation completed successfully
.

func=xmlSecDSigCtxVerify:file=..\src\xmldsig.c:line=366:obj=unknown:subj=xmlSecD
SigCtxSigantureProcessNode:error=1:xmlsec library function failed: ;last error=0
 (0x);last error msg=The operation completed successfully.

Error: signature failed
ERROR
SignedInfo References (ok/all): 0/1
Manifests References (ok/all): 0/0
= VERIFICATION CONTEXT
== Status: unknown
== flags: 0x0006
== flags2: 0x
== Key Info Read Ctx:
= KEY INFO READ CONTEXT
== flags: 0x
== flags2: 0x
== enabled key data: all
== RetrievalMethod level (cur/max): 0/1
== TRANSFORMS CTX (status=0)
== flags: 0x
== flags2: 0x
== enabled transforms: all
=== uri: NULL
=== uri xpointer expr: NULL
== EncryptedKey level (cur/max): 0/1
== Key Info Write Ctx:
= KEY INFO WRITE CONTEXT
== flags: 0x
== flags2: 0x
== enabled key data: all
== RetrievalMethod level (cur/max): 0/1
== TRANSFORMS CTX (status=0)
== flags: 0x
== flags2: 0x
== enabled transforms: all
=== uri: NULL
=== uri xpointer expr: NULL
== EncryptedKey level (cur/max): 0/1
== Signature Transform Ctx:
== TRANSFORMS CTX (status=0)
== flags: 0x
== flags2: 0x
== enabled transforms: all
=== uri: NULL
=== uri xpointer expr: NULL
=== Transform: c14n (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315)
=== Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1)
== Signature Method:
=== Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1)
== SignedInfo References List:
=== list size: 1
= REFERENCE VERIFICATION CONTEXT
== Status: unknown
== URI: #Object[040327174718Z]
== Reference Transform Ctx:
== TRANSFORMS CTX (status=1)
== flags: 0x
== flags2: 0x
== enabled transforms: all
=== uri:
=== uri xpointer expr: #Object[040327174718Z]
=== Transform: xpointer (href=http://www.w3.org/2001/04/xmldsig-more/xptr)
=== Transform: c14n (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315)
=== Transform: membuf-transform (href=NULL)
=== Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1)
=== Transform: membuf-transform (href=NULL)
== Digest Method:
=== Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1)
== Manifest References List:
=== list size: 0
Error: failed to verify file inout/signedXMLDSIG.xml?xml version=1.0 encoding=UTF-8?
!DOCTYPE Signature
Signature

Re: [xmlsec] Brackets in Reference

2004-03-27 Thread Daniel Veillard

On Sat, Mar 27, 2004 at 01:02:12PM -0500, Edward Shallow wrote:
 Hello Aleksey,
 
 Please find enclosed a signature produced by another toolkit which uses
 left and right brackets in its reference element. XMLSec seems to be
 objecting to the presence of the brackets. If I take them out, XMLSec gets
 further, but naturally complains about the data to digest compare.   
 
 Reference URI=#Object[040327174718Z]
 
 Is this use legitimate ? Any ideas ?

  [ and ] are not allowed in the Name production this might be the 
reason.

Daniel

-- 
Daniel Veillard  | Red Hat Network https://rhn.redhat.com/
[EMAIL PROTECTED]  | libxml GNOME XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec

Re: [xmlsec] Brackets in Reference

2004-03-27 Thread Rich Salz

 Reference URI=#Object[040327174718Z]

Being pedantic:
1.  That *may* be legal, since URI is of type anyURI.
2.  Without the --dtdfile argument, xmlsec doesn't know that this
is an IDREF/ID pair.
3.  ID's are of type NAME, and cannot have square brackets in them;
so foo Id='Object[], if Id is an attribute of type ID,
is not legal XML.  The toolkit you used is doing something wrong.

/r$

--
Rich Salz  Chief Security Architect
DataPower Technology   http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html

___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec

[xmlsec] Brackets in Reference

Re: [xmlsec] Brackets in Reference

Re: [xmlsec] Brackets in Reference

3 matches

Site Navigation

Mail list logo

Footer information