Re: Microsoft Office12 Postmark will not verify

Mon, 26 Feb 2007 09:01:45 -0800 

Hi Jean-Luc,

I will try to take a look to the issue, but can you send us the document and
the code you are using?
And thanks for telling.


Regards,

Raul,



On 2/26/07, Jean-Luc Cooke <[EMAIL PROTECTED]> wrote:


To help things along,

Here's the output from Aleksey's tool.  Notice how it verifies
"#idsigInvalidImage" and "#idsigValidImage" but ApacheXMLSec cannot.
The overall signature status fails with Aleksey's tool, but that's not
what I'm focusing on.

Is the fact that ApacheXMLSec cannot verify idsigInvalidImage and
idsigValidImage a bug?

JLC

On Mon, Feb 26, 2007 at 09:54:15AM -0500, Jean-Luc Cooke wrote:
> Sorry to ping here.
>
> Can anyone point me in the direction of "If this a bug with Apache
XMLSec?"
>
> I'd really exect the evil empire of Microsoft and Apache to
interoperate.
>
> JLC
>
> On Wed, Feb 21, 2007 at 02:37:47PM -0500, Jean-Luc Cooke wrote:
> > Hello team,
> >
> > I tried to verify the following XML file (not a root'd web cert,
sorry):
> >   https://216.191.58.251/apache-xmlsec-help/Word-plugin-signature.xml
> >
> > Using the org.apache.xml.security.samples.signature.VerifySignatureclass 
that is found in src_samples directory and got this:
> >
> > java -cp .:../libs/xmlsec-
1.3.0.jar:../libs/xalan.jar:../libs/commons-logging.jar
org.apache.xml.security.samples.signature.VerifySignature
Word-plugin-signature.xml
> > Try to verify file:Word-plugin-signature.xml
> > Could find a X509Data element in the KeyInfo
> > Feb 21, 2007 2:20:17 PM org.apache.xml.security.signature.Referenceverify
> > INFO: Verification successful for URI "#idPackageObject"
> > Feb 21, 2007 2:20:17 PM org.apache.xml.security.signature.Referenceverify
> > INFO: Verification successful for URI "#idOfficeObject"
> > Feb 21, 2007 2:20:17 PM org.apache.xml.security.signature.Referenceverify
> > WARNING: Verification failed for URI "#idsigInvalidImage"
> > Feb 21, 2007 2:20:17 PM org.apache.xml.security.signature.Referenceverify
> > WARNING: Verification failed for URI "#idsigValidImage"
> > The XML signature in file
file:/home/jlcooke/crypt_map/sc_data/sc/xmlsec/2007-02-21/Word-
plugin-signature.xml is invalid !!!!! (bad)
> > Object=
> >
> > It is clear the two Objects "#idsigInvalidImage" "#idsigValidImage"
are failing.
> >
> > I have two questions:
> >  1) How can I pragmatically find out why the signature failed
verification?
> >     From what I can see the only way is to look at the log4j output.
> >  2) Passing the XML file above into Aleksey's xmlsec1 app it
passes.  What's
> >     different?
> >
> > Thanks
> >
> > JLC





--
http://r-bg.com

Reply via email to