It is a known problem with Windows builds. Please make sure that you compile your application with *exactly* the same compiler/linker flags as ones used for libxml and xmlsec libraries compilation.
Otherwise it just does not work beause external variables declared in the xmlsec library have NULL values by some reasons known only to Igor and the creators of MS VC. Another possible way is to try to link xmlsec/libxml/openssl libraries statically. At least this works on my Windows box :) Aleksey. kltsai wrote:
Hi Aleksey Sanin:
I sign an XML signature with the following templete with the default dsakey.pem:(testApp sign --privkey dsakey.pem sample1.xml > kltsai6.xml)
==========================================================================
<?xml version="1.0"?>
<IFX>
<Data1 Id="anchor1">
<Name>May</Name>
</Data1>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="[EMAIL PROTECTED]">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
<Reference URI="#xpointer(/)">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
</SignedInfo>
<SignatureValue/>
<KeyInfo>
<KeyValue/>
</KeyInfo>
</Signature></IFX>
==========================================================================
And then I got the following result signature:
==========================================================================
<?xml version="1.0"?>
<IFX>
<Data1 Id="anchor1">
<Name>May</Name>
</Data1>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="[EMAIL PROTECTED]">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<Reference URI="#xpointer(/)">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>4x8bEd1KuMZOF4Yvyt9Eh3Y/9hs=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>jpbFT2G7aKr5WnZ3zoIXC8eAtwgn6lSqkDYgbuhdT8NguZb6tZKmxA==</SignatureValue>
<KeyInfo>
<KeyValue>
<DSAKeyValue>
<P>
imW6KYBPYXAf6itSAuYs1aLPfs8/vBEiusv/pl1XMiuMvB7vyiJgSj8/NTkRci/U
X/rVXv8rbCRjvYFX3x5/53f4hc6HKz7JQI4qqB7Fl5N86zp+BsQxNQ4tzous9S2H
Td2/zdTwVsvO+H9l3FahmVp/m2IHE4W27JYoF49qP10=
</P>
<Q>
v/xzWqjRviekk2rMW3wpYspT9Us=
</Q>
<G>
UIyzUDlLe6uCCgF4Rh98fiKZvg64UJ4FM5L+WbCSMmVsFN06fTwxy3naPPOCzzou
fsHv/Bve2gvrDvd078oXWJJf9A44pIZnJkdjEhm2RsDFpXNq0tPKZFcjVsdmqg4M
X6YNuwpvZuTwSoDG5u1QMN0mmH9gmbIT3j9x4MO+7EY=
</G>
<Y>
On+KBJE3q1TRhG9RspNX01VI5C0VzSy4N/QyC4YzEENoq3GJkKHIYq+grq9ZqV9x
g2Geo/3mqhdcENOtYRmWEfOZJj18oukD6TNceYRZ4HjHjK3WY3wK2OV6QOly+k3f
xgEQpP/7IlCka5YICLuHXrbqjn5b0XcK9L2GDtWOyjs=
</Y>
</DSAKeyValue>
</KeyValue>
</KeyInfo>
</Signature></IFX>
==========================================================================
The signing procedure signed silently and successfully. However, the signature seemd
wrong because I use "testApp verify kltsai6.xml", and it shows some errors:
C:\temp\xmlsec-0.0.11\TestApp\Release>testapp verify kltsai6.xml
(C:\temp\xmlsec-0.0.11\src\xmldsig.c:1493): error 51: invalid reference :
========================================================================== = Status:
== Signatures ok: 0
== Signatures fail: 1
== SignedInfo Ref ok: 0
== SignedInfo Ref fail: 1
== Manifest Ref ok: 0
== Manifest Ref fail: 0
FAIL
Error: operation failed
==========================================================================
I realy had no idea, could anyone tell me what happened? Thanks a million~~
kltsai
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
