|
Hi~
I try to verify with x509 certificate in
signature xml file.
I use two certificate - rootCAcert.pem: root
certificate(self signed), cert_sejong.pem.
Singing use below xmlsec command.
~xmlsec>xmlsec sign
--privkey key_sejong.pem,cert_sejong.pem test.tmpl > test.xml
And verifying use below xmlsec command.
~xmlsec>xmlsec verify
--trusted rootCAcert.pem test.xml
result>
xmlSecX509StoreVerify: cert verification failed
(X509_STORE_CTX.error=7)
xmlSecX509DataNodeRead: failed to verify cert
xmlSecKeysMngrGetKey: failed to find key
xmlSecSignedInfoRead: failed to find key
xmlSecSignatureRead: failed to read SignedInfo
node
xmlSecDSigValidate: Signature read failed
ERROR
Error: operation failed
I guess problem is certificate, but don't know
accuracy reason.
xmlsec library: 0.0.7 (self sign
certificate bug fix)
openssl library: 0.9.6d
****************** rootCAcert.pem
*************************
-----BEGIN CERTIFICATE-----
MIICqDCCAhECBTEyMzQ1MA0GCSqGSIb3DQEBBAUAMIGaMQswCQYDVQQGEwJLUjESMBAGA1UE
CBMJQ2hvb25nTmFtMRAwDgYDVQQHEwdZb29TdW5nMQ0wCwYDVQQKEwRFVFJJMRswGQYDVQQL
ExJEUk0gRGV2ZWxvcGVyIFRlYW0xFTATBgNVBAMTDEVUUkkgU29od2FuZzEiMCAGCSmGSIb3
DQEJARYTc293aGFuZ0BldHJpLnJlLm5ldDAeFw0wMjA1MDEwMDAwMTFaFw0wMzA1MDEwMDAw
MjJaMIGaMQswCQYDVQQGEwJLUjESMBAGA1UECBMJQ2hvb25nTmFtMRAwDgYDVQQHEwdZb29T
dW5nMQ0wCwYDVQQKEwRFVFJJMRswGQYDVQQLExJEUk0gRGV2ZWxvcGVyIFRlYW0xFTATBgNV
BAMTDEVUUkkgU29od2FuZzEiMCAGCSmGSIb3DQEJARYTc293aGFuZ0BldHJpLnJlLm5ldDCB
njANBgkqhkiG9w0BAQEFAAOBjAAwgYgCgYDCEcSdDif0SMBJ7SF5FBFS9rwezFuPQr+FS0Sl
kakHC/es3rZHWHx4CKABrj2KuIvyOvXnTugOGyGJ68F4spkbF8J4kCiz9wjmdLjVNetwWjLO
MaYi5l3SNUW88fQ+rgFRi9tWY9VNLc8wz9/yDk4qm2sEKmxzOeXIO6d8/pn2sQIDAQABMA0G
CSqGSIb3DQEBBAUAA4GBAGq6u3R/k+GNmimmzfAnytyeB6aIuGdEu0UbeXJOhPQAuPsUlb8W
2gzxBpB3t4zZuqzgB7wXKI/3vLZSqrmyjF1zyESiBTeYcdMKabfnFYZOi3nhHm+v8SFupIwo
LvVWwK0/arcaoVEMKDwMQ74cTsmPWEs24B1KQSHFan4D01sH
-----END CERTIFICATE-----
****************** cert_sejong.pem
*************************
-----BEGIN CERTIFICATE-----
MIICUjCCAbsCBTEyMzQ1MA0GCSqGSIb3DQEBBAUAMIGaMQswCQYDVQQGEwJLUjESMBAGA1UE
CBMJQ2hvb25nTmFtMRAwDgYDVQQHEwdZb29TdW5nMQ0wCwYDVQQKEwRFVFJJMRswGQYDVQQL
ExJEUk0gRGV2ZWxvcGVyIFRlYW0xFTATBgNVBAMTDEVUUkkgU29od2FuZzEiMCAGCSmGSIb3
DQEJARYTc293aGFuZ0BldHJpLnJlLm5ldDAeFw0wMjA1MDEwMDE5MzdaFw0wMzA1MDIwNDEw
MDBaMEQxCzAJBgNVBAYTAktSMQ4wDAYDVQQIEwVTZW91bDEPMA0GA1UEBxMGR29vbkphMRQw
EgYDVQQKEwtTZWpvbmcgVW5pdjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArEkqKvki
EyMrB+KL+eh2Z3AVEVksEmy/S+lBwhcGOBOL8+LXHsM8LQNhp1dvFrdt9EqC1OUceI4nScmr
y9fpc3aMGgaJ6s+uX13WCHyj2ymB+ZIb+pYy8K0KHk5wUeg84CYk+yTIFmX8EIUeNJwqtm13
KNMAxQ00yse7ZhmvBisCAwEAATANBgkqhkiG9w0BAQQFAAOBgQCDkBvHtUGxiAevrXYkmEx/
3dOmpCjbL9WzkvIO/XNdfLwgMlK7jyOxE7emrjqtnUjclU7r4ST6woqUigKfoKEYVFAfjOzR
i3cMEXCeewyDKThc3BL9bxW5aMUirsI1AeppPvKqMs9rl8MUowe8La+icsUeinVjRZnGB1qP
y20S7g==
-----END CERTIFICATE-----
****************** key_sejong.pem
*************************
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIICoTAbBgkqhkiG9w0BBQMwDgQI3KOPWfcDhNkCAggABIICgGJXqYOOVXDS7WWDuvoyLWmf
VJOFiSjI2SzhH5RKpxcL+veCyAbgP+/re5NjOkl4CRYMQjczOrWqvhuENF/ucqR9ONnCAXQx
PZZX/kxUi5hMuZD1J27/YXpdnKOi9fHBYuPo2hT7tN8g/b1F2ilOSQMpuboi9Pz7pzwgmZwX
JHUUwYFUwGKZSxtch4ik8Unz9PdWPiS7ww/9iLqOoAjeKUzEHaGUS+BUYwmzVRvO7U2+hP7I
0xtpgGOFwtBEYtoKSSypb9Q5vVf6dGIaaRRrwdnvVChx2D5eNpRJBineTfzk3NsklIP6w/U1
DQRqOIH8rYDV+iq9qHlvcZf4O1ALAIS/Ubt0Z5SyYpMQAn7ckldfKI662jnNZxqicXmIR1Cp
ynCH+/bp3BqqjEkACOUynVg2M0kehZpb8MuHJDb0gRZ159LFtqpw28aEmtRBVj/SA7yGetRG
ej2HwjS4j1Ab2hKy/Jt2RLsFOZsheTnn3OVsEbgocF5+tJdZEQjxqDzCRKK42TrESdl6R/NI
T/4PegwH4+0JRWGAodZxMkfGOf+YFh8QK43YLEOTbiewXa5IDteF7PHCebgFXsv87MKcEI0e
/8jfh1d1rwAH21YnqrGjpXx5/thnTokih2UHQMBGfvbH5pnhGi2m1WI2v7aZVuhxJKVW+Hzc
TGAOiI2jHs9owmXH+n6MD2N6vpHUE/9E+l/iN9+ASZe94g/q8nWbelOJSYJDaAq9OHmyqC0B
yrCwO4f2wMI5q68cjB2G4700SzOy3GXhdJJZvADnNBZ9WVeuam8amJygvUE6EW4a74CgRtxt
OcpA4gpbWhrOFCOvOeJdQ1AbtvEXfxcbY12R5uQ=
-----END ENCRYPTED PRIVATE KEY-----
Have a nice day!
|
RcvCheck.asp?uid=25252195&userid=kjho80&key=SHGCKDGSSVSCNSHWHNVWTT0
Description: Binary data
