First of all, I would appreciate if you can use mailing list. This
helps to share knowledge :)
Now the error you have means that this particular URI type is not
allowed in current context
(if the error message is not enough you can look at the line 805 in
transforms.c). There is
a member "enabledReferenceUris" of xmlSecDSigCtx structure that
describes which URI
types are allowed. By default, it is set to allow *any* URI type. In
your case it is set to
something else. You either assigned a different value for this field
somewhere or I would
guess that you have not called xmlSecDSigCtxInitialize or
xmlSecDSigCtxCreate methods
to create the signature context and fill the structure with 0's
instead.
Aleksey
Michiels Olivier wrote:
Hi,
I've added the code that register the id attribute to the verify
function like this:
if ((prototypeNode =
xmlSecFindNode(xmlDocGetRootElement(doc),"Prototype","http://www.xkms.org/schema/xkms-2001-01-20"))
== NULL) {
fprintf(stderr,"Error: failed to retrieve the Prototype
element\n");
goto done;
}
if ((attr = xmlHasProp(prototypeNode,"Id")) == NULL) {
fprintf(stderr,"Error: failed to find the attribute Id\n");
goto done;
}
if (xmlAddID(NULL,doc,"Id",attr) == NULL) {
fprintf(stderr,"Error: failed to add id\n");
goto done;
}
This code works but when I try to verify the xml file I've this error:
func=xmlSecTransformCtxSetUri:file=transforms.c:line=803:obj=unknown:subj=unknown:error=33:invalid
URI type:uri=#refId_1
func=xmlSecDSigReferenceCtxProcessNode:file=xmldsig.c:line=1435:obj=unknown:subj=xmlSecTransformCtxSetUri:error=1:xmlsec
library function failed:uri=#refId_1
func=xmlSecDSigCtxProcessSignedInfoNode:file=xmldsig.c:line=804:obj=unknown:subj=xmlSecDSigReferenceCtxProcessNode:error=1:xmlsec
library function failed:node=Reference
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=547:obj=unknown:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed:
Error: signature verify
The id is defined as below:
<xkms:Prototype Id="refId_1">
and referenced like this:
<dsig:Reference URI="#refId_1">
Where is my mistake, maybe I didn't understood well what you said.
Olivier
On Wed, 2003-08-13 at 11:56, Aleksey Sanin wrote:
Take a look at src/xmltree.c file in
xmlsec distribution. There is a function
that registers ID attributes for <dsig:Signature/> or
<enc:EncryptedData/>
subtrees. Just search for "xmlAddID" in the file.
Aleksey
Michiels Olivier wrote:
Me again,
sorry but it's the first time I use the libxml2 librairy and your
xmlsec librairy and I'm a little confused how to use some functions.
You said that I can use the xmlAddId function to solve my problem, but
I don't know how to use that function, how to initialize the
xmlValidCtxtPtr parameter. I've check the doc of libxml2 but I didn't
found something.
You're help is really appreciated.
|
