-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All,
I am having an issue I hope you could assist me on - Following signing a document using xmlDSig I have a doc which looks as follows: <?xml version="1.0"?> <1> <name>Brian</name> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <Reference> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>EqdS4l71pUFiQDXyUBrp5f1+y9M=</DigestValue> </Reference> </SignedInfo> <SignatureValue>xKq1SiBwwnd7fSwEFQ9zNmu6apkk+B18QUaGTGFnlpKmMSo2lvNzTQbKpWewteVD 8vgSbiebBmmKndmqvaCxfLgk7Nr4d5Q0pmRsovgKHZsC11Nq5gV+ovmDRnGbhoAa smFXJ1lHYIwoSbIOK0QWS1vBjX26Q2685tSJ4tkYldc=</SignatureValue> <KeyInfo> <X509Data> <X509Certificate>MIID3zCCA0igAwIBAgIBKTANBgkqhkiG9w0BAQQFADCBoTELMAkGA1UEBhMCVUsx GTAXBgNVBAgTEE5vcnRoZXJuIElyZWxhbmQxEDAOBgNVBAcTB0JlbGZhc3QxFzAV BgNVBAoTDkxhdGVucyBTeXN0ZW1zMRMwEQYDVQQLEwpJVCBTdXBwb3J0MRIwEAYD VQQDEwlSb290IENlcnQxIzAhBgwerqwer9w0BCQEWFGl0c3VwcG9ydEBsYXRlbnMu Y29tMB4XDTA3MDEwMjE1MDcxM1oXDTE2MTIzMDE1MDcxM1owgZcxCzAJBgNVBAYT AlVLMRkwFwYDVQQIExBOb3J0aGVybiBJcmVsYW5kMRcwFQYDVQQKEw5MYXRlbnMg U3lzdGVtczEVMBMGA1UECxMMQXBwbGljYXRpb25zMRQwEgYDVQQDEwtTaW5lYWQg S25veDEnMCUGCSqGSIb3DQEJARYYc2luZWFkLmtub3hAbGF0ZW5zLmNvLnVrMIGf MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDU1GTEw0hZaLCgJCCmyIGKzRBNE28Q CJEoqnz1yW3e24W2b0c5hrW4guEXNrmsYk0c/GrnYrqQADbgIsYxbr936b6HGHgY u+qL+alFbI4fch5OfF0PTRZ+bj0qPwW8I8matL6v15e3E5SPoiS/h6QQeTeZAkz3 lRwfvVznKw9P2QIDAQABo4IBLTCCASkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0E HxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFPnvM9lc Ib29ArY4uoiSEVjr8QKPMIHOBgNVHSMEgcYwgcOAFE6F18Q2eKXozaco1QrS0ubT StBToYGnpIGkMIGhMQswCQYDVQQGEwJVSzEZMBcGA1UECBMQTm9ydGhlcm4gSXJl bGFuZDEQMA4GA1UEBxMHQmVsZmFzdDEXMBUGA1UEChMOTGF0ZW5zIFN5c3RlbXMx EzARBgNVBAsTCklUIFN1cHBvcnQxEjAQBgNVBAMTCVJvb3QgQ2VydDEjMCEGCSqG SIb3DQEJARYUaXRzdXBwb3J0QGxhdGVucy5jb22CAQAwDQYJKoZIhvcNAQEEBQAD gYEAHDZTx+czi8AroKtOKn7rituyFKtK2wM3yL/LVks0ds8osOXKcDXLDTH8CaNG va//YxER1FTWnyonX6Khk4co1ddrV3jcdaY/+3qnWCer1WlKGszZbfd9jx7vupoK nKjO/jEZE8UbVQGjyCFmjTtK4CL2PQ4wvXip2aLB7xP1zUI=</X509Certificate> </X509Data> </KeyInfo> </Signature></1> When I verify, I am aware that I will use the X509Certificate node for verifying but I also want to parse the X509Certificate separately and confirm it is the certificate I expect - the way I am doing this uses XPath and I believed I could search for //X509Certificate however this yields no results. Below is the code for the test app that I am using to retrieve the node - #include <cstdio> #include <iostream> #include <vector> #include <string> #include <libxml2/libxml/xpath.h> std::vector<std::string> parseXMLFileForConfiguration (const std::string & xmlConfigFile, const std::vector<std::string> & nodeList) { xmlDocPtr doc; xmlXPathContextPtr context; xmlXPathObjectPtr result; xmlChar *xmlValue; std::vector<std::string> valueList; // Parse XML document xmlInitParser(); doc = xmlParseFile( xmlConfigFile.c_str() ); if (NULL == doc) { xmlCleanupParser(); } context = xmlXPathNewContext(doc); if (NULL == context) { xmlFreeDoc(doc); xmlCleanupParser(); } // Search for each tag for ( std::vector<std::string>::const_iterator iter = nodeList.begin(); iter != nodeList.end(); iter++ ) { result = xmlXPathEvalExpression( reinterpret_cast<const xmlChar *>( iter->c_str() ), context); if (NULL == result) { std::cout << "Can't find the path" << std::endl; xmlXPathFreeContext(context); xmlFreeDoc(doc); xmlCleanupParser(); } if ( result->nodesetval->nodeNr != 1 ) { std::cout << std::string("Node number is") << result->nodesetval->nodeNr << std::endl; xmlXPathFreeObject(result); xmlXPathFreeContext(context); xmlFreeDoc(doc); xmlCleanupParser(); } // Get Value xmlValue = xmlNodeListGetString(doc, result->nodesetval->nodeTab[0]->children, 1); // Add to the list valueList.push_back( reinterpret_cast<const char *>(xmlValue) ); // Clean up xmlFree(xmlValue); xmlXPathFreeObject(result); } xmlXPathFreeContext(context); xmlFreeDoc(doc); xmlCleanupParser(); return valueList; } int main(int argc, char *argv[] ) { std::string xmlfile(argv[1]); std::string searchPath("//latens/[EMAIL PROTECTED]"http://www.w3.org/2000/09/xmldsig#\"]/KeyInfo/X509Data/X509Certificate";); std::vector<std::string> elementList; elementList.push_back(searchPath); std::vector<std::string> res = parseXMLFileForConfiguration (xmlfile, elementList); std::cout << "XML out - "<< res[0] << std::endl; return 1; } Any help is greatly appreciated! Thanks in advance, Brian. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFGEn94x+Pka16x9kURAr54AJ0Qb6osFq55SN6kqYLWzymzObdebACeMoK6 z+/bmc73NU3Mz1XVpxYjnck= =ooGg -----END PGP SIGNATURE----- _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
