Hello I am trying to sign and verifiy xml document. I use someting like
this in xml base:
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#";
Id="signature">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="">
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue></DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>
</SignatureValue>
<KeyInfo>
<X509Data>
</X509Data>
</KeyInfo>
<Object Id="object">some text</Object>
</Signature>
I have CA cert in bundle of openssl.
After this I try to sign with certificate of CA user p12 with sh
executable like this:
> PASS="pass"
>
> XML="ft.xml"
>
> OUT="signed-$XML"
>
>
> echo "Signing $XML on $OUT"
>
>
> xmlsec1 --sign --pkcs12 /home/LocalCA/coipa-fnmt.p12 --pwd $PASS --output
> $OUT $XML
>
> echo Verifying
>
>
> xmlsec1 verify $OUT
But the result is FAIL:
> Signing ft.xml on signed-ft.xml
> Verifying
> func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=229:obj=sha1:subj=unknown:error=12:invalid
> data:data and digest do not match
> FAIL
> SignedInfo References (ok/all): 0/1
> Manifests References (ok/all): 0/0
> Error: failed to verify file "signed-factura.xml"
Where is the fail?
Thanks in advance.
--
Publicidad http://www.pas-world.com
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
