Hello Aleksey,
I have some problem with signing by xmlsec1.
I sign line 4 from attached xml.
If I have tag without namespace, the signing is OK :
<Action Id="action">i-OTM/SubscriberInquiryForPrePaid</Action>
command line is:
--sign --trusted-pem Base64Certif.cer --hmackey hmac.key --id-attr:Id Action
template2.xml
but I have error, if I added namespase:
<wsa:Action Id="action">i-OTM/SubscriberInquiryForPrePaid</wsa:Action>
command line is:
--sign --trusted-pem Base64Certif.cer --hmackey hmac.key --id-attr:Id
wsa:Action template2.xml
errors:
$ xmlsec1 --sign --trusted-pem Base64Certif.cer --hmackey hmac.key
--id-attr:Id wsa:Action template2.xml
func=xmlSecXPathDataExecute:file=xpath.c:line=273:obj=unknown:subj=xmlXPtrEval:error=5:libxml2
library function failed:expr=xpointer(id('action'))
func=xmlSecXPathDataListExecute:file=xpath.c:line=356:obj=unknown:subj=xmlSecXPathDataExecute:error=1:xmlsec
library function failed:
func=xmlSecTransformXPathExecute:file=xpath.c:line=466:obj=xpointer:subj=xmlSecXPathDataExecute:error=1:xmlsec
library function failed:
func=xmlSecTransformDefaultPushXml:file=transforms.c:line=2371:obj=xpointer:subj=xmlSecTransformExecute:error=1:xmlsec
library function failed:
func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1207:obj=unknown:subj=xmlSecTransformPushXml:error=1:xmlsec
library function failed:transform=xpointer
func=xmlSecTransformCtxExecute:file=transforms.c:line=1267:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec
library function failed:
func=xmlSecDSigReferenceCtxProcessNode:file=xmldsig.c:line=1568:obj=unknown:subj=xmlSecTransformCtxExecute:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxProcessSignedInfoNode:file=xmldsig.c:line=804:obj=unknown:subj=xmlSecDSigReferenceCtxProcessNode:error=1:xmlsec
library function failed:node=Reference
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=547:obj=unknown:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxSign:file=xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed:
Error: signature failed
Error: failed to sign file "template2.xml"
Can I sign namespace tag ?
How I can next tag (The tag have namespace and tag property have namespace)?
<wsa:Action wsu:Id="action">i-OTM/SubscriberInquiryForPrePaid</wsa:Action>
Thanks.
Alexandre
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"; xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<soap:Header>
<wsa:Action Id="action">i-OTM/SubscriberInquiryForPrePaid</wsa:Action>
<wsa:MessageID wsu:Id="Id-a91dec8b-9d69-4913-89ef-9ba8f6c8363e">uuid:ecaab6ad-dc6d-4516-a1c0-558a41f84432</wsa:MessageID>
<wsa:ReplyTo wsu:Id="Id-a921d07d-f4f2-4804-85c8-d05dc083cb35">
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To wsu:Id="Id-edfc0b5b-895f-4fc2-817f-561655714031">http://192.168.0.5/gate/osmpgatet.aspx</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp wsu:Id="Timestamp-83dc8c6a-4836-4cab-ad13-7ccc83a8aefa">
<wsu:Created>2008-09-26T13:33:33Z</wsu:Created>
<wsu:Expires>2008-09-26T13:58:33Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="SecurityToken-a30f9a81-98d0-48be-8f2b-a5d5f78fbafd">
<wsse:Username>2309</wsse:Username>
<wsse:Nonce>MTIzNDEyMzQ=</wsse:Nonce>
<wsu:Created>2008-09-26T13:33:33Z</wsu:Created>
</wsse:UsernameToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
<SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"; />
<Reference URI="#action">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<DigestValue/>
</Reference>
<!--
<Reference URI="#Id-a91dec8b-9d69-4913-89ef-9ba8f6c8363e">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<DigestValue/> </Reference>
<Reference URI="#Id-a921d07d-f4f2-4804-85c8-d05dc083cb35">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<DigestValue/> </Reference>
<Reference URI="#Id-edfc0b5b-895f-4fc2-817f-561655714031">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<DigestValue/> </Reference>
<Reference URI="#Timestamp-83dc8c6a-4836-4cab-ad13-7ccc83a8aefa">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<DigestValue/> </Reference>
<Reference URI="#Id-33f2ca9c-c5fb-47a0-b0d9-528b90133e1a">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<DigestValue/>
</Reference>
-->
</SignedInfo>
<SignatureValue/>
<KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference URI="#SecurityToken-a30f9a81-98d0-48be-8f2b-a5d5f78fbafd" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken"; />
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soap:Body wsu:Id="Id-33f2ca9c-c5fb-47a0-b0d9-528b90133e1a">
<OTMRequest>
<OperationCode>828</OperationCode>
<InstitutionCode>1995</InstitutionCode>
<Stan>1234</Stan>
<OperationType>1</OperationType>
<OperationSource>4</OperationSource>
<OrginatorCityId>1</OrginatorCityId>
<OrginatorBranchId>69824371</OrginatorBranchId>
<OrginatorTellerId>2342</OrginatorTellerId>
<OrginatorUserId>hQf34Nth</OrginatorUserId>
<AcceptanceDate>2008-11-11 11:11:11</AcceptanceDate>
<UtilityCompanyCode>79</UtilityCompanyCode>
<OrginatorUserPassword>48923561</OrginatorUserPassword>
<TransactionDate>2008-11-11 11:11:11</TransactionDate>
<AggregatorCode>46824563</AggregatorCode>
<RefTransactionDate>2008-11-11 11:11:11</RefTransactionDate>
<ServiceAccessInfo>666655555666</ServiceAccessInfo>
</OTMRequest>
</soap:Body>
</soap:Envelope> _______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
