Check if you find the node correctly with xmlSecFindNode Aleksey
On 5/23/12 3:08 AM, Ranier VF wrote: > Hi, can you help me? > The xml file: > <?xml version="1.0"?> > <!DOCTYPE test [<!ATTLIST infNFe Id ID #IMPLIED>]> > <NFe xmlns="http://www.portalfiscal.inf.br/nfe";><infNFe versao="2.00" > Id="NFe52120503241828000120550020000067501112798840"> > .......... > </infNFe> > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";> > <SignedInfo> > <CanonicalizationMethod > Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> > <SignatureMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> > <Reference URI="#NFe52120503241828000120550020000067501112798840"> > <Transforms> > <Transform > Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> > <Transform > Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> > </Transforms> > <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> > <DigestValue/> > </Reference> > </SignedInfo> > <SignatureValue/> > <KeyInfo> > <X509Data> > <X509Certificate/> > </X509Data> > </KeyInfo> > </Signature></NFe> > > With command line tool: > xmlsec --sign --print-debug --output nfe_sign.xml --pkcs12 sos.p12 --pwd > XXXXXXXX nfe3.xml > All Works. > > = SIGNATURE CONTEXT > == Status: succeeded > == flags: 0x00000000 > == flags2: 0x00000000 > == Key Info Read Ctx: > = KEY INFO READ CONTEXT > == flags: 0x00000000 > == flags2: 0x00000000 > == enabled key data: all > == RetrievalMethod level (cur/max): 0/1 > == TRANSFORMS CTX (status=0) > == flags: 0x00000000 > == flags2: 0x00000000 > == enabled transforms: all > === uri: NULL > === uri xpointer expr: NULL > == EncryptedKey level (cur/max): 0/1 > === KeyReq: > ==== keyId: rsa > ==== keyType: 0x00000002 > ==== keyUsage: 0x00000001 > ==== keyBitsSize: 0 > === list size: 0 > == Key Info Write Ctx: > = KEY INFO WRITE CONTEXT > == flags: 0x00000000 > == flags2: 0x00000000 > == enabled key data: all > == RetrievalMethod level (cur/max): 0/1 > == TRANSFORMS CTX (status=0) > == flags: 0x00000000 > == flags2: 0x00000000 > == enabled transforms: all > === uri: NULL > === uri xpointer expr: NULL > == EncryptedKey level (cur/max): 0/1 > === KeyReq: > ==== keyId: NULL > ==== keyType: 0x00000001 > ==== keyUsage: 0xffffffff > ==== keyBitsSize: 0 > === list size: 0 > == Signature Transform Ctx: > == TRANSFORMS CTX (status=2) > == flags: 0x00000000 > == flags2: 0x00000000 > == enabled transforms: all > === uri: NULL > === uri xpointer expr: NULL > === Transform: c14n (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315) > === Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1) > === Transform: base64 (href=http://www.w3.org/2000/09/xmldsig#base64) > === Transform: membuf-transform (href=NULL) > == Signature Method: > === Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1) > == Signature Key: > == KEY > === method: RSAKeyValue > === key type: Private > === key usage: -1 > === rsa key: size = 2048 > === list size: 1 > === X509 Data: > ==== Key Certificate: > ==== Subject Name: /C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal > do Brasil - RFB/OU=CORREIOS/OU=ARCORREIOS/OU=RFB e-CNPJ > A1/L=GOIANIA/ST=GO/CN=S O S COMERCIO DE MAQUINAS LTDA ME:01800246000100 > ==== Issuer Name: /C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do > Brasil - RFB/CN=Autoridade Certificadora do SERPRORFB > ==== Issuer Serial: 32303131303931323139303131363337 > ==== Certificate: > ==== Subject Name: /C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal > do Brasil - RFB/OU=CORREIOS/OU=ARCORREIOS/OU=RFB e-CNPJ > A1/L=GOIANIA/ST=GO/CN=S O S COMERCIO DE MAQUINAS LTDA ME:01800246000100 > ==== Issuer Name: /C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do > Brasil - RFB/CN=Autoridade Certificadora do SERPRORFB > ==== Issuer Serial: 32303131303931323139303131363337 > == SignedInfo References List: > === list size: 1 > = REFERENCE CALCULATION CONTEXT > == Status: succeeded > == URI: "#NFe52120503241828000120550020000067501112798840" > == Reference Transform Ctx: > == TRANSFORMS CTX (status=2) > == flags: 0x00000000 > == flags2: 0x00000000 > == enabled transforms: all > === uri: > === uri xpointer expr: #NFe52120503241828000120550020000067501112798840 > === Transform: xpointer (href=http://www.w3.org/2001/04/xmldsig-more/xptr) > === Transform: enveloped-signature > (href=http://www.w3.org/2000/09/xmldsig#enveloped-signature) > === Transform: c14n (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315) > === Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1) > === Transform: base64 (href=http://www.w3.org/2000/09/xmldsig#base64) > === Transform: membuf-transform (href=NULL) > == Digest Method: > === Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1) > == Result - start buffer: > hn6gfGRWNBeR+CE6QQEU01E8e6A= > == Result - end buffer > == Manifest References List: > === list size: 0 > == Result - start buffer: > c3hAUplnTN5WuP4nSW327q20JEiKjWj/p9tLY9thHw9RoUJcj/TDkG2zEZUn219i > vax5RMDmfk7T3HuBqg2xtEe6TxBRBlcECeQJz6BGj2xfbwLRqBAfR9gDEha+qpXu > 7aJvvxCBps8szV2je1ThWPXSZx274NYz5uDdnGv+h6bVBbb30aMqK+/mUlwe4/Bp > y58RKdoQC7RVQ4S3qiZ1cKGrfoPdhN73qsDjJhVub2a152n8qDwzEbM+ajUhX7Aa > BC99E3On9goJ7T0uz+RuHgLptRhrdaSQTZOl5pRgvFPKOfKeyX6svVHU3Kly+Q6t > Zx/edQpvMu8lp63lqa/u5g== > == Result - end buffer > > But the same file: nfe3.xml with: > xml_sign(const char *tmpl_file, const char *key_file, const char *password1) > { > xmlDocPtr doc = NULL; > xmlNodePtr node = NULL; > xmlSecDSigCtxPtr dsigCtx = NULL; > > /* load template */ > doc = xmlParseFile(tmpl_file); > if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)) > { > fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file); > goto done; > } > > /* find start node */ > node = xmlSecFindNode(xmlDocGetRootElement(doc), > xmlSecNodeSignature, xmlSecDSigNs); > if (node == NULL) > { > fprintf(stderr, "Error: start node not found in \"%s\"\n", > tmpl_file); > goto done; > } > > /* create signature context, we don't need keys manager in this > example */ > dsigCtx = xmlSecDSigCtxCreate(NULL); > if (dsigCtx == NULL) > { > fprintf(stderr,"Error: failed to create signature context\n"); > goto done; > } > > /* load private key with password */ > dsigCtx->signKey = xmlSecCryptoAppKeyLoad(key_file, > xmlSecKeyDataFormatPkcs12, password1, NULL, NULL); > if (dsigCtx->signKey == NULL) > { > fprintf(stderr,"Error: failed to load private pem key from > \"%s\"\n", key_file); > goto done; > } > > /* set key name to the file name, this is just an example! */ > if (xmlSecKeySetName(dsigCtx->signKey, (xmlChar *) key_file) < 0) > { > fprintf(stderr,"Error: failed to set key name for key from > \"%s\"\n", key_file); > goto done; > } > > /* sign the template */ > if (xmlSecDSigCtxSign(dsigCtx, node) < 0) <---- FAILL > { > fprintf(stderr, xmlSecErrorsGetMsg(xmlSecErrorsGetCode(0))); > goto done; > } > } > > Not work! Result: > > func=xmlSecDSigCtxProcessSignatureNode:file=..\src\xmldsig.c:line=465:ob > j=unknown:subj=dsigCtx->c14nMethod == NULL:error=100:assertion: > func=xmlSecDSigCtxSign:file=..\src\xmldsig.c:line=303:obj=unknown:subj=x > mlSecDSigCtxSigantureProcessNode:error=1:xmlsec library function failed: > > Latest dlls from http://www.zlatkovic.com/libxml.en.html > xmlsec-1.2.18 > libxml2-2.7.8 > openssl-0.8a > > Is necessary a key manager? > > Thanks for your patience. > Any help will much appreciate. > > Best regards, > > Ranier Vilela > > > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
