This looks OK to me. Sorry, don't know what's going on. Didn't program on Windows in years.
Aleksey On 5/23/12 2:37 PM, Ranier VF wrote: > Hi, Aleksey. > Sorry for long time, but today are very busy. > > Right now I have windbg with view struct after xmlSecFindNode: > node = xmlSecFindNode(xmlDocGetRootElement(doc), > xmlSecNodeSignature, xmlSecDSigNs); > node->name = "Signature" > node->next->name = "SignedInfo" > node->next->next->name = "Text" > node->next->ns->type = XML_NAMESPACE_DECL (0n18) > node->next->ns->href = "http://www.w3.org/2000/09/xmldsig#"; > node->next->doc->name = "" > node->nsDef->href = "http://www.w3.org/2000/09/xmldsig#"; > node->doc->type = XML_DOCUMENT_NODE (0n9) > node->doc->name = "" > > I not kown what node correctly, please you can tell me? > Exist other field in struct node relevant? > > Best regards, > > Ranier > >> Date: Wed, 23 May 2012 06:14:41 -0700 >> From: [email protected] >> To: [email protected] >> CC: [email protected] >> Subject: Re: [xmlsec] dsigCtx->c14nMethod >> >> Check if you find the node correctly with xmlSecFindNode >> >> Aleksey >> >> On 5/23/12 3:08 AM, Ranier VF wrote: >> > Hi, can you help me? >> > The xml file: >> > <?xml version="1.0"?> >> > <!DOCTYPE test [<!ATTLIST infNFe Id ID #IMPLIED>]> >> > <NFe xmlns="http://www.portalfiscal.inf.br/nfe";><infNFe versao="2.00" >> > Id="NFe52120503241828000120550020000067501112798840"> >> > .......... >> > </infNFe> >> > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";> >> > <SignedInfo> >> > <CanonicalizationMethod >> > Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> >> > <SignatureMethod >> > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> >> > <Reference URI="#NFe52120503241828000120550020000067501112798840"> >> > <Transforms> >> > <Transform >> > Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> >> > <Transform >> > Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> >> > </Transforms> >> > <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> >> > <DigestValue/> >> > </Reference> >> > </SignedInfo> >> > <SignatureValue/> >> > <KeyInfo> >> > <X509Data> >> > <X509Certificate/> >> > </X509Data> >> > </KeyInfo> >> > </Signature></NFe> >> > >> > With command line tool: >> > xmlsec --sign --print-debug --output nfe_sign.xml --pkcs12 sos.p12 --pwd >> > XXXXXXXX nfe3.xml >> > All Works. >> > >> > = SIGNATURE CONTEXT >> > == Status: succeeded >> > == flags: 0x00000000 >> > == flags2: 0x00000000 >> > == Key Info Read Ctx: >> > = KEY INFO READ CONTEXT >> > == flags: 0x00000000 >> > == flags2: 0x00000000 >> > == enabled key data: all >> > == RetrievalMethod level (cur/max): 0/1 >> > == TRANSFORMS CTX (status=0) >> > == flags: 0x00000000 >> > == flags2: 0x00000000 >> > == enabled transforms: all >> > === uri: NULL >> > === uri xpointer expr: NULL >> > == EncryptedKey level (cur/max): 0/1 >> > === KeyReq: >> > ==== keyId: rsa >> > ==== keyType: 0x00000002 >> > ==== keyUsage: 0x00000001 >> > ==== keyBitsSize: 0 >> > === list size: 0 >> > == Key Info Write Ctx: >> > = KEY INFO WRITE CONTEXT >> > == flags: 0x00000000 >> > == flags2: 0x00000000 >> > == enabled key data: all >> > == RetrievalMethod level (cur/max): 0/1 >> > == TRANSFORMS CTX (status=0) >> > == flags: 0x00000000 >> > == flags2: 0x00000000 >> > == enabled transforms: all >> > === uri: NULL >> > === uri xpointer expr: NULL >> > == EncryptedKey level (cur/max): 0/1 >> > === KeyReq: >> > ==== keyId: NULL >> > ==== keyType: 0x00000001 >> > ==== keyUsage: 0xffffffff >> > ==== keyBitsSize: 0 >> > === list size: 0 >> > == Signature Transform Ctx: >> > == TRANSFORMS CTX (status=2) >> > == flags: 0x00000000 >> > == flags2: 0x00000000 >> > == enabled transforms: all >> > === uri: NULL >> > === uri xpointer expr: NULL >> > === Transform: c14n > (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315) >> > === Transform: rsa-sha1 > (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1) >> > === Transform: base64 (href=http://www.w3.org/2000/09/xmldsig#base64) >> > === Transform: membuf-transform (href=NULL) >> > == Signature Method: >> > === Transform: rsa-sha1 > (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1) >> > == Signature Key: >> > == KEY >> > === method: RSAKeyValue >> > === key type: Private >> > === key usage: -1 >> > === rsa key: size = 2048 >> > === list size: 1 >> > === X509 Data: >> > ==== Key Certificate: >> > ==== Subject Name: /C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal >> > do Brasil - RFB/OU=CORREIOS/OU=ARCORREIOS/OU=RFB e-CNPJ >> > A1/L=GOIANIA/ST=GO/CN=S O S COMERCIO DE MAQUINAS LTDA ME:01800246000100 >> > ==== Issuer Name: /C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do >> > Brasil - RFB/CN=Autoridade Certificadora do SERPRORFB >> > ==== Issuer Serial: 32303131303931323139303131363337 >> > ==== Certificate: >> > ==== Subject Name: /C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal >> > do Brasil - RFB/OU=CORREIOS/OU=ARCORREIOS/OU=RFB e-CNPJ >> > A1/L=GOIANIA/ST=GO/CN=S O S COMERCIO DE MAQUINAS LTDA ME:01800246000100 >> > ==== Issuer Name: /C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do >> > Brasil - RFB/CN=Autoridade Certificadora do SERPRORFB >> > ==== Issuer Serial: 32303131303931323139303131363337 >> > == SignedInfo References List: >> > === list size: 1 >> > = REFERENCE CALCULATION CONTEXT >> > == Status: succeeded >> > == URI: "#NFe52120503241828000120550020000067501112798840" >> > == Reference Transform Ctx: >> > == TRANSFORMS CTX (status=2) >> > == flags: 0x00000000 >> > == flags2: 0x00000000 >> > == enabled transforms: all >> > === uri: >> > === uri xpointer expr: #NFe52120503241828000120550020000067501112798840 >> > === Transform: xpointer > (href=http://www.w3.org/2001/04/xmldsig-more/xptr) >> > === Transform: enveloped-signature >> > (href=http://www.w3.org/2000/09/xmldsig#enveloped-signature) >> > === Transform: c14n > (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315) >> > === Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1) >> > === Transform: base64 (href=http://www.w3.org/2000/09/xmldsig#base64) >> > === Transform: membuf-transform (href=NULL) >> > == Digest Method: >> > === Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1) >> > == Result - start buffer: >> > hn6gfGRWNBeR+CE6QQEU01E8e6A= >> > == Result - end buffer >> > == Manifest References List: >> > === list size: 0 >> > == Result - start buffer: >> > c3hAUplnTN5WuP4nSW327q20JEiKjWj/p9tLY9thHw9RoUJcj/TDkG2zEZUn219i >> > vax5RMDmfk7T3HuBqg2xtEe6TxBRBlcECeQJz6BGj2xfbwLRqBAfR9gDEha+qpXu >> > 7aJvvxCBps8szV2je1ThWPXSZx274NYz5uDdnGv+h6bVBbb30aMqK+/mUlwe4/Bp >> > y58RKdoQC7RVQ4S3qiZ1cKGrfoPdhN73qsDjJhVub2a152n8qDwzEbM+ajUhX7Aa >> > BC99E3On9goJ7T0uz+RuHgLptRhrdaSQTZOl5pRgvFPKOfKeyX6svVHU3Kly+Q6t >> > Zx/edQpvMu8lp63lqa/u5g== >> > == Result - end buffer >> > >> > But the same file: nfe3.xml with: >> > xml_sign(const char *tmpl_file, const char *key_file, const char > *password1) >> > { >> > xmlDocPtr doc = NULL; >> > xmlNodePtr node = NULL; >> > xmlSecDSigCtxPtr dsigCtx = NULL; >> > >> > /* load template */ >> > doc = xmlParseFile(tmpl_file); >> > if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)) >> > { >> > fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file); >> > goto done; >> > } >> > >> > /* find start node */ >> > node = xmlSecFindNode(xmlDocGetRootElement(doc), >> > xmlSecNodeSignature, xmlSecDSigNs); >> > if (node == NULL) >> > { >> > fprintf(stderr, "Error: start node not found in \"%s\"\n", >> > tmpl_file); >> > goto done; >> > } >> > >> > /* create signature context, we don't need keys manager in this >> > example */ >> > dsigCtx = xmlSecDSigCtxCreate(NULL); >> > if (dsigCtx == NULL) >> > { >> > fprintf(stderr,"Error: failed to create signature context\n"); >> > goto done; >> > } >> > >> > /* load private key with password */ >> > dsigCtx->signKey = xmlSecCryptoAppKeyLoad(key_file, >> > xmlSecKeyDataFormatPkcs12, password1, NULL, NULL); >> > if (dsigCtx->signKey == NULL) >> > { >> > fprintf(stderr,"Error: failed to load private pem key from >> > \"%s\"\n", key_file); >> > goto done; >> > } >> > >> > /* set key name to the file name, this is just an example! */ >> > if (xmlSecKeySetName(dsigCtx->signKey, (xmlChar *) key_file) < 0) >> > { >> > fprintf(stderr,"Error: failed to set key name for key from >> > \"%s\"\n", key_file); >> > goto done; >> > } >> > >> > /* sign the template */ >> > if (xmlSecDSigCtxSign(dsigCtx, node) < 0) <---- FAILL >> > { >> > fprintf(stderr, xmlSecErrorsGetMsg(xmlSecErrorsGetCode(0))); >> > goto done; >> > } >> > } >> > >> > Not work! Result: >> > >> > func=xmlSecDSigCtxProcessSignatureNode:file=..\src\xmldsig.c:line=465:ob >> > j=unknown:subj=dsigCtx->c14nMethod == NULL:error=100:assertion: >> > func=xmlSecDSigCtxSign:file=..\src\xmldsig.c:line=303:obj=unknown:subj=x >> > mlSecDSigCtxSigantureProcessNode:error=1:xmlsec library function failed: >> > >> > Latest dlls from http://www.zlatkovic.com/libxml.en.html >> > xmlsec-1.2.18 >> > libxml2-2.7.8 >> > openssl-0.8a >> > >> > Is necessary a key manager? >> > >> > Thanks for your patience. >> > Any help will much appreciate. >> > >> > Best regards, >> > >> > Ranier Vilela >> > >> > >> > _______________________________________________ >> > xmlsec mailing list >> > [email protected] >> > http://www.aleksey.com/mailman/listinfo/xmlsec > > > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
