Happening to me in the code that's previously been working for quite a while. Here's the document I pass via its <Signature> element into xmlSecDSigCtxSign() :
========= <?xml version="1.0" encoding="UTF-8" standalone="no"?> <!DOCTYPE AuthnRequest [ <!ELEMENT AuthnRequest (#PCDATA)> <!ATTLIST AuthnRequest ID ID #IMPLIED> ]> <AuthnRequest xmlns="urn:oasis:names:tc:SAML:2.0:protocol" ID="login" Destination="http://10.0.25.17:8080/cosmosDev/web/idp/SSO"; IssueInstant="2013-08-23T18:39:25Z" Version="2.0"> <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">http://10.0.26.16/ssoRequest</Issuer> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <Reference URI="#login"> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue/> </Reference> </SignedInfo> <SignatureValue/> </Signature> </AuthnRequest> ========= and here's the traceback I get: ========= func=xmlSecXPathDataExecute:file=xpath.c:line=273:obj=unknown:subj=xmlXPtrEval:error=5:libxml2 library function failed:expr=xpointer(id('login')) func=xmlSecXPathDataListExecute:file=xpath.c:line=356:obj=unknown:subj=xmlSecXPathDataExecute:error=1:xmlsec library function failed: func=xmlSecTransformXPathExecute:file=xpath.c:line=466:obj=xpointer:subj=xmlSecXPathDataExecute:error=1:xmlsec library function failed: func=xmlSecTransformDefaultPushXml:file=transforms.c:line=2395:obj=xpointer:subj=xmlSecTransformExecute:error=1:xmlsec library function failed: func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1226:obj=unknown:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed:transform=xpointer func=xmlSecTransformCtxExecute:file=transforms.c:line=1286:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigReferenceCtxProcessNode:file=xmldsig.c:line=1571:obj=unknown:subj=xmlSecTransformCtxExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignedInfoNode:file=xmldsig.c:line=804:obj=unknown:subj=xmlSecDSigReferenceCtxProcessNode:error=1:xmlsec library function failed:node=Reference func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=547:obj=unknown:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec library function failed: ========= The document has an ID attribute declared in DTD, the value has no weird characters in it yet the id() expression fails. To add insult to injury, this is in the code that's been working for a long time on different versions of Linux. The problem I am seeing now is on CentOS (2.6.32-220.23.1.el6.centos.plus.x86_64), libxmlsec1 1.2.16, libxml2 2.7.6, BUT everything has worked with this configuration (just not this particular instance) before! The only difference I can think of is that the XML document is now created by a different (newer) version of the wrapper library for libxml2 (https://github.com/polotek/libxmljs) but what could it possibly impact I don't know. Same version of the library works for me just fine on a different system. Ideas or advice very much appreciated! Thanks in advance, ...Max... _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
