Hello Aleksey, Thanks a lot for your quick response. I compiled the code with the latest changes and I still have the same error. The error appears only when RSA keys are used. When I generated a DSA key and tried to sign everything worked fine.
See the new error output below: ../xmlsec1 sign --privkey-pem rsakey.pem --output signrsa.xml sign1-tmpl.xml func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=498:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: 101101678: digital envelope routines: EVP_SignFinal wrong public key type func=xmlSecTransformDefaultPushBin:file=transforms.c:line=2235:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2919:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=279:obj=c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed: func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1264:obj=unknown:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed:transform=c14n func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=647:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=323:obj=unknown:subj=xmlSecDSigCtxSignatureProcessNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "sign1-tmpl.xml" I cannot understand what the "wrong public key type" means. But when I generate a new RSA key with openssl and try that I still get the same error. Regards, Georgia -----Original Message----- From: Aleksey Sanin [mailto:[email protected]] Sent: Wednesday, November 09, 2016 4:11 AM To: Alexopoulou, Georgia; [email protected] Subject: Re: [xmlsec] xmlsec1 sign problem with openssl 1.0.2j I modified the OpenSSL error reporting to print out more details (https://github.com/lsh123/xmlsec/pull/57). It's merged into master and this should help you with debugging. Best, Aleksey On 11/8/16 11:14 AM, Aleksey Sanin wrote: > As a wild guess, I would suggest to check that you are loading correct > versions of all the shared library. I'll add better reporting for > openssl errors in a day or two -- this will help with debugging it > further. > > Aleksey > > On 11/8/16 4:57 AM, Alexopoulou, Georgia wrote: >> Hello to all, >> >> >> >> I have cross compiled libxmlsec1 for powerpc arch with openssl 1.0.2j >> in order to use it in a project. >> >> I just run the examples in the example folder and I encountered the >> following errors: >> >> >> >> ../xmlsec1 sign --crypto openssl --privkey rsakey.pem --output >> signtest.xml sign1-tmpl.xml >> >> func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=522: >> obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto >> library function failed: >> >> func=xmlSecTransformDefaultPushBin:file=transforms.c:line=2235:obj=rs >> a-sha1:subj=xmlSecTransformExecute:error=1:xmlsec >> library function failed:final=1 >> >> func=xmlSecTransformIOBufferClose:file=transforms.c:line=2919:obj=rsa >> -sha1:subj=xmlSecTransformPushBin:error=1:xmlsec >> library function failed: >> >> func=xmlSecTransformC14NPushXml:file=c14n.c:line=279:obj=c14n:subj=xm >> lOutputBufferClose:error=5:libxml2 >> library function failed: >> >> func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1264:obj=unk >> nown:subj=xmlSecTransformPushXml:error=1:xmlsec >> library function failed:transform=c14n >> >> func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=647:obj=un >> known:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec >> library function failed: >> >> func=xmlSecDSigCtxSign:file=xmldsig.c:line=323:obj=unknown:subj=xmlSe >> cDSigCtxSignatureProcessNode:error=1:xmlsec >> library function failed: >> >> Error: signature failed >> >> Error: failed to sign file "sign1-tmpl.xml" >> >> >> >> Info: >> >> XMLSec version number: 1.2.23 >> >> The platform/compiler you are using: linux kernel 3.12.19-rt30 >> powerpc >> >> The exact xmlsec utility command line: see above. Command at stated >> in example README >> >> All the files mentioned in this command line: see above. I used the >> files in example folder >> >> The xmlsec utility output: See above >> >> >> >> >> >> Kind regards, >> >> Georgia >> >> >> >> _______________________________________________ >> xmlsec mailing list >> [email protected] >> http://www.aleksey.com/mailman/listinfo/xmlsec >> > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec > _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
