Hi, I have a piece of XML I would like to sign.
The commands I use are: xmlsec1 sign --privkey-pem key.pem --output signedfile.xml test.xml xmlsec1 --verify signedfile.xml The XML template (test.xml) to be signed is: <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"; Id="Signature001"> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315";></dsig:Canonical izationMethod> <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></dsig:SignatureMetho d> <dsig:Reference URI="#KeyInfo001"> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></dsig:DigestMethod> <dsig:DigestValue></dsig:DigestValue> </dsig:Reference> <dsig:Reference URI="#Resource1"> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></dsig:DigestMethod> <dsig:DigestValue></dsig:DigestValue> </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue></dsig:SignatureValue> <dsig:KeyInfo Id="KeyInfo001"> <dsig:KeyValue></dsig:KeyValue> </dsig:KeyInfo> <dsig:Object Id="Resource1">hello world</dsig:Object> </dsig:Signature> The verification outputs: func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=229:obj=sha1:subj=unkn own:error=12:invalid data:data and digest do not match FAIL SignedInfo References (ok/all): 0/1 Manifests References (ok/all): 0/0 Error: failed to verify file "signedfile.xml" I don't understand what I'm doing wrong. It's something with the C14N I suppose, but what to do about it? Can anyone give me a hint? Thanks, Peter
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
