Closed hafedh-trimeche closed 2 months ago
I have no idea what is the problem here. Please provide repro example preferably with xmlsec command line tool.
xmlsec --sign --verbose --node-xpath / --output c:\1.3.4.xml --pkcs12 D:\Developer\Tools\SSL\Certificates\Actalis\Seller\seller@strong-data.com.pfx --pwd 123456 D:\Developer\lib\LibXML\Res\demos\xmlsec-test\Min.XML
Error: failed to find default node with name="Signature" Error: failed to load template "D:\Developer\lib\LibXML\Res\demos\xmlsec-test\Min.XML" Signature status: ERROR Error: failed to sign file Min.XML.txt
Error: failed to load template "D:\Developer\lib\LibXML\Res\demos\xmlsec-test\Min.XML"
that's your answer :)
The file exists and here is it's content:
<?xml version="1.0" encoding="UTF-8"?>
<!--
XML Security Library example: Signed file (sign1 example).
-->
<Envelope xmlns="urn:envelope">
<Data>
Hello, World!
</Data>
</Envelope>
It seams that xmlsec1 is looking for the node Signature whereas xml document would be signed at root level (entirely):
Error: failed to find default node with name="Signature"
Well, sign1 example includes Signature node. So something is not correct with this "Min.XML" file. If you can reproduce the problem with xmlsec command line tool then I will be happy to take a look. But it's impossible to debug files in your environment.
Hello, Using xmlSec command lines generated these errors: Hello.xml:
xmlsec --sign --verbose --node-xpath / --output c:\1.3.4.xml --pkcs12 D:\Developer\Tools\SSL\Certificates\Actalis\Seller\seller@strong-data.com.pfx --pwd 123456 D:\Developer\lib\LibXML\Res\Hello.xml
Error: failed to find default node with name="Signature"
Error: failed to load template "D:\Developer\lib\LibXML\Res\Hello.xml"
Signature status: ERROR
Error: failed to sign file "D:\Developer\lib\LibXML\Res\Hello.xml"
sign1-tmpl.xml:
xmlsec --sign --verbose --node-xpath / --output c:\1.3.4.xml --pkcs12 D:\Developer\Tools\SSL\Certificates\Actalis\Seller\seller@strong-data.com.pfx --pwd 123456 D:\Developer\lib\LibXML\Res\sign1-tmpl.xml
func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1346:obj=unknown:subj=unknown:error=45:key is not found:details=NULL
func=xmlSecDSigCtxProcessKeyInfoNode:file=..\src\xmldsig.c:line=822:obj=unknown:subj=unknown:error=45:key is not found:details=NULL
func=xmlSecDSigCtxProcessSignatureNode:file=..\src\xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed:
func=xmlSecDSigCtxSign:file=..\src\xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed:
Signature status: FAILED
Failure reason: KEY-NOT-FOUND
Error: failed to sign file "D:\Developer\lib\LibXML\Res\sign1-tmpl.xml"
great, so Hello.xml doesn't have namespaces in the Signature node, nor it has any other "template" information required to create the signature (see the sign1-tmpl for example). This is not new for 1.3.4 and you need to fix Hello.xml
Hi, I would sign a raw xml (no Signature node) file not a template one!
By code, I create the Signature Node by hand using: xmlSecTmplSignatureAddReference
Best regards.
Unfortunately, I cannot debug your code. The example above has a problem with a template as I explained.
Hello,
Please note that using ETSI conformance checker and version 1.3.4 this error reported:
Report on errors, warnings and exceptions
This page shows the errors, warnings and exceptions generated by the XAdES Baseline Profile Conformance Checker Tool.
Report on Errors, Warnings and Exceptions -- 67. Error | Tool | Location-{CodeTest}:UnsignedSignatureProperties/SignatureTimeStamp[1]/EncapsulatedTimeStamp[1]-{CheckIfMssgImpIsAsInSpec} Error. The message imprint found in the time-stamp token is: de47c9b27eb8d300dbb5f2c353e632c393262cf06340c4fa7f1b40c4cbd36f90. The message imprint computed is: 0084ef4de9078762a9dca386229c6cb67922eae89896741290c716361b247cef | |
The document generated with the version 1.3.3 passed the test. xmlsec-countersigned-1-3-3.xml.txt xmlsec-countersigned-1-3-4.xml.txt
Best regards.