- From: Cullum, Steve <steven.cullum@eds.com>
- Date: Fri, 13 May 2005 12:23:17 +0100
- To: "'w3c-ietf-xmldsig@w3.org.'" <w3c-ietf-xmldsig@w3.org>
I am trying to validate the following signed SOAP document. I have the private/public keys xxx.p12 file installed into the default windows keystore. The document was signed using the Verisign TSIK library version "tsik-1.10-windows"
Using "checksig.exe" to test my document the exception "XSECException::IDNotFoundInDOMDoc" is thrown. Because fNodeIDMap inside the fn() is 0
DOMElement *DOMDocumentImpl::getElementById(const XMLCh *elementId) const
{
if (fNodeIDMap == 0)
return 0;
}
I am using using :- XercesC_2_5, XalanC_1_7, xml-security-c-1.1.0
Can anyone help me.......please. I presume the document is incorrect in some way but I don't really know where to begin - everything looks ok according to my interpretation of the specification.
Thankyou in advance.
Steve
Here is the call stack from the debugger ::-
> xerces-c_2_5_0D.dll!xercesc_2_5::DOMDocumentImpl::getElementById(const unsigned short * elementId=0x01290eca) Line 642 C++
xsec_1_1_0D.dll!TXFMDocObject::setInput(xercesc_2_5::DOMDocument * doc=0x0128f890, const unsigned short * newFragmentId=0x01290eca) Line 108 + 0x11 C++
xsec_1_1_0D.dll!DSIGReference::getURIBaseTXFM(xercesc_2_5::DOMDocument * doc=0x0128f890, const unsigned short * URI=0x01290ec8, const XSECEnv * env=0x01275568) Line 502 C++
xsec_1_1_0D.dll!DSIGReference::calculateHash(unsigned char * toFill=0x0012f2d8, unsigned int maxToFill=0x00000080) Line 1206 + 0x2e C++
xsec_1_1_0D.dll!DSIGReference::checkHash() Line 1365 + 0x14 C++
xsec_1_1_0D.dll!DSIGReference::verifyReferenceList(DSIGReferenceList * lst=0x01288f28, safeBuffer & errStr={...}) Line 885 + 0x8 C++
xsec_1_1_0D.dll!DSIGSignedInfo::verify(safeBuffer & errStr={...}) Line 123 + 0x10 C++
xsec_1_1_0D.dll!DSIGSignature::verify() Line 1055 + 0x12 C++
checksig.exe!evaluate(int argc=0x00000002, char * * argv=0x00326c58) Line 483 + 0xe C++
checksig.exe!main(int argc=0x00000002, char * * argv=0x00326c58) Line 583 + 0xd C++
checksig.exe!mainCRTStartup() Line 398 + 0x11 C
kernel32.dll!77e8141a()
Function ...
// from debugger
newFragmentId == "wsse-c26651c0-c209-11d9-9834-e9a275261f99"
DOMElement *DOMDocumentImpl::getElementById(const XMLCh *elementId) const {
if (fNodeIDMap == 0)
return 0;
/**
** fNodeIDMap is 0
**/
DOMAttr *theAttr = fNodeIDMap->find(elementId);
if (theAttr == 0)
return 0;
return theAttr->getOwnerElement();
}
void TXFMDocObject::setInput(DOMDocument *doc, const XMLCh * newFragmentId) {
// We have a document fragment marked by an objectID string.
// Now try to find the node that the objectId belongs to
fragmentObject = doc->getElementById(newFragmentId);
/**
** --- fragmentObject always returns NULL **/
if ((fragmentObject == NULL) && (mp_env != NULL) && (mp_env->getIdByAttributeName()))
{
// It might be that no DSIG DTD was attached and that the ID is in a
// DSIG element and the application is permitting attribute name based
// Id searches
fragmentObject = findDSIGId(doc, newFragmentId, mp_env);
}
if (fragmentObject == 0)
throw XSECException(XSECException::IDNotFoundInDOMDoc);
document = doc;
fragmentId = XMLString::replicate(newFragmentId);
type = TXFMBase::DOM_NODE_DOCUMENT_FRAGMENT;
}
Signed soap xml :-------
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header><wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/><ds:Reference URI="#wsse-c26651c0-c209-11d9-9834-e9a275261f99"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>+G19/tWZSlCS894TQvdJYrVsb+4=</ds:DigestValue></ds:Reference><ds:Reference URI="#wsse-c26121a0-c209-11d9-9834-e9a275261f99"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>4B9ZewNptVgz0MpJBpaoI6b0Oks=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>MCwCFFiTYY7/B+tYizrqc!
cMZJKVQC6RyAhQUoVXtXfNUVEFZlaE3USajTEqUzQ==</ds:SignatureValue></ds:Signature></wsse:Security><wsu:Timestamp xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility"><wsu:Created wsu:Id="wsse-c26121a0-c209-11d9-9834-e9a275261f99">2005-05-11T10:45:15Z</wsu:Created></wsu:Timestamp></soapenv:Header><soapenv:Body wsu:Id="wsse-c26651c0-c209-11d9-9834-e9a275261f99" xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
<ns1:secountResponse soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns1="myserviceprovider">
<secountReturn xsi:type="xsd:string"><secount_results>
<disclaimer><.... CONTENTS REMOVED ..../></disclaimer>
<header>
<.... CONTENTS REMOVED ..../>
</header>
<results>
<.... CONTENTS REMOVED ..../>
</results>
</secount_results>
</secountReturn>
</ns1:secountResponse>
</soapenv:Body>
</soapenv:Envelope>
Received on Friday, 13 May 2005 17:18:14 UTC