XMLデジタル署名検証 - java=OK, .net=OKそう, perl=NG - end0tknrのkipple - web写経開発
↑このエントリの関連です
http://www.aleksey.com/xmlsec/
XML Security Libraryのコマンドラインツールのワナは、www.aleksey.com のドキュメントと異なり、buildすると、/usr/local/bin/xmlsec でなく /usr/local/bin/xmlsec1 でinstallされること。
それ以外は何ら問題なし。
バリエーション=OKの場合
$ /usr/local/bin/xmlsec1 --verify signed.xml OK SignedInfo References (ok/all): 1/1 Manifests References (ok/all): 0/0
バリエーション=NGの場合
$ /usr/local/bin/xmlsec1 --verify signed.xml func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=229:obj=sha1:subj=unknown:error=12:invalid data:data and digest do not match FAIL SignedInfo References (ok/all): 0/1 Manifests References (ok/all): 0/0 Error: failed to verify file "signed.xml"
その他参考
$ /usr/local/bin/xmlsec1 --help Usage: xmlsec <command> [<options>] [<files>] xmlsec is a command line tool for signing, verifying, encrypting and decrypting XML documents. The allowed <command> values are: --help display this help information and exit --help-all display help information for all commands/options and exit --help-<cmd> display help information for command <cmd> and exit --version print version information and exit --keys keys XML file manipulation --sign sign data and output XML document --verify verify signed document --sign-tmpl create and sign dynamicaly generated signature template --encrypt encrypt data and output XML document --decrypt decrypt data from XML document Report bugs to http://www.aleksey.com/xmlsec/bugs.html Written by Aleksey Sanin <aleksey@aleksey.com>. Copyright (C) 2002-2003 Aleksey Sanin. This is free software: see the source for copying information.
