Hi ,
I want to verify a particular certificate stored in an xml ,against a self
signed root certificate using openssl.
For this, am using libxmlsecurity [ internally has openssl ] for parsing my
signature.xml having a certificate .
1. For adding Root Certifiates to *keystore *am using *
xmlSecOpenSSLAppKeysMngrCertLoad()* of libxmlsecurity which calls openssl
apis to do so .
2. To verify this signature file against a Root Certificate[self signed] i
use libxmlsecurity which internally calls *X509_verify_cert* of openSSL.
Problem: Signature passes successfully for the first time but fails if i
send the verification request again.
*X509_verify_cert* returns 0 and the Error
Code*XMLSEC_ERRORS_R_CRYPTO_FAILED
* is printed.
NOTE: Each time I send a verification request I add the Root certificates to
keys Store.
*Error logs :*
: ERROR/(244): Optional Transform node is present
: ERROR/(244): xptrExpr = 0x2c97d8
: ERROR/(244): ERROR CODE: 7, ERROR MSG: *certificate signature failure
*: ERROR/(244): ERROR:
external/libxmlsecurity/android/../src/openssl/x509vfy.c[359]
: ERROR/(244): ERROR CODE: 7, ERROR MSG:* certificate signature failure
*: ERROR/(244): ERROR:
external/libxmlsecurity/android/../src/openssl/x509vfy.c[408]
: ERROR/(244): ERROR:
external/libxmlsecurity/android/../src/openssl/x509.c[1714]
: ERROR/(244): ERROR: external/libxmlsecurity/android/../src/keys.c[1364]
: ERROR/(244): ERROR: external/libxmlsecurity/android/../src/xmldsig.c[1034]
: ERROR/(244): ERROR: external/libxmlsecurity/android/../src/xmldsig.c[726]
: ERROR/(244): ERROR: external/libxmlsecurity/android/../src/xmldsig.c[526]
I am not able to understand why for the first time the verification is
success but the second it fails with above error code.
Any suggestions for the above problem will be helpful.
Regards,
Mayur
