twitter: [android-developers] Verification of a certificate stored in an xml file , against a particular Root Certificate using libxmlsecurity and openSSL in Android.

I want to verify a particular certificate stored in an xml ,against a
[self signed] root certificate using openssl.
For this, am using libxmlsecurity [ internally has openssl ] for
parsing my signature.xml having the certificate .

1. For adding Root Certifiates to keystore am using
xmlSecOpenSSLAppKeysMngrCertLoad() of libxmlsecurity which calls
openssl apis to do so .
2. To verify this signature file against a Root Certificate i use
libxmlsecurity which internally calls X509_verify_cert of openSSL.

Problem: Signature passes successfully for the first time but fails if
i send the verification request again.
X509_verify_cert returns 0 and the Error Code
XMLSEC_ERRORS_R_CRYPTO_FAILED is printed.

NOTE: Each time I send a verification request I add the Root
certificates to keys Store.

Error logs :

: ERROR/(244): Optional Transform node is present
: ERROR/(244): xptrExpr = 0x2c97d8
: ERROR/(244): ERROR CODE: 7, ERROR MSG: certificate signature failure
: ERROR/(244): ERROR: external/libxmlsecurity/android/../src/openssl/
x509vfy.c[359]
: ERROR/(244): ERROR CODE: 7, ERROR MSG: certificate signature failure
: ERROR/(244): ERROR: external/libxmlsecurity/android/../src/openssl/
x509vfy.c[408]
: ERROR/(244): ERROR: external/libxmlsecurity/android/../src/openssl/
x509.c[1714]
: ERROR/(244): ERROR: external/libxmlsecurity/android/../src/
keys.c[1364]
: ERROR/(244): ERROR: external/libxmlsecurity/android/../src/
xmldsig.c[1034]
: ERROR/(244): ERROR: external/libxmlsecurity/android/../src/
xmldsig.c[726]
: ERROR/(244): ERROR: external/libxmlsecurity/android/../src/
xmldsig.c[526]

I am not able to understand why for the first time the verification is
success but the second it fails with above error code.
Any suggestions for the above problem will be helpful.

--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

twitter

Friday, August 5, 2011

[android-developers] Verification of a certificate stored in an xml file , against a particular Root Certificate using libxmlsecurity and openSSL in Android.

0 Comments:

Post a Comment

About Me

Previous Posts