Include UBL extension in my signed document #73
Comments
Example// TypeScript
import OsslCrypto from "node-webcrypto-ossl";
import * as xades from "xadesjs";
import * as xmlCore from "xml-core";
const RSA_ALG: RsaHashedKeyGenParams = {
name: "RSASSA-PKCS1-v1_5",
hash: "SHA-256",
publicExponent: new Uint8Array([1, 0, 1]),
modulusLength: 2048,
}
const XML_DOC = `
<?xml version="1.0" encoding="utf-8"?>
<root>
<ext:Extensions>
<ext:Extension>
<ext:Extensioncontent id="xades-signature">
</ext:Extensioncontent>
</ext:Extension>
</ext:Extensions>
<content>....</content>
</root>
`
async function sign(xml: Document) {
var signedXml = new xades.SignedXml();
const crypto = xades.Application.crypto;
const keys = await crypto.subtle.generateKey(RSA_ALG, false, ["sign", "verify"]);
const signature = await signedXml.Sign( // Signing document
RSA_ALG, // algorithm
keys.privateKey, // key
xml, // document
{ // options
keyValue: keys.publicKey,
references: [
{ hash: "SHA-256", transforms: ["enveloped"] }
],
});
// add Id to Signature
const signatureXml = signature.GetXml()!;
signatureXml.setAttribute("Id", "xades-1234567890");
// Add signature to document
const xmlEl = xml.getElementById("xades-signature");
if (!xmlEl) {
throw new Error("Cannot get XML element by Id `xades-signature`");
}
xmlEl.appendChild(signature.GetXml()!);
return xml;
}
async function verify(xml: Document) {
var signedXml = new xades.SignedXml(xml);
signedXml.LoadXml(xml.getElementsByTagName("ds:Signature")[0]);
const ok = await signedXml.Verify();
return ok;
}
async function main() {
// Set crypto engine
xades.Application.setEngine("OpenSSL", new OsslCrypto() as any);
var xmlDoc = xades.Parse(XML_DOC);
console.log(`--------------XML--------------\n${XML_DOC}\n--------------------------------\n`);
const signedXml = await sign(xmlDoc);
console.log(`----------XML Signature----------\n${xmlCore.Stringify(signedXml)}\n--------------------------------\n`);
console.log("Signature:", (await verify(signedXml)) ? "Valid" : "Invalid");
}
main().catch((err) => { console.error(err); });Output |
|
Hello @microshine, sorry bother, but I cand add this xsd: xmlns:xades141="http://uri.etsi.org/01903/v1.4.1# |
|
You can add this code after const props = signatureXml.getElementsByTagName("xades:QualifyingProperties");
props[0].setAttribute("xmlns:xades141","http://uri.etsi.org/01903/v1.4.1#"); |
|
After this line? signedXml.XmlSignature.KeyInfo.Id = keyInfoId; |
|
After // add Id to Signature
const signatureXml = signature.GetXml()!;
signatureXml.setAttribute("Id", "xades-1234567890"); |
|
I already placed it after the signature, but it gets damaged. There is no way to place it before the signature in the CreateQualifyingProperties method? |
|
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi, I use xadesjs to generate signed documents, when I add the signature to the document like in the example
xml.documentElement.appendChild(signature.GetXml());, theverify()function works fine and the signature is added in the root tag, for example:But my documents have UBL format so I need to include the signature in an UBL Extension tag, for example:
But when the signature is added in that way, the
verify()function shows the next error message:message: 'XMLJS0013: Cryptographic error: Invalid digest for uri '#xades-id-fea3a1cabb60'. Calculated digest is rZyuhWUmuiAHQLuQSX9tl8PEcPFrjcpJ2Iz2nwDKcZo= but the xml to validate supplies digest nIflO2RU6U8+d8Y+wrKAFTU9cE9pjcwbaFPp5879RxA='
It seems the original XML is modified and the digest is different. How can I add the signature in a UBL extension tag so that the
verify()function works fine?I really appreciate your help. Thanks in advance.
The text was updated successfully, but these errors were encountered: