EldoS | Feel safer!

Software components for data protection, secure storage and transfer

no -<xades:SigningCertificate> item

Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
#35027
Posted: 11/17/2015 07:12:44
by Filippo Menditto (Standard support level)
Joined: 11/13/2015
Posts: 5

I'm not be able to have <xades:SigningCertificate> data in -<ds:Object>. Here the code to generate the sign:

X509KeyData.IncludeDataParams = X509KeyData.IncludeDataParams Or SBXMLSec.Unit.xkidX509Certificate
X509KeyData.IncludeDataParams = (X509KeyData.IncludeDataParams And (Not SBXMLSec.Unit.xkidX509IssuerSerial))
X509KeyData.IncludeDataParams = (X509KeyData.IncludeDataParams And (Not SBXMLSec.Unit.xkidX509SubjectName))
X509KeyData.IncludeKeyValue = False

Signer = New TElXMLSigner

Signer.SignatureType = SBXMLSec.Unit.xstEnveloped
Signer.CanonicalizationMethod = SBXMLDefs.Unit.xcmExclCanon
Signer.SignatureMethodType = SBXMLSec.Unit.xmtSig
Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA1
Signer.MACMethod = SBXMLSec.Unit.xmmHMAC_SHA1
Signer.IncludeKey = True

Dim transform As TElXMLXPathFilter2Transform = New TElXMLXPathFilter2Transform

Dim item As TElXMLXPathFilterItem = New TElXMLXPathFilterItem
item.XPath = "/descendant::ds:Signature"
item.Filter = SBXMLTransform.Unit.xfSubtract
transform.Add(item)

Ref = New TElXMLReference
Ref.URINode = FXMLDocument.LastChild
Ref.URI = ""
Ref.ID = "reference-document"
Ref.DigestMethod = SBXMLSec.Unit.xdmSHA1
Ref.TransformChain.Add(New SBXMLTransform.TElXMLEnvelopedSignatureTransform())
Refs.Add(Ref)

Signer.References = Refs
Signer.KeyData = X509KeyData
Signer.UpdateReferencesDigest()


XAdESSigner = New TElXAdESSigner
XAdESSigner.XAdESVersion = SBXMLAdES.Unit.XAdES_v1_3_2
XAdESSigner.SigningTime = DateTime.Now.ToUniversalTime()
XAdESSigner.Generate(SBXMLAdES.Unit.XAdES_v1_3_2)
XAdESSigner.QualifyingProperties.Target = "#Signature1"
XAdESSigner.QualifyingProperties.XAdESPrefix = "xades"
XAdESSigner.QualifyingProperties.SignedProperties.ID = "SignedProperties_1"
XAdESSigner.QualifyingProperties.SignedProperties.SignedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = False
XAdESSigner.SigningCertificatesDigestMethod = SBXMLSec.Unit.xdmSHA1

Signer.XAdESProcessor = XAdESSigner
Signer.GenerateSignature()

Signer.Signature.ID = "Signature1"
Signer.Signature.SignatureValue.ID = "SignatureValue1"
Signer.Signature.SignedInfo.SigPropRef.DigestMethod = SBXMLSec.Unit.xdmSHA1
Signer.Signature.SignedInfo.SigPropRef.ID = "reference-signedpropeties"

SigNode = FXMLDocument.LastChild
If TypeOf SigNode Is TElXMLDOMDocument Then
SigNode = CType(SigNode, TElXMLDOMDocument).DocumentElement
End If
Try
Signer.Save(SigNode)
Catch Ex As Exception
MessageBox.Show(String.Format("Failed to sign data and to save the signature: ({0})", Ex.Message), "", MessageBoxButtons.OK, MessageBoxIcon.Error)
Return
End Try
#35028
Posted: 11/17/2015 07:28:59
by Dmytro Bogatskyy (EldoS Corp.)

Thank you for contacting us,

Quote
I'm not be able to have <xades:SigningCertificate> data in -<ds:Object>. Here the code to generate the sign:

You need to initialize TElXAdESSigner.SigningCertificates property and add the signer certificate there. See: https://www.eldos.com/documentation/sb...cates.html
For example (C# code):
Code
XAdESSigner.SigningCertificates = new TElMemoryCertStorage();
XAdESSigner.OwnSigningCertificates = true;
XAdESSigner.SigningCertificates.Add(Certificate);


P.S. In general analysis of customer-submitted code is an option of Premium support level and which is not normally provided within Basic support. Premium Support level is available with the purchased license (for 3 or 12 months) and also it can be purchased separately on https://www.eldos.com/support/calc.php

P.P.S. On a side note it would help a lot if you used CODE button located above the text entry box (alternatively you can write [ CODE ] and [ /CODE ] tags by hand) to mark the beginning and the end of the code blocks in your messages. This would enable syntax highlighting and line numbering on the code and make it easier for analysis.
#35030
Posted: 11/17/2015 08:54:30
by Filippo Menditto (Standard support level)
Joined: 11/13/2015
Posts: 5

Thanks,
but the SigningCertificates in -<ds:Object> is not always present for xxades sign ? I see many example in this forum and thay don't use che code you show me. Maybe is an option ?
#35031
Posted: 11/17/2015 09:33:38
by Dmytro Bogatskyy (EldoS Corp.)

Hi,

Quote
but the SigningCertificates in -<ds:Object> is not always present for xxades sign ? I see many example in this forum and thay don't use che code you show me. Maybe is an option ?

SigningCertificates is optional element, but usually it is required.

Reply

Statistics

Topic viewed 935 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!