EldoS | Feel safer!

Software components for data protection, secure storage and transfer

CounterSignature Reference

Posted: 03/10/2008 12:59:23
by Nuno Guedes (Basic support level)
Joined: 08/13/2007
Posts: 87


i have a problem countersigning a file.

My application sign the file, on client side, and the generated file is sended to a Web Service. This WebService validate the existing signatures and countersign the last one.

The problem is about the references of that countersignatures. It should have 2 references, one for the countersignature signedProperties and another for parent signature signaturevalue. The xml produced have a malformed signaturevalue reference.

<Reference Type="http://uri.etsi.org/01903#CountersignedSignature" URI="#">
  <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
  <DigestValue />
<Reference Type="http://uri.etsi.org/01903#SignedProperties" URI="#SignedProperties-408459499">
  <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />

The URI has # as value because signatureValue of parent signature dont have an ID attribute.

How can i set that ID always present?

The counterSignature have its SignatureValue element with ID attribute...

Posted: 03/10/2008 15:31:13
by Dmytro Bogatskyy (Team)

How can i set that ID always present?

Maybe, you mean that URI always present?
Because, ID for a xml element couldn't be empty if present.
If you need to set URI as empty (point to whole xml document), then set:
ElXMLReference.URI := ''; // this will change ElXMLReference.HasURI property to true
or you can simply set
ElXMLReference.HasURI := true
Posted: 03/10/2008 16:47:08
by Nuno Guedes (Basic support level)
Joined: 08/13/2007
Posts: 87

I think i wasn´t clear.

I have a signature, i send it to a web service for validate and countersign.

XMLDSIG or XAdES signature whose ds:SignedInfo MUST contain one
ds:Reference element referencing the ds:SignatureValue element of the embedding and countersigned
XAdES signature.

The countersign have an error on references because where it should be "#SignatureValue-12412" (for example) is "#".

That´s because the SignatureValue element of the signature dont have ID.

However the SignatureValue element of the CounterSignature generated have ID.

How can i oblige the signatureValue to have an id?

thanks in advance and sorry for my bad first explain...

Posted: 03/10/2008 17:47:55
by Dmytro Bogatskyy (Team)

I see.
Do you use ElXAdESProcessor.AddCounterSignature method?
It doesn't change a signature value id.

While signing xml you can add id in following way:
before calling ElXMLSigner.Save method (but after the Sign method) add:
ElXMLSigner.Signature.SignatureValue.ID = "SignatureValue-0";
and then use the same id in a reference while adding a CounterSignature.

If you need to add CounterSignature later, then you can modify SignatureValue xml element to add id:
ElXMLVerifier.Signature.SignatureValue.XMLElement.SetAttribute("Id", "SignatureValue-0");

P.S. I think, I should add overloaded method AddCounterSignature with a second parameter signatureValueID to make it more clear.
Posted: 03/11/2008 06:58:28
by Nuno Guedes (Basic support level)
Joined: 08/13/2007
Posts: 87

Hi, this is the last lines of signing method.

The return remain to not have the id of signaturevalue...

what am i doing wrong?



            Signer.Signature.SignatureValue.ID = "SignatureValue-" + Signer.Signature.ID.Split('-')[1];

            SigNode = (TElXMLDOMNode)XMLDocument.DocumentElement;
            if (SigNode is TElXMLDOMDocument)
                SigNode = ((TElXMLDOMDocument)SigNode).DocumentElement;

                // If the signature type is enveloped, the signature is placed as a child of the passed node.
                Signer.Save(ref SigNode);
            catch (Exception E)
                throw new Exception(string.Format("Falhou coloca&#231;&#227;o da assinatura no ficheiro. ({0})", E.Message));

            return XMLDocument.OuterXML;
Posted: 03/11/2008 08:01:43
by Dmytro Bogatskyy (Team)

This code works for me. It is right, of course if you switch on XAdES, otherwise exception will be thrown (because Signer.Signature.ID will be empty).
Could you please try with the latest build.
If the problem still persists, please post your code to helpdesk.
Posted: 03/11/2008 08:31:06
by Nuno Guedes (Basic support level)
Joined: 08/13/2007
Posts: 87

ok, i will try with last release.




Topic viewed 3151 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!