XADES-EPES Signature Example #54
Comments
|
But you can set you own values before Here is example of signing XML document and adding XADES properties like SigningTime, SigningCertificate, SignerRole via options and SignaturePolicyIdentifier programmatically //@ts-check
const asn1js = require("asn1js");
const pkijs = require("pkijs");
const xades = require("xadesjs");
const xmldsig = require("xmldsigjs");
const CryptoOSSL = require("node-webcrypto-ossl");
const crypto = new CryptoOSSL();
const commonName = "Test self-signed certificate";
const alg = {
name: "RSASSA-PKCS1-v1_5",
hash: { name: "SHA-256" },
publicExponent: new Uint8Array([1, 0, 1]),
modulusLength: 2048,
};
async function CreateCertificate(commonName, keys, alg) {
// Generate new certificate
const certificate = new pkijs.Certificate();
certificate.version = 2;
certificate.serialNumber = new asn1js.Integer({ value: 1 });
certificate.issuer.typesAndValues.push(new pkijs.AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "EN" })
}));
certificate.issuer.typesAndValues.push(new pkijs.AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: commonName })
}));
certificate.subject.typesAndValues.push(new pkijs.AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "EN" })
}));
certificate.subject.typesAndValues.push(new pkijs.AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: commonName })
}));
certificate.notBefore.value = new Date();
certificate.notAfter.value = new Date();
certificate.notAfter.value.setFullYear(certificate.notAfter.value.getFullYear() + 1);
certificate.extensions = []; // Extensions are not a part of certificate by default, it's an optional array
await certificate.subjectPublicKeyInfo.importKey(keys.publicKey);
await certificate.sign(keys.privateKey, alg.hash.name);
// Convert certificate to DER
const derCert = certificate.toSchema(true).toBER(false);
// const pem = DerToPem(derCert, "CERTIFICATE");
const pem = Buffer.from(derCert).toString("base64");
console.log(pem);
// import key to crypto
return pem;
}
async function GenerateKeys(alg) {
return await crypto.subtle.generateKey(alg, false, ["sign", "verify"]);
}
async function main() {
// set crypto engine
xades.Application.setEngine("OpenSSL", crypto);
pkijs.setEngine("OpenSSL", crypto, new pkijs.CryptoEngine({ name: "OpenSSL", crypto, subtle: crypto.subtle }));
const keys = await GenerateKeys(alg);
const cert = await CreateCertificate(commonName, keys, alg);
var xmlString = '<player bats="left" id="10012" throws="right">\n\t<!-- Here\'s a comment -->\n\t<name>Alfonso Soriano</name>\n\t<position>2B</position>\n\t<team>New York Yankees</team>\n</player>';
var xmlDoc = xades.Parse(xmlString);
const xml = new xades.SignedXml(xmlDoc);
// If you need custom data you can add it manually
xml.SignedProperties.SignedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyId.Identifier.Qualifier = "OIDAsURI";
xml.SignedProperties.SignedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyId.Identifier.Value = "my.uti.oid";
xml.SignedProperties.SignedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestMethod.Algorithm = "SHA-1";
xml.SignedProperties.SignedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestValue = new Uint8Array(20);
const signedXml = await xml.Sign( // Signing document
alg, // algorithm
keys.privateKey, // key
xmlDoc, // document
{ // options
keyValue: keys.publicKey,
x509: [cert],
signingCertificate: cert,
references: [
{ hash: "SHA-256", transforms: ["enveloped"] }
],
productionPlace: {
country: "Country",
state: "State",
city: "City",
code: "Code",
},
signerRole: {
claimed: ["Some role"]
}
}
);
console.log(signedXml.toString());
}
main()
.catch((err) => {
console.log(err);
}) |
|
Hi @microshine thanks for your quick reponse, Damn! that was fast!!!... I got another question and I hope you can help me... I got and p12 crypto key and I need to sign and xml just the way you showed me on the last comment, but How can I import the cert and key pairs for do that?... I opened the crypto and it have at least 3 PEM certs. Thanks in advance for your cooperation Regards! |
|
@oliveryepez You can use PKIjs for PKCS#12. Here is example of it https://pkijs.org/examples/PKCS12SimpleExample.html |
|
@oliveryepez see unmitigatedrisk.com/?p=543 for some details on PKCS#12 in the browser using PKIjs. We have since made some improvements that allow the use of the weaker cryptographic constructs but currently, it only works in Node where those algorithms are available. |
|
Thank you guys, for your responses, I'm compelled to use this type of keys @rmhrisk because is the key that I have for sign an xml with XADES-EPES signature, but I don't need to do this in browser, can be a simple js file running with node, this package was the only package that I found for do this type of signatures. I follow you example @microshine but a think I do something wrong because I'm trying to parse the key like this. let file_buffered = fs.readFileSync(filepath);
const password_buffered = pvutils.stringToArrayBuffer(password);
const asn1 = asn1js.fromBER(file_buffered);
const pkcs12 = new pkijs.PFX({schema: asn1.result});And i got the following error (node:22078) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): Error: Object's schema was not verified against input data for PFX What I'm doing wrong, I'm trying to get X509 Certificate and Public key for create XADES-EPES signature with xadesjs Thank you for all your help guys |
|
@oliveryepez take a look at this example. https://github.com/PeculiarVentures/PKI.js/tree/master/examples/NodePKCS12Example It will be easier to support PKIjs issues in the PKIjs repository. Please post your final solution here for others but move discussions to PKCS#12/PFX support to that repository. |
|
I think the problem is here let file_buffered = fs.readFileSync(filepath);ASN1js and PKIjs work with let file_buffered = new Uint8Array(fs.readFileSync(filepath)).buffer;
PEM to DERhttps://support.quovadisglobal.com/kb/a37/what-is-pem-format.aspx
|
|
@oliveryepez Were you able to create a Xades-EPES signature? Can you post an example please? |
|
Hey @oliveryepez any updates on this? Could you figure out what you where looking for? |
|
Hi @oliveryepez, do you create Xades-EPES with this solution? |
|
@oliveryepez did you find a solution? |
ETSI TS 101 903 V1.4.1
You can find type definition for Options here Create OpenSSL slef-signed certificateXAdES EPES examplehttps://gist.github.com/microshine/f853759219452d4d397e38b972eaee78 Signed XML<Test><Document attr="Hello"/><ds:Signature Id="id-62d6abd24e1c" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>tg2dxbUKpoX43m9Unsu0gPiXIbJXtS54EZWpWznQigE=</ds:DigestValue></ds:Reference><ds:Reference URI="#xades-id-62d6abd24e1c" Type="http://uri.etsi.org/01903#SignedProperties"><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>oL93BXgu5sd730AZ7aGTHriHlDzcnLNUqWpeasWjz/w=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ct4W+J8u9MUrRKgalGQtq7iH85gXiOVAl+Bk/Nj3jn29zQc1U7Mn5axf+tryLO34VpwQArf7lwY8H/TanepG2ya3c+4nCs/wZThnggh/IyZ14wJECYYP5bdQqelTu0asCTJPpomx5CcWNbadAKPKqZ0bzFA7Zjlzny7TFbTLHtZJ+sfVZPKI0ik1rdy8rHSZdAdx2sXoRGme7Iki7TNDPJO9/1pyTGoABWpyGA7eBKyN0kdHYaq1VcBCSbICMzxBZCmwOW+VgMRX5Mvwe7V/QOB2gjkYQmLuGeViBgaU1v9y7Qx3Ts8tJKono4uQSRQbSxJ+Fd6KBVL4gJudBlUZXp1Dfl+TCxujwqez4tY+T+JnztRCQE8tLrciuvMxUbpLfpyE1Co8TOEca9PCkNrYhx63z8aW8v8zMIHWp7hAEl7den2KokN7vYof0oaV5vfePCSFN0v1QwK5BM1m0lSO324IaH1QZl0z+81x8KVztNgl8vPrHR/gN0nYDZLmm+a7Ff6k1yBuTicdj26a5S/S20jGKqDnnnHbqlOw0ug90tYwup8SbfIrYZxe86EwAWGppJJrjetQurGVd8Fjh7JiZ4iFwHWK5YAuzDHyLTXuzopwVA3XcAcAfT0350MuVWdOlKzg1bMxsceX+wJkGNoYHXpBr4qMLfFn2rxpcS6q6eM=</ds:SignatureValue><ds:Object><xades:QualifyingProperties Target="#id-62d6abd24e1c" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#"><xades:SignedProperties Id="xades-id-62d6abd24e1c"><xades:SignedSignatureProperties><xades:SigningTime>2018-01-09T14:00:54.006Z</xades:SigningTime><xades:SigningCertificate><xades:Cert><xades:CertDigest><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>bu+t1r/OsLb0uLiKhFHDQvO/P2WlzLW1td48ji/qeM0=</ds:DigestValue></xades:CertDigest><xades:IssuerSerial><ds:X509IssuerName>C=RU, ST=Marj El, L=Yoshkar-Ola, O=PeculiarVentures, CN=microshine, E=microshine@mail.ru</ds:X509IssuerName><ds:X509SerialNumber>12630331543579879860</ds:X509SerialNumber></xades:IssuerSerial></xades:Cert></xades:SigningCertificate><xades:SignaturePolicyIdentifier><xades:SignaturePolicyId><xades:SigPolicyId><xades:Identifier Qualifier="OIDAsURI">quilifier.uri</xades:Identifier></xades:SigPolicyId><xades:SigPolicyHash><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>Ilnj+FSn0X9MCRXFGIkHkMozR2P2rrS3UruywJVCBEg=</ds:DigestValue></xades:SigPolicyHash><xades:SigPolicyQualifiers><xades:SigPolicyQualifier><xades:SPUserNotice><xades:NoticeRef><xades:Organization>PeculiarVentures</xades:Organization><xades:IntegerList><xades:int>1</xades:int><xades:int>2</xades:int><xades:int>3</xades:int><xades:int>4</xades:int><xades:int>5</xades:int></xades:IntegerList></xades:NoticeRef></xades:SPUserNotice></xades:SigPolicyQualifier></xades:SigPolicyQualifiers></xades:SignaturePolicyId></xades:SignaturePolicyIdentifier><xades:SignatureProductionPlace><xades:City>Yoshkar-Ola</xades:City><xades:StateOrProvince>Marij El</xades:StateOrProvince><xades:PostalCode>424000</xades:PostalCode><xades:CountryName>Russia</xades:CountryName></xades:SignatureProductionPlace></xades:SignedSignatureProperties></xades:SignedProperties></xades:QualifyingProperties></ds:Object></ds:Signature></Test>XMLSEC verificationoutput |
|
Thank you @microshine the solution is working, for those who have a .p12 file first need to extract into two separated files. Extract public and private key from pkcs12 file After extracting your private key and cert you need to decrypt the private key for usage Delete all before So in cert.pem in line 31, you need to put the cert without the header (step above) and in line 35 you need to put the Unencrypted RSA key In my personal case I require some modifications to the @microshine gist, specifically on line 78 NOTE: This is the first time that I work with p12 files, specifically with "Ministerio de Hacienda Costa Rica" digital sign so I don't know actually if those steps are required with other p12 files. |
|
@variux you can use PKCS#12 also, see - https://github.com/PeculiarVentures/PKI.js/blob/7b953ee08ee342d085328ec02152c087dae74917/examples/NodePKCS12Example/es6.js |
|
Thank you @rmhrisk I will try using PKI.js, will be useful for me! |
|
Hi @microshine when I use xmlsec1 command it returns me a "Invalid data: data and digest do not match" I think that is a wrong calculated digest but I don't know why, also I require the X509Data and isn't in my xml |
|
Did you edit the file after the signature was applied? |
|
No, It was not edited, I don't know if deleting the headers of cert.pem and key.pem could change the results, but I sign the document without the headers, also I wrote the string to an xml file, I don't know if its also affects |
|
@variux For X509Data you need to add const signature = await xadesXml.Sign( // Signing document
alg, // algorithm
key, // key
xml, // document
{ // options
references: [
{ hash, transforms: ["c14n", "enveloped"] }
],
x509: [x509],
policy: { |
|
@variux Could you share your signed xml and cert.pem? |
|
@microshine sure, thank you, has been sent, I added the x509 data |
|
@variux could you sign xml one more time? return Promise.resolve().then(function () {
var buf;
if (typeof xml === "string") {
console.log("Hash:\n%s\n", xml);
buf = XmlCore.Convert.FromString(xml, "utf8");Run your script |
|
Sent to your email |
|
@variux Do you have the lates version of xadesjs, xmldsigjs, and xml-core? Can you run |
|
Yeah, I'm using the latest versions https://gist.github.com/variux/8044b9ceb2896facd88d09241b12393b This is my code if you want to check it |
|
@variux thank you |
|
@microshine thanks to you for the help, I'll be waiting for your test |
|
@variux I found problem. I need time to fix it. I'll notify you when it's done |
|
Thank you @microshine I'm gonna be waiting for that! |
|
@variux I published new version of xmldsigjs@2.0.20 |
|
If I comment the transform "c14n", that line does not appear in the xml, however, the file will continue to reject it. |
|
@variux can you try without specifying C14N and see if they like it? Also maybe try changing the order of the canonicalization choices. |
|
@charlienux What app do you use to verify signature? |
|
Like @variux, if I validate the file with xmlsec1, it indicates that the signature is valid. But when I send it to the Ministry of Finance, they reject it indicating that the signature is invalid. |
|
@charlienux did you also specify two transforms? |
|
@charlienux is there any way I can get access to upload test signatures? |
|
The Ministry of Finance has a testing environment to send the signed documents. I will write to your email with some details for the tests. |
|
Thanks to your help, the documents signed with this library have been accepted by the Ministry of Finance. |
|
@charlienux could you post the example on how you do it? |
|
Good morning, I need to sign an xml document, I'm from Colombia and in the element of the signature they refer to an identification, this is the fragment: <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="xmldsig-79c270e3-50bb-4fcf-b9bc-3a95bcf2466d"> I would like to know where the identifiers of the references are obtained to perform the calculation, I really need it urgently, thank you for your attention. |
|
Id="xmldsig-79c270e3-50bb-4fcf-b9bc-3a95bcf2466d"? |
|
Exactly, I want to know where the different identifiers are from, I know they have 32, but I have no idea where they can be obtained, a response would be a great help. |
|
Are obtained from the digital certificate, its value may vary according to the document xml ?, please from where I get these values, I have some notion of encryption, canonization method, but that identifier is confusing to me now |
|
In XML each node can have a unique ID so you can reference it by that value These values are commonly made guids by underlying XML library. |
|
Thank you very much! |
|
They are not inherited, they identify the node. XML does not require they heba guid, they can be any unique value. I do not recall how to set the value, @microshine will. |
|
@TSISTEMAS You can use any unique value for Id |
|
@charlienux @variux I create one slack group so we can help each other with hacienda problems. I really would like to talk to you guys if you guys could sign the document. I saw the code @charlienux shared and I think I build the function was missing to get the pems from the .p12 file. can you guys connect with me on slack: https://join.slack.com/t/hacienda-api/shared_invite/enQtNDMyMDU3MjcxMDI0LWU2YTM4ZWEzM2QzZjhiMjRjM2U1MDA4MWVlNGY3ZGU3YTA0NDJjMDVjYTQ1NTNhZjBjMGJhNGI2OTdjYTUwMzk |
|
@rafaelrgl this is example code https://drive.google.com/file/d/1dQzpLN-1xwCLGLQc-XJg860IjtGyhNN-/view?usp=sharing
|
|
@microshine Good Morning, I have a problem with the library, When I verified the sign with a tools said: "no file was associated with the signature". I use the method like this: xadesXml.Sign( |
|
@gponceleon I checked |
|
Hi, I need to make an electronic signature with the xades-bes method, however I can only do it with a key already created as pfx. the signature should look like this: <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-3d1a91ad-2d0d-471d-93f0-82c12b45b217">ds:SignedInfo<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /><ds:Reference Id="Reference-e663d691-a74b-4230-b53b-e3caba86b1f2" URI="#DatosEmision">ds:Transforms<ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />ds:DigestValuer3F+fJc/lAte9veqOCqbEmkYtyfnFtfI9rOlaz2WHUo=</ds:DigestValue></ds:Reference><ds:Reference Id="ReferenceKeyInfo" URI="#KeyInfoId-Signature-3d1a91ad-2d0d-471d-93f0-82c12b45b217"><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />ds:DigestValueBwqtH5URkflcWis8P9SAhY+qeODkt/daxRWHyT/Y8iw=</ds:DigestValue></ds:Reference><ds:Reference Type="http://uri.etsi.org/01903#SignedProperties" URI="#SignedProperties-Signature-3d1a91ad-2d0d-471d-93f0-82c12b45b217"><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />ds:DigestValuerUtWT3llyhTNKMYppRtGwcoJQ2im/OO1vtJfnsEKOFI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue Id="SignatureValue-3d1a91ad-2d0d-471d-93f0-82c12b45b217">wHxEDRHQcOg87pg9LPdayDUVd9XfWiZ5iAhkB2QTlbuKAI/HguMoEBnqoPajmYcasPUoOx+ZQVcqkcAg8BRggUIL5o+Xw/4JcHw6JdDTayUjGLBgvVImK69N2fH3Qy6+MQ/5HxN4xPX7qR35asGCx48cHvlf4dBzWfWA4lhA5CNzHQBeg49mkR6NVV1Ca/IK9fsDsIjVQCHgG22K9ce59m2B2cmTHI3ELX/t9MTncPQ+mDItYs6qLBqDA7cPjsyT867a6vOL11UxnRBjkztTDCfB+LCqMQnP6u5EzYOrupZwJ0FAYnbbAMIao5Li/uL+LCvDPRowGpKbfJy/66bk9Q==</ds:SignatureValue><ds:KeyInfo Id="KeyInfoId-Signature-3d1a91ad-2d0d-471d-93f0-82c12b45b217">ds:X509Datads:X509CertificateMIIDUjCCAjqgAwIBAgIISF6w2fgaROIwDQYJKoZIhvcNAQELBQAwKTEMMAoGA1UEAwwDRkVMMQwwCgYDVQQKDANTQVQxCzAJBgNVBAYTAkdUMB4XDTE5MDIyNTEzNTE1NloXDTIxMDIyNDEzNTE1NlowKDERMA8GA1UEAwwINDcyNTA3NjMxEzARBgNVBAoMCnNhdC5nb2IuZ3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBaDT6B0SaBu0UZnc3X6jBoqipINceo9ZaZJqU6es5Vhls6UZdxSzaHU+NMjdtbsPCvdI2F02LKZUOJkI+Y4f08TCj0k2a6Tda1+iB8U7wwWEusp0bqZpUop0xGGEYSZE4wmnbQODWISz0YGJfQ3M6WCREOSjoqdWoTWS6g5+vwGwmaQu6OLUwQ3rVg1g8AXaQ3QuSglGqwGphAxzkqz9zpcMmWZY5r4mfigyAm25/AQUEYIEXZEBKJs4++MbwznsVst/kGVgrm6FI7LxvyvfysY4qaKjPadPAcqswftisVnFg/Duy3mWVFo4z+Ki00WGKs4tnxIdk3IN9B/zDtWBLAgMBAAGjfzB9MAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUc73zilJsM5hZ1/fQrbFzjLRQSgowHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBQPwcfKFe+ObJ7M5N5OliAciRG6izAOBgNVHQ8BAf8EBAMCBeAwDQYJKoZIhvcNAQELBQADggEBAChaQI1Fc+6icZqqWJ/LulGTCTPcE2DRi5wKwFL1wyiMCcpCkyLomiXCneh9osjAutHkWmn/QBxy74wblIhtzZFkfr1AlbgO902phI4nM4ttjOqOtaJnlCIy7/uKQeMAADB8DG2rvK9SlKjqv1OCA7exegV2/h+bwQ1P2pZVFEXZek4WXIwVJFSuAMRjs0zQEkQ3dLU5fCff+AfcgcI2ZEJd622rJjRphGf186IgVNYWHCearien6V1i+FT2PsmKIYdvkkVXsgrQCMOw5Z9nZiA3CafaKHHpGvY/b/hwHqyr0DpIuV/tHlR+tK+vXgwyQcrQ0lX2soWEz16+8TXJ7Kw=</ds:X509Certificate></ds:X509Data>ds:KeyValueds:RSAKeyValueds:ModuluswWg0+gdEmgbtFGZ3N1+owaKoqSDXHqPWWmSalOnrOVYZbOlGXcUs2h1PjTI3bW7Dwr3SNhdNiymVDiZCPmOH9PEwo9JNmuk3WtfogfFO8MFhLrKdG6maVKKdMRhhGEmROMJp20Dg1iEs9GBiX0NzOlgkRDko6KnVqE1kuoOfr8BsJmkLuji1MEN61YNYPAF2kN0LkoJRqsBqYQMc5Ks/c6XDJlmWOa+Jn4oMgJtufwEFBGCBF2RASibOPvjG8M57FbLf5BlYK5uhSOy8b8r38rGOKmioz2nTwHKrMH7YrFZxYPw7st5llRaOM/iotNFhirOLZ8SHZNyDfQf8w7VgSw==</ds:Modulus>ds:ExponentAQAB</ds:Exponent></ds:RSAKeyValue></ds:KeyValue></ds:KeyInfo><ds:Object Id="XadesObjectId-f3c98373-bb80-40f2-8c05-6e411c94a0f1"><xades:QualifyingProperties xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" Id="QualifyingProperties-1fa2dfc3-f1e1-4691-b756-5c461ab2f699" Target="#Signature-3d1a91ad-2d0d-471d-93f0-82c12b45b217"><xades:SignedProperties Id="SignedProperties-Signature-3d1a91ad-2d0d-471d-93f0-82c12b45b217">xades:SignedSignaturePropertiesxades:SigningTime2019-03-25T11:02:58-06:00</xades:SigningTime>xades:SigningCertificatexades:Certxades:CertDigest<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />ds:DigestValue3dG5+4D5zw0SLBEibIJ6gVYhDk+RPxSURPjcHr5AEa0=</ds:DigestValue></xades:CertDigest>xades:IssuerSerialds:X509IssuerNameC=GT, O=SAT, CN=FEL</ds:X509IssuerName>ds:X509SerialNumber5214799868758476002</ds:X509SerialNumber></xades:IssuerSerial></xades:Cert></xades:SigningCertificate></xades:SignedSignatureProperties>xades:SignedDataObjectProperties<xades:DataObjectFormat ObjectReference="#Reference-e663d691-a74b-4230-b53b-e3caba86b1f2">xades:MimeTypetext/xml</xades:MimeType>xades:EncodingUTF-8</xades:Encoding></xades:DataObjectFormat></xades:SignedDataObjectProperties></xades:SignedProperties></xades:QualifyingProperties></ds:Object></ds:Signature> |
|
This new question really isnt relevant to this closed bug, it seems you asked the same question in a new bug (good); I answered it there: #78 |
|
Hi, i create a package using the solution provided here: https://github.com/aazcast/haciendacostarica-signer checking the signature is approved, but is not adding the X509SubjectName. |
|
Technically that is a new issue, would be better if you created a separate issue that referenced this one and closed this. |
|
Since this thread is related to Costa Rica and signing maybe you guys can help with: PeculiarVentures/fortify#173 |
Hi a love this package!!! but I'm newbie on this stuff of digital signatures... Can guys give us an example of generate a XADES-EPES signature with xadesjs.
Thanks in advance for your colaboration
The text was updated successfully, but these errors were encountered: