RSAKeyValue tag (Modulus and Exponent)

[Danisan]

Since these values are not provided in the sign() return value, which should be the best way to add them?

Thanks

[kislyuk]

They should be. How are you calling sign()?

[Danisan]

They are missing in the result. this way:

def sign_full_xml(self, message, privkey, cert, uri):
        # canocalization REC-xml-c14n-20010315
        # Algorithm = u'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'
        doc = etree.fromstring(message)
        signed_node = xmldsig(
            doc, digest_algorithm=u'sha1').sign(
            method=methods.enveloped, algorithm=u'rsa-sha1',
            c14n_algorithm=u'http://www.w3.org/TR/2001/REC-xml-c14n-20010315',
            reference_uri='#'+uri,
            key=privkey.encode('ascii'),
            cert=cert.encode('ascii'))

[kislyuk]

The reason is that you're giving it a value for cert. The method currently assumes that if you're passing cert, then you intend to serialize its contents using X509Data, not using RSAKeyValue. The x.509 base64 encoded cert contains the key info encoded in it (and is generally what people use nowadays instead of RSAKeyValue).

Try not passing cert and see if that accomplishes your goal. Otherwise, please describe your use case and I'll see if I can accommodate it.

[Danisan]

Ok I'll try... will tell you what happen very soon. It is related to en electronic invoice requirement. Thanks a lot.

[Danisan]

Andrey, I called "sign()" without cert. Now there come "modulus" and "exponent". I still did not reach the fire-test anyway, but think I should pass the verify first..
These are the ways I tried calling verify() method, unsuccessfully:
verified_data = xmldsig(signed_node).verify()
verified_data = xmldsig(signed_node).verify().signed_xml
verified_data = xmldsig(signed_node).verify(x509_cert = cert)
or
verified_data = xmldsig(signed_node).verify(x509_cert = cert).signed_xml
I think the x509 certificate should be passed, but is not clear to me what "signed_xml" stands for, since in the readme, it is not previously refferenced as a variable.

[Gallaecio]

According to the XSD of XML signatures of the SII (Chile's IRS), both elements should be on the signature, KeyValue and X509Data.

[kislyuk]

@Gallaecio, to your original question, the XML Security spec does not say anything about the requirement for both elements to be present. On the other hand, having both elements be present results in an ambiguity and/or extra work for the validator, and makes it easier for vulnerabilities to arise - the public key used to sign the document is already encoded in the cert (which is in X509Data). So the verifier must either ignore KeyValue or make sure it matches what's in the cert.