Reputation: 31
XAdES-BES signature using xades4j library for Ecuador SRI
I am trying to sign an xml invoice from my file system using xades4j library to be compliant with Ecuador's SRI (Servicio de Rentas Internas) however I have not been successful, I keep getting the following error when trying to validate the signed xml through the SRI's web service:
39: La validacion de la firma ha fallado: Error en la estructura de la firma FIRMA INVALIDA
The characteristics of the signature should be the following:
signature standard: XAdES-BES Schema version: 1.3.2 Encoding: UTF-8 Signature-Type: Enveloped.
I am pretty lost, I have tried lots of things, even changing the source code of the library to make my signed xml resemble more the valid xml I have as a reference.
Any help would be appreciated.
This is my Java code:
public static void main(String[] args) {
Document doc = null;
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
try {
DocumentBuilder builder = factory.newDocumentBuilder();
doc = builder.parse(new File("filepath");
} catch (ParserConfigurationException e) {
System.out.println("UNABLE TO PARSE XML");
e.printStackTrace();
} catch (SAXException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
KeyingDataProvider kp = FileSystemKeyStoreKeyingDataProvider
.builder("pkcs12","keystorepath",SigningCertificateSelector.single())
.storePassword(new DirectPasswordProvider(args[1]))
.entryPassword(new DirectPasswordProvider(args[1]))
.fullChain(false)
.build();
XadesBesSigningProfile p = null;
p = (XadesBesSigningProfile) new XadesBesSigningProfile(kp).withSignatureAlgorithms(new SignatureAlgorithms()
.withDigestAlgorithmForDataObjectReferences(MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1)
.withDigestAlgorithmForReferenceProperties(MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1)
.withDigestAlgorithmForTimeStampProperties(MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1)
.withSignatureAlgorithm("RSA", XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1)
.withSignatureAlgorithm("EC", XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1)
.withSignatureAlgorithm("DSA", XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1)
).withBasicSignatureOptions(new BasicSignatureOptions().includePublicKey(true).signKeyInfo(true));
DataObjectDesc obj = new DataObjectReference("")
.withTransform(new EnvelopedSignatureTransform())
.withDataObjectFormat(new DataObjectFormatProperty("text/xml")
.withDescription("contenido comprobante"))
;
SignedDataObjects dataObjs = new SignedDataObjects(obj);
try {
XadesSigner signer = p.newSigner();
Element elemToSign = doc.getDocumentElement();
signer.sign(new SignedDataObjects(obj), elemToSign);
TransformerFactory tf = TransformerFactory.newInstance();
Transformer transformer = tf.newTransformer();
DOMSource source = new DOMSource(elemToSign);
StreamResult result = new StreamResult(new File("outputPathFile"));
transformer.transform(source, result);
} catch (XadesProfileResolutionException e) {
System.out.println("Could not create Signer");
//TODO Auto-generated catch block
e.printStackTrace();
} catch (XAdES4jException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (TransformerConfigurationException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (TransformerException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
Upvotes: 3
Views: 728
Answers (0)
Related Questions
- Xades4j Verify signature Xades - EPES: Bad XML signature
- How to convert XML SOAP String to JSONObject (com.ibm.json.java.JSONObject)
- Is there an example of how to do a XAdES-BES enveloped signature with the XAdES4j library?
- XAdES internally detached signature
- XAdES4j signature verification - URI issues
- Validate XADES signature with XADES4j