我有这个问题:
我使用 DLL FirmaXadesNet 对 xml 发票进行数字签名,签名起初看起来不错,并且在 Visual Studio 2017 中没有显示错误,
在 xml 文件中创建签名节点后,我将其移动到 xml 的另一个位置。
该文件被发送到验证它的 post 服务,但验证是在 java 中使用 xades4j 完成的,并且显示验证错误:
“com.indra.mmdd.signature.exceptions.ValidateException:xades4j.verification.ReferenceValueException:无法验证引用''”
我不知道这个错误的原因是什么......有什么帮助吗?
我的代码:
XadesService xadesService = new XadesService();
SignatureParameters parametros = new SignatureParameters();
// Política de firma de factura-e 3.1
parametros.SignaturePolicyInfo = new SignaturePolicyInfo();
parametros.SignaturePolicyInfo.PolicyIdentifier = "https://www.dian.gov.co/contratos/facturaelectronica/politicafirma_v1_0.pdf";
parametros.SignaturePolicyInfo.PolicyHash = "Ohixl6upD6av8N7pEvDABhEL6hM=";
parametros.SignaturePolicyInfo.PolicyDigestAlgorithm = FirmaXadesNet.Crypto.DigestMethod.SHA1;
parametros.ElementIdToSign = "";
parametros.ExternalContentUri = "";
parametros.SignaturePackaging = SignaturePackaging.ENVELOPED;
parametros.SignerRole = new FirmaXadesNet.Signature.Parameters.SignerRole();
parametros.SignerRole.ClaimedRoles.Add("supplier");
parametros.DigestMethod = FirmaXadesNet.Crypto.DigestMethod.SHA1;
parametros.SignatureMethod = SignatureMethod.RSAwithSHA1;
parametros.SigningDate = SigningDate;
MemoryStream xmlStream = new MemoryStream();
Stream SignedXmlStream = new MemoryStream();
documentoxml.Save(xmlStream);
xmlStream.Flush();//Adjust this if you want read your data
xmlStream.Position = 0;
using (parametros.Signer = new Signer(certificate))
{
var docFirmado = xadesService.Sign(xmlStream, parametros);
docFirmado.Save(SignedXmlStream);
docFirmado.Save("c:\\temp\\tst.xml");
SignedXmlStream.Flush();
SignedXmlStream.Position = 0;
documentoxml = XDocument.Load(SignedXmlStream);
}
签名创建:
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-befa877d-93fe-4e08-90ea-a4ef88909281">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference Id="Reference-9cf35641-377a-45cf-870c-5a271096d051" URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>mxAO1rCV4xSQJ344nmjmcMEyAks=</ds:DigestValue>
</ds:Reference>
<ds:Reference Id="ReferenceKeyInfo" URI="#KeyInfoId-Signature-befa877d-93fe-4e08-90ea-a4ef88909281">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>IC1iMTiQbgwaX5bK9NAUdcny09E=</ds:DigestValue>
</ds:Reference>
<ds:Reference Type="http://uri.etsi.org/01903#SignedProperties" URI="#SignedProperties-Signature-befa877d-93fe-4e08-90ea-a4ef88909281">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>/sJWqf4CxhbVAPj0nJxcoNeLh/Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue Id="SignatureValue-befa877d-93fe-4e08-90ea-a4ef88909281">o121CWPg2cIQkw8lyySSM/CDiC/tsHs0197mjht1XFvdQAXhaBdvoXxjFlVGAGulEBf0o9q/+pJ5PCCuL5RzPvNc3ThUDKyVrExbGJhk7qV0HTtbYiOuSNt53G70aENhx48Npo2wijSYDnGg8urOuW+c7k5QN/wse4r4pyFP4mn9VxqrsyrD33/h2cSKbVBRz8TodsGeCPWSAAVfNKKmD1vlglizwk2BoZ0dpqialy4VjR8D0ZyHISZxNhWPRFIKh0dxul0XGkgp2YUpWR6qm/0mZZsSSG4QgW5DfgBfcHD0JAiSeL1AT4EkgI5Q+psmD2eXRW2x81/sXGtfw3sK1w==</ds:SignatureValue>
<ds:KeyInfo Id="KeyInfoId-Signature-befa877d-93fe-4e08-90ea-a4ef88909281">
<ds:X509Data>
<ds:X509Certificate>MIIG3zCCBcegAwIBAgIQeYiIUo4UQCdZlFt2QzvkFzANBgkqhkiG9w0BAQsFADCBqDEcMBoGA1UECQwTd3d3LmNlcnRpY2FtYXJhLmNvbTEPMA0GA1UEBwwGQk9HT1RBMRkwFwYDVQQIDBBESVNUUklUTyBDQVBJVEFMMQswCQYDVQQGEwJDTzEYMBYGA1UECwwPTklUIDgzMDA4NDQzMy03MRgwFgYDVQQKDA9DRVJUSUNBTUFSQSBTLkExGzAZBgNVBAMMEkFDIFNVQiBDRVJUSUNBTUFSQTAgFw0xNzA4MTYxNDQ5MjZaGA8yMDE4MDgxNjE0NDkyNVowgeExFDASBgNVBAgMC0JPR09UQSBELkMuMRUwEwYDVQQLDAxDRVJUSUZBQ1RVUkExDzANBgNVBAUTBjc0ODAzMjEaMBgGCisGAQQBgbVjAgMTCjgzMDAwMzg0MDUxGDAWBgNVBAoMD09BU0lTQ09NIFMuQS5TLjEUMBIGA1UEBwwLQk9HT1RBIEQuQy4xLjAsBgkqhkiG9w0BCQEWH0ZFUk5BTkRPLkdVVElFUlJFWkBPQVNJU0NPTS5DT00xCzAJBgNVBAYTAkNPMRgwFgYDVQQDDA9PQVNJU0NPTSBTLkEuUy4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx+egieWvsOKXRHh49BKbPh5+WCQ8ucJwOMr0svPijlGTUGtUOVoCvt8tnZb0Lfb3SRVtucTC5/NgGItJnjSU6VBIc+gcekiRjF9xjYJOpl6iXCEy3P1PrwYp0o4BkC5Yie2QrdX0fSt0Qty+WT8E2AYo5AQMYSlYpSjGAc7HBWwRYoy1YAFFAvBG3339YumVSDS+ggsh517UF0MH3eSDZ7LkdZE5GerD8iipbygvanR1HB2q7cvBEcuXyI6Oq81oJtxNa3h/IuK4+i9gNOinAKI5kiqy9ruAARKWoEYiH3/ME8cys5x13rCr6avmTaRakYn+K/KOQExmMenTHwDFxAgMBAAGjggLGMIICwjA2BggrBgEFBQcBAQQqMCgwJgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3NwLmNlcnRpY2FtYXJhLmNvMCoGA1UdEQQjMCGBH0ZFUk5BTkRPLkdVVElFUlJFWkBPQVNJU0NPTS5DT00wgecGA1UdIASB3zCB3DCBmQYLKwYBBAGBtWMyAQgwgYkwKwYIKwYBBQUHAgEWH2h0dHA6Ly93d3cuY2VydGljYW1hcmEuY29tL2RwYy8wWgYIKwYBBQUHAgIwThpMTGltaXRhY2lvbmVzIGRlIGdhcmFudO1hcyBkZSBlc3RlIGNlcnRpZmljYWRvIHNlIHB1ZWRlbiBlbmNvbnRyYXIgZW4gbGEgRFBDLjA+BgsrBgEEAYG1YwoKATAvMC0GCCsGAQUFBwICMCEaH0Rpc3Bvc2l0aXZvIGRlIGhhcmR3YXJlIChUb2tlbikwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCA/gwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHQ4EFgQUcFz5ouNcb5Iqw8wyYo9f8mNyWJAwHwYDVR0jBBgwFoAUgHHMMpJYdfQDITqrvhzTj/IgFe0wEQYJYIZIAYb4QgEBBAQDAgWgMIHXBgNVHR8Egc8wgcwwgcmggcaggcOGXmh0dHA6Ly93d3cuY2VydGljYW1hcmEuY29tL3JlcG9zaXRvcmlvcmV2b2NhY2lvbmVzL2FjX3N1Ym9yZGluYWRhX2NlcnRpY2FtYXJhXzIwMTQuY3JsP2NybD1jcmyGYWh0dHA6Ly9taXJyb3IuY2VydGljYW1hcmEuY29tL3JlcG9zaXRvcmlvcmV2b2NhY2lvbmVzL2FjX3N1Ym9yZGluYWRhX2NlcnRpY2FtYXJhXzIwMTQuY3JsP2NybD1jcmwwDQYJKoZIhvcNAQELBQADggEBAFzW4vJASRzzWSacRIKnmmkTx6W3Z6W8ifLjILIR7wOdUOT7+FKCd6Ep46r94jKupVi9omEgDMZh4+/i23y1SxMxWmDJvWGUY5AwsZMvp5y33NNJoGJl8usHBb64fVtgKGkDdB0uYc8xMDHLZh/e22+IEBOaZyUYSlKdiVp7tgB9y3+vIpEAqXILUSjd77uZWZypZiaZwLfOBRxRvCUXHq3fipXbXmvGOz507d19ckhAFgi0CkX8azqU25ffC0cQe9O5bQJdlzoTVA98dkHw/fYhVoH5cJEvMkqcTo5ZRUTIHwVDQjHheojC79VJEBsoP15PJa7aH8vkOPaWdMxkkj0=</ds:X509Certificate>
</ds:X509Data>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>sfnoInlr7Dil0R4ePQSmz4eflgkPLnCcDjK9LLz4o5Rk1BrVDlaAr7fLZ2W9C3290kVbbnEwufzYBiLSZ40lOlQSHPoHHpIkYxfcY2CTqZeolwhMtz9T68GKdKOAZAuWIntkK3V9H0rdELcvlk/BNgGKOQEDGEpWKUoxgHOxwVsEWKMtWABRQLwRt99/WLplUg0voILIede1BdDB93kg2ey5HWRORnqw/IoqW8oL2p0dRwdqu3LwRHLl8iOjqvNaCbcTWt4fyLiuPovYDTopwCiOZIqsva7gAESlqBGIh9/zBPHMrOcdd6wq+mr5k2kWpGJ/ivyjkBMZjHp0x8AxcQ==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
<ds:Object Id="XadesObjectId-f05adc2c-eba5-4612-b76c-9588208b98f5">
<xades:QualifyingProperties xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" Id="QualifyingProperties-9160de7a-7c5a-4961-9364-412b9dc4f483" Target="#Signature-befa877d-93fe-4e08-90ea-a4ef88909281">
<xades:SignedProperties Id="SignedProperties-Signature-befa877d-93fe-4e08-90ea-a4ef88909281">
<xades:SignedSignatureProperties>
<xades:SigningTime>2017-10-10T19:58:13-05:00</xades:SigningTime>
<xades:SigningCertificate>
<xades:Cert>
<xades:CertDigest>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>vffAvJLY1zLdUh2p2mN6Er80eTc=</ds:DigestValue>
</xades:CertDigest>
<xades:IssuerSerial>
<ds:X509IssuerName>CN=AC SUB CERTICAMARA, O=CERTICAMARA S.A, OU=NIT 830084433-7, C=CO, S=DISTRITO CAPITAL, L=BOGOTA, STREET=www.certicamara.com</ds:X509IssuerName>
<ds:X509SerialNumber>161545504811122332844050240895274705943</ds:X509SerialNumber>
</xades:IssuerSerial>
</xades:Cert>
</xades:SigningCertificate>
<xades:SignaturePolicyIdentifier>
<xades:SignaturePolicyId>
<xades:SigPolicyId>
<xades:Identifier>https://www.dian.gov.co/contratos/facturaelectronica/politicafirma_v1_0.pdf</xades:Identifier>
<xades:Description />
</xades:SigPolicyId>
<xades:SigPolicyHash>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>Ohixl6upD6av8N7pEvDABhEL6hM=</ds:DigestValue>
</xades:SigPolicyHash>
</xades:SignaturePolicyId>
</xades:SignaturePolicyIdentifier>
<xades:SignerRole>
<xades:ClaimedRoles>
<xades:ClaimedRole>supplier</xades:ClaimedRole>
</xades:ClaimedRoles>
</xades:SignerRole>
</xades:SignedSignatureProperties>
<xades:SignedDataObjectProperties>
<xades:DataObjectFormat ObjectReference="#Reference-9cf35641-377a-45cf-870c-5a271096d051">
<xades:MimeType>text/xml</xades:MimeType>
<xades:Encoding>UTF-8</xades:Encoding>
</xades:DataObjectFormat>
</xades:SignedDataObjectProperties>
</xades:SignedProperties>
</xades:QualifyingProperties>
</ds:Object>
</ds:Signature>