1

我正在尝试使用离线 aadhaar KYC 验证应用程序的给定证书文件验证数字签名。

此说明在验证文档中给出。

下载后的 Aadhaar 无纸离线 e-KYC 具有以下 XML:

<OKY v=""n=""r=""i=""d=""e=""m=""g=""a=""s="" />

上述 xml 的 XSD

<?xml version="1.0" encoding="UTF-8"?>
<xs:schemaxmlns:xs="http: www.w3.org="" 2001="" xmlschema"="" attributeformdefault="unqualified" elementformdefault="qualified" targetnamespace="http://www.uidai.gov.in/offlinePaperlesseKYC/1.0">
<xs:element name="OKY">
<xs:complextype>
<xs:attribute name="v" type="xs:string"/>
<xs:attribute name="n" type="xs:string"/>
<xs:attribute name="i" type="xs:string"/>
<xs:attribute name="d" type="xs:string"/>
<xs:attribute name="e" type="xs:string"/>
<xs:attribute name="m" type="xs:string"/>
<xs:attribute name="g" type="xs:string"/>
<xs:attribute name="a" type="xs:string"/>
<xs:attribute name="r" type="xs:string"/>
<xs:attribute name="s" type="xs:string"/>
</xs:complextype>
</xs:element>
</xs:schema>

  1. 读取整个 XML 并将 s=”xxxx” 标记从中分离出来。

  2. 使用利用基于“SHA256withRSA”的散列和加密技术的签名验证算法

  3. “s”标签中存在的签名值、剩余的 XML(没有“s”标签)和 UIDAI 公钥(在此处可用。)将被馈送到算法以验证数字签名。

组织提供的示例 C# 代码片段。(PS:这也不起作用

using System;
using System.Security.Cryptography.X509Certificates;
using System.Xml;

namespace test
{
class MainClass
{
    public static void Main(string[] args)
    {
        // link -> https://drive.google.com/file/d/1aSv3HJUFf5_42Z-FqpdVHEk5b3VA3T3D/view


        string XMLFilePath = "offlineaadhaar.xml"; //Get the XML file

// link -> https://drive.google.com/file/d/1FW4ciIhZqJuelOcGF2x6VaBCSDO9J-gM/view


string KeyFilePath = "okyc-publickey.cer"; //Get the public key certificate file

        XmlDocument ObjXmlDocument = new XmlDocument();
        ObjXmlDocument.Load(XMLFilePath); //Load the XML
        XmlAttributeCollection SignatureElement = ObjXmlDocument.DocumentElement.Attributes; //Get the all XML attribute
        string SignatureValue = SignatureElement.GetNamedItem("s").InnerXml; // Get Signature value

        SignatureElement.RemoveNamedItem("s");//Remove the signature "s" attribute from XML and get the new XML to validate

        /*----------------Read and parse the public key as string-----------------------*/
        X509Certificate2 ObjX509Certificate2 = new X509Certificate2(KeyFilePath, "public"); //Initialize the public ket certificate file

        Org.BouncyCastle.X509.X509Certificate objX509Certificate;
        Org.BouncyCastle.X509.X509CertificateParser objX509CertificateParser = new Org.BouncyCastle.X509.X509CertificateParser();

        objX509Certificate = objX509CertificateParser.ReadCertificate(ObjX509Certificate2.GetRawCertData());
        /*----------------End-----------------------*/

        /* Init alg */
        Org.BouncyCastle.Crypto.ISigner signer = Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA256withRSA");

        /* Populate key */
        signer.Init(false, objX509Certificate.GetPublicKey());

        /* Get the signature into bytes */
        var expectedSig = Convert.FromBase64String(SignatureValue);

        /* Get the bytes to be signed from the string */
        var msgBytes = System.Text.Encoding.UTF8.GetBytes(ObjXmlDocument.InnerXml);


        /* Calculate the signature and see if it matches */
        signer.BlockUpdate(msgBytes, 0, msgBytes.Length);
        bool Flag = signer.VerifySignature(expectedSig);            
        if (Flag)
        {
            Console.WriteLine("XML Validate Successfully");
        }
        else
        {
            Console.WriteLine("XML Validation Failed");
        }
    }
}
}

我正在尝试在 Python 中实现并且 XML 验证失败。我不确定证书文件是否错误或我的代码是否存在错误。

这是我的 Python 代码:

import xml
import xml.etree.cElementTree as etree
from xml.etree import ElementTree
import OpenSSL
from cryptography import x509
from cryptography.hazmat.backends import default_backend
from Crypto.PublicKey import RSA
from base64 import b64encode, b64decode
from M2Crypto import BIO, RSA, EVP

xmlDoc = open('adhar.xml', 'r').read()
Tr = etree.XML(xmlDoc)
Tr.keys()
# ['s', 'r', 'a', 'g', 'm', 'e', 'd', 'i', 'n', 'v']

sign = Tr.get('s')
len(sign)
# 344

del Tr.attrib['s']

from M2Crypto import X509

x509 =X509.load_cert('ekyc_public_key.cer')
#x509 =X509.load_cert(cert4)
rsa = x509.get_pubkey().get_rsa()
pubkey = EVP.PKey()
pubkey.assign_rsa(rsa)

xmlstr = etree.tostring(Tr, encoding='utf8', method='xml')
#rstr=str(xmlstr)[45:][:-1]
#rstr = rstr.encode(encoding='utf-8')


# if you need a different digest than the default 'sha1':
pubkey.reset_context(md='sha256')
pubkey.verify_init()

# hashlib.sha256(message_without_sign).digest()
pubkey.verify_update(xmlstr)
if(pubkey.verify_final(b64decode(sign)) != 1):
    print('Digital Signeture not validated')
else: 
    print('Digital Signeture validated')
4

1 回答 1

2

问题中的描述不足以完全指定签名生成/验证。当然需要澄清协议;最好请求正式的描述。指定 XML digsig 并非没有意义。您需要标准化的规范化、字符集等。最后,签名是通过字节计算的,而不是通过 XML / 文本计算的。

"SHA256withRSA"不是签名算法;这是 PKCS#1 v1.5 签名方案的(相当糟糕的)Java 名称。

这些都不是好兆头;您应该询问该协议是否已由专家验证。

于 2019-01-02T19:13:04.850 回答