The signer's certificate can not be identified

[fbenab]

I tried using the ETSI checker to validate this XML (XADES-B) but I got this error

“The signer's certificate can not be identified”

Check the attached file “signed.zip”

If you have any idea how to resolve this issue Thank you

signed.zip

[jccruellas]

Hi Firas, I have debugged the execution of my local copy of XAdESCC when fed with your signature.

The reason for the error raised is that the XAdESCC is not able to find the signing certificate because, after trying to cryptographically verify the digital signature value, none of the certificates within the ds:KeyInfo throws a successfull verification.

Some details follow:

1. The input to the cryptographically verification computed by the XAdESCC after processing as specified by the XML Sig W3C Recommendation is the following one:

not(ancestor-or-self::ds:Signature)not(ancestor-or-self::RefTtnVal)F/JgaAB93ESTtpg8jpwpdb28+8zNKGEqBQb5hScAP8w=GfYnMXVjeD7ZfvNaut26ktgrllgQcTEtKZIMod3bJIE= Please note that there are no break lines characters. 2. The XAdESCC uses XML Signature Java implementation of Apache Sanctuario. 3. So far this step had never raised any problem. I am not saying that this can not be precisely *the* exception where the tool fails. I would say that the best way of progressing would be that you run a debugging session and capture the actual input bytes to the computation of the ds:SignatureValue, communicate it to me. I would then compare your input with the input computed by the XAdESCC and so we could identify the differences. One more thing, take into account that you have included the xades:SigningTime element. This means that every time that you run the program, you will get a different input to the computation of the ds:SignatureValue. Maybe it would be better that you do not add it while we work on trying to see what is going on so that every execution would result in the same ds:SignatureValue contents. Regards Juan Carlos.

[jccruellas]

Good morning fbenab, Do you have any news on the suggestions that I made you?

[fbenab]

Hey Juan,

Sorry for the delay,

It's ok my issue was resolved

Thank you gain

Have a nice day,

[image: Mailtrack] https://mailtrack.io?utm_source=gmail&utm_medium=signature&utm_campaign=signaturevirality5& Sender notified by Mailtrack https://mailtrack.io?utm_source=gmail&utm_medium=signature&utm_campaign=signaturevirality5& 04/14/21, 07:23:41 AM

Le mer. 14 avr. 2021 à 06:34, jccruellas @.***> a écrit :

Good morning fbenab, Do you have any news on the suggestions that I made you?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/lovele0107/signatures-conformance-checker/issues/4#issuecomment-819299647, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQ3KOQB3AE3QS3SQVVX6A33TIVARNANCNFSM4QUQBN3Q .

-- Ben Abdallah Firas Ingénieur Développement-Tunisie Tradenet Rue du lac d'annecy,immeuble STRAMICA,Les Berges du Lac 1053 Tunis-Tunisie Site web:www.tradenet.com.tn Contact: (+216) 99816908

[jccruellas]

Good morning, Thank you very much indeed for your message. I will then close the issue. Thanks for using the XAdESCC. Do not hesitate in raising any issue/question if you think that I may be of any help Best regards Juan Carlos.