search

robrichards / xmlseclibs

A PHP library for XML Security
BSD 3-Clause "New" or "Revised" License
386 stars 180 forks source link

Signature is not verified at ESP end although public certificate updated #216

Open fixbug11081 opened 3 years ago

fixbug11081 commented 3 years ago

Please see the request xml data and signed request xml using algo RSA_SHA256 [](https://pastebin.com/vpAd4ng6)

https://pastebin.com/vpAd4ng6 Response

<EsignResp errCode="ESP-911" errMsg="Input XML Signature verification failed" ............>

` error

================================= Below is programm

// Load the XML to be signed $doc = new DOMDocument(); $doc->load(storage_path().'/'.'cdacrequest.xml');

// Create a new Security object
$objDSig = new XMLSecurityDSig('');
$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
// Sign using SHA-256
$objDSig->addReference(
    $doc,
    XMLSecurityDSig::SHA256,
    array('http://www.w3.org/2000/09/xmldsig#enveloped-signature')
);

// Create a new (private) Security key
$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type'=>'private'));
  //If key has a passphrase, set it using
//$objKey->passphrase = 'Mail@54cr';

// Load the private key
$objKey->loadKey(storage_path().'/'.'test_primarykey.pem', TRUE);

// Sign the XML file
$objDSig->sign($objKey);

// Add the associated public key to the signature

// $objDSig->add509Cert(file_get_contents(storage_path().'/'.'certificate.crt'));

// Append the signature to the XML
$objDSig->appendSignature($doc->documentElement);
// Save the signed XML
$doc->save(storage_path().'/'.'cdacsigned256xml.xml');
$signedXML = file_get_contents(storage_path().'/'.'cdacsigned256xml.xml');

$signedXML = str_replace('<?xml version="1.0"?>','', $signedXML);

return view('esign')->with(['requestcontent'=>$signedXML]);

===============End of program====================

They are saying signature is wrong and not having right algorithm . I have used RSA_SHA256 algo....... What is issue ? Please tell me.

akalongman commented 2 years ago

@fixbug11081 same issue here. Did you find a solution?

big89 commented 1 year ago

@fixbug11081 Did you got solution for this issue?

big89 commented 1 year ago

Hi @robrichards Could you please help me with similar issue?

Thanks in advance!

robrichards commented 1 year ago

@big89 Does the documentation for the endpoint you are integrating with have any hard requirements for algorithms that can be used?