[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ubl-dev] Mini UBL-Dev digital signature plugtest [with attachment]
(trying again with an attachment) At 2010-10-22 17:42 -0400, I wrote: >Hi folks! > >I've been scrambling this week trying to prepare my >freely-downloadable Windows-based environment for digitally signing >UBL documents in time for the ETSI plug test on Monday: > > http://www.etsi.org/plugtests/XAdES-2010/About.htm > >Only today did I realize that it costs EUR700 (!!!!) to >participate. I can't participate in that for something that will be >downloaded for free from my web site. > >So this is an appeal to UBL-Dev members to hold a mini plugtest by >running your XAdES software on the attached digitally signed UBL >documents. I've ZIPped it and attached it with a ".zzz" extension. > >Below is a transcript showing publicly-available XML Digital >Signature software verifying (or not!) the signed content of each >document. If I hack a single byte outside of the ><sig:UBLDocumentSignatures> element ("Hacked1"), the verification >fails. If I add anything under <sig:UBLDocumentSignatures> such as >another signature ("Hacked2"), the verification succeeds. So I >think that proves our XPath transform we are using is correct. > >But ... and here's the mini plugtest ... in my environment I'm >testing my stuff with my own stuff. Can someone else out there in >UBL-Dev land please validate the attached signed UBL documents? > >The XMLDSIG software I found checks the digital signature but not >the XAdES aspect of the signature. > >I still have a lot of work to do to package this for download from >my web site, but I think everything is working. If someone else can >tell me it is working for them, then I'll post what I've got and >then anyone can sign a UBL document. I'm no longer trying to finish >for Monday morning, but the faster someone can test this with their >own stuff, the faster I'll be more comfortable about posting the free package. > >Thank you for any help you can be! > >. . . . . . . . . . . Ken > >T:\gkholman-UBL-signatures-20101022-2140z>w3cschema >u:\ubl\UBL-2.1-PRD1-20100925\xsd\maindoc\UBL-Invoice-2.1.xsd >UBL-Invoice-2.1-Signed.xml >Xerces... >No validation errors. >Saxon... >No validation errors. >Altova... >The XML data is valid. > >T:\gkholman-UBL-signatures-20101022-2140z>w3cschema >u:\ubl\UBL-2.1-PRD1-20100925\xsd\maindoc\UBL-Order-2.1.xsd >UBL-Order-2.1-Signed.xml >Xerces... >No validation errors. >Saxon... >No validation errors. >Altova... >The XML data is valid. > >T:\gkholman-UBL-signatures-20101022-2140z>w3cschema >u:\ubl\UBL-2.1-PRD1-20100925\xsd\maindoc\UBL-Invoice-2.1.xsd >UBL-Invoice-2.1-Hacked1.xml >Xerces... >No validation errors. >Saxon... >No validation errors. >Altova... >The XML data is valid. > >T:\gkholman-UBL-signatures-20101022-2140z>w3cschema >u:\ubl\UBL-2.1-PRD1-20100925\xsd\maindoc\UBL-Invoice-2.1.xsd >UBL-Invoice-2.1-Hacked2.xml >Xerces... >No validation errors. >Saxon... >No validation errors. >Altova... >The XML data is valid. > >T:\gkholman-UBL-signatures-20101022-2140z>\xmlsec\bin\xmlsec.exe >--verify UBL-Invoice-2.1-Signed.xml >OK >SignedInfo References (ok/all): 1/1 >Manifests References (ok/all): 0/0 > >T:\gkholman-UBL-signatures-20101022-2140z>\xmlsec\bin\xmlsec.exe >--verify UBL-Order-2.1-Signed.xml >OK >SignedInfo References (ok/all): 1/1 >Manifests References (ok/all): 0/0 > >T:\gkholman-UBL-signatures-20101022-2140z>\xmlsec\bin\xmlsec.exe >--verify UBL-Invoice-2.1-Hacked1.xml >func=xmlSecOpenSSLEvpDigestVerify:file=..\src\openssl\digests.c:line=229:obj=sha1:subj=unknown:error=12:invalid >data:data and digest do not match >FAIL >SignedInfo References (ok/all): 0/1 >Manifests References (ok/all): 0/0 >Error: failed to verify file "UBL-Invoice-2.1-Hacked1.xml" > >T:\gkholman-UBL-signatures-20101022-2140z>\xmlsec\bin\xmlsec.exe >--verify UBL-Invoice-2.1-Hacked2.xml >OK >SignedInfo References (ok/all): 1/1 >Manifests References (ok/all): 0/0 > >T:\gkholman-UBL-signatures-20101022-2140z>
gkholman-UBL-signatures-20101022-2140z.zzz
-- XSLT/XQuery training: after http://XMLPrague.cz 2011-03-28/04-01 Vote for your XML training: http://www.CraneSoftwrights.com/u/i/ Crane Softwrights Ltd. http://www.CraneSoftwrights.com/u/ G. Ken Holman mailto:gkholman@CraneSoftwrights.com Male Cancer Awareness Nov'07 http://www.CraneSoftwrights.com/u/bc Legal business disclaimers: http://www.CraneSoftwrights.com/legal
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]