-
Notifications
You must be signed in to change notification settings - Fork 174
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
invalid signature: for uri calculated digest is '*' but the xml to validate supplies digest '*' #376
Comments
This is not an answer for your question. More like "side notes": I do not quite understand what you are trying to accomplish here with all the Based on example XML snippet at issue description and I.e. IMHO
You wrote:
Could you provide references to those earlier issues that you were looking before writing this issue report. As a random side note: There are lot of online examples and tools for Here is example of signing |
So...i found the issue. I am not sure if this requires an update to validation. For it to work, I had to add the transform for C14n. On reading the documentation, I believe that this was a default value but on inspecting the code in the package, I saw the value was missing in the validationXML which caused the mismatch. Also note that I changes the xpath to "Response" and took @srd90 suggestion for appending the signature.
|
Can you site where in the documentation it mentions that default value, or, even better, put up a PR with a test that makes sure the defaults correspond to the spec? |
I was also wondering back in the days what @CarlaMck77 might have meant with this
And just in case author of that comment has lost interest to this issue I share what I figured / speculated about aforementioned comment: On comment #376 (comment) 's example javascript had this:
and same comment's example XML had this:
On follow up comment #376 (comment) author had these
and XML (if such example would have been provided) would probably had looked like this: ...
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
...
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
</Transforms>
...
</Reference>
</SignedInfo>
... So what was supposedly added ("...I had to add the transform for C14n...") was Side note:
versus
This side note applies only to Side note 2: Another fuzziness:
but I fail to see that implicit addition in
...maybe this "side note 2" was something that author of issue meant because author of the issue had initially only |
@LoneRifle , do you have any thoughts on this? In all the refactoring, I don't think we touched anything related to any of these defaults in the code, but I'd have to double-check. In any case, the README should at least be clear to a reader, which it appears it currently isn't. |
@srd90: You're speculations are accurate Adding default at the beginning gave me the impression that if I did not set the value, this would be automatically chosen. Also in the example provided, nothing suggests that adding a value for Sidenote: I've never submitted any PR or MRs to a public project before but I'll give it a go. All I will ask is just to give me a bit of time :) |
@CarlaMck77 , we're more than happy to help anyone through the process of submitting PRs. Having said that, in harmony with the approach taken with In any case, more PRs, especially those that clarify the documentation or increase test coverage, are very welcome. |
@CarlaMck77 Again, thanks for pointing this out and @srd90 , thank you for providing specific details. I believe with the latest PRs that have landed there are no longer any confusing defaults set. If so, I believe we are ready for a semver-major release (pending a round of dependency updates). Please let me know if I've missed anything. |
@cjbarth commenting here even though this is not related to this issue: Did you schedule this #399 (reply in thread) to this semver major release? |
Good Day,
I have seen this reported a few different time with no resolution. I am hoping I would get some assistance in resolving this.
I am new to this type of feature, so any guidance or assistance is more than welcome. I have battling this issue for a few days now and I have no idea what to do next.
I am using version "xml-crypto": "^4.0.1"
node version v16.14.0
Error displayed as
invalid signature: for uri calculated digest is 2U1suBt1sOA2olbnbMK1gC/3FHk= but the xml to validate supplies digest OGXcEIgUP1W+Hv9ghexl8gdMtrI=
Generated XML
I used the following function to strip the spaces from the XML
Here is my SignXML function used
Let me know if I need to provide more details
The text was updated successfully, but these errors were encountered: