[xmlsec] singning an template

luiz at xharbour.com.br luiz at xharbour.com.br
Tue Aug 17 07:30:18 PDT 2010


Hi

I have the follow xml

<?xml version="1.0"?>
<ns1:ReqEnvioLoteRPS xmlns:ns1="http://localhost:8080/WsNFe2/lote"
xmlns:tipos="http://localhost:8080/WsNFe2/tp"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://localhost:8080/WsNFe2/lote
http://localhost:8080/WsNFe2/xsd/ReqEnvioLoteRPS.xsd">
<Cabecalho>
<CodCidade>6291</CodCidade>
<CPFCNPJRemetente>55299440002399</CPFCNPJRemetente>
<RazaoSocialRemetente>REDE RECAPEX PNEUS LTDA</RazaoSocialRemetente>
<transacao/>
<dtInicio>2010-08-11</dtInicio>
<dtFim>2010-08-11</dtFim>
<QtdRPS>1</QtdRPS>
<ValorTotalServicos>203.75</ValorTotalServicos>
<ValorTotalDeducoes>0.00</ValorTotalDeducoes>
<Versao>1</Versao>
<MetodoEnvio>WS</MetodoEnvio>
</Cabecalho>
<Lote Id="lote:1174">
<RPS Id="rps:000008">
<Assinatura>85dc70f0c28fd2d6ed45167f3f07fd27d96bf46</Assinatura>
<InscricaoMunicipalPrestador>00001166506</InscricaoMunicipalPrestador>
<RazaoSocialPrestador>REDE RECAPEX PNEUS LTDA</RazaoSocialPrestador>
<TipoRPS>RPS</TipoRPS>
<SerieRPS>NF</SerieRPS>
<NumeroRPS>000008</NumeroRPS>
<DataEmissaoRPS>2010-08-11T00:00:00</DataEmissaoRPS>
<SituacaoRPS>N</SituacaoRPS>
<SerieRPSSubstituido/>
<NumeroRPSSubstituido>0</NumeroRPSSubstituido>
<NumeroNFSeSubstituida>0</NumeroNFSeSubstituida>
<DataEmissaoNFSeSubstituida>1900-01-01</DataEmissaoNFSeSubstituida>
<SeriePrestacao>99</SeriePrestacao>
<InscricaoMunicipalTomador>00000000000</InscricaoMunicipalTomador>
<CPFCNPJTomador>68233436000245</CPFCNPJTomador>
<RazaoSocialTomador>ARIVALDO APARECIDO MORAES E CIA LTDA</RazaoSocialTomador>
<TipoLogradouroTomador>R</TipoLogradouroTomador>
<LogradouroTomador>JOSE ZEFERINO FERREIRA</LogradouroTomador>
<NumeroEnderecoTomador>536</NumeroEnderecoTomador>
<TipoBairroTomador/>
<BairroTomador>PQ BANDEIRANTES</BairroTomador>
<CidadeTomador>6291</CidadeTomador>
<CidadeTomadorDescricao>CAMPINAS (SP)</CidadeTomadorDescricao>
<CEPTomador>13181713</CEPTomador>
<EmailTomador/>
<CodigoAtividade>331399900</CodigoAtividade>
<AliquotaAtividade>5.0000</AliquotaAtividade>
<TipoRecolhimento>A</TipoRecolhimento>
<MunicipioPrestacao>6291</MunicipioPrestacao>
<MunicipioPrestacaoDescricao>CAMPINAS (SP)</MunicipioPrestacaoDescricao>
<Operacao>A</Operacao>
<Tributacao>T</Tributacao>
<ValorPIS>           0.00</ValorPIS>
<ValorCOFINS>           0.00</ValorCOFINS>
<ValorINSS>           0.00</ValorINSS>
<ValorIR>           0.00</ValorIR>
<ValorCSLL>           0.00</ValorCSLL>
<AliquotaPIS>0.0000</AliquotaPIS>
<AliquotaCOFINS>0.0000</AliquotaCOFINS>
<AliquotaINSS>0.0000</AliquotaINSS>
<AliquotaIR>0.0000</AliquotaIR>
<AliquotaCSLL>0.0000</AliquotaCSLL>
<DescricaoRPS/>
<DDDPrestador>19</DDDPrestador>
<TelefonePrestador>32315200</TelefonePrestador>
<DDDTomador>19</DDDTomador>
<TelefoneTomador>38640414</TelefoneTomador>
<MotCancelamento/>
<Deducoes/>
<Itens>
<Item>
<DiscriminacaoServico>ALINHAMENTO (CONV) EIXO TRAS
AUTO/CAMION</DiscriminacaoServico>
<Quantidade>    1.0000</Quantidade>
<ValorUnitario>        48.7500</ValorUnitario>
<ValorTotal>          48.75</ValorTotal>
</Item>
<Item>
<DiscriminacaoServico>CAMBAGEM(COMPLETA)DIANT.DIREITA
AUTO/CAM</DiscriminacaoServico>
<Quantidade>    1.0000</Quantidade>
<ValorUnitario>        80.0000</ValorUnitario>
<ValorTotal>          80.00</ValorTotal>
</Item>
<Item>
<DiscriminacaoServico>CAMBAGEM(COMPLETA)DIANT.ESQUER.AUTO/CAM</DiscriminacaoServico>
<Quantidade>    1.0000</Quantidade>
<ValorUnitario>        75.0000</ValorUnitario>
<ValorTotal>          75.00</ValorTotal>
</Item>
</Itens>
</RPS>
</Lote>
<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
xmlns:dsig-xpath="http://www.w3.org/2002/06/xmldsig-filter2">
    <dsig:SignedInfo>
      <dsig:CanonicalizationMethod Algorithm="" />
      <dsig:SignatureMethod Algorithm="" />
      <dsig:Reference URI="">
        <dsig:Transforms>
          <dsig:Transform
Algorithm="http://www.w3.org/2002/06/xmldsig-filter2">
            <dsig-xpath:XPath Filter="intersect"> //Lote </dsig-xpath:XPath>
            <dsig-xpath:XPath Filter="union"> //RPS </dsig-xpath:XPath>
          </dsig:Transform>
        </dsig:Transforms>
        <dsig:DigestMethod Algorithm="" />
        <dsig:DigestValue />
      </dsig:Reference>
      <dsig:Reference URI="#signature-value">
        <dsig:Transforms>
          <dsig:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"
/>
          <dsig:Transform
Algorithm="http://www.w3.org/2002/06/xmldsig-filter2">
          <dsig:Transform
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
          <dsig-xpath:XPath Filter="union"> /</dsig-xpath:XPath>
          </dsig:Transform>
        </dsig:Transforms>
        <dsig:DigestMethod Algorithm="" />
        <dsig:DigestValue />
      </dsig:Reference>
    </dsig:SignedInfo>
    <dsig:SignatureValue Id="signature-value" />
    <dsig:KeyInfo>
	<dsig:X509Data>
    <dsig:X509Certificate>
    </dsig:X509Certificate>
    </dsig:X509Data>
    </dsig:KeyInfo>
  </dsig:Signature>
</ns1:ReqEnvioLoteRPS>


i need to sing only the LOTE tag ( with all his content)

so i set the follow  c Function  (based on sing1.c sample adapted to use
xharbour compiler)

int
sign_fileex(const char* tmpl_file, const char* key_file, const char*
outfile ,const char * pass) {
    xmlDocPtr doc = NULL;
    xmlNodePtr node = NULL;
    xmlSecDSigCtxPtr dsigCtx = NULL;
    int res = -1;

    assert(tmpl_file);
    assert(key_file);

    /* load template */
    doc = xmlParseFile(tmpl_file);
    if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
          TraceLog("err.log", "Error: unable to parse file \"%s\"\n",
tmpl_file);
        goto done;
    }

    /* find start node */
    node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature,
xmlSecDSigNs);
    if(node == NULL) {
         TraceLog("err.log", "Error: start node not found in \"%s\"\n",
tmpl_file);
        goto done;
    }

    /* create signature context, we don't need keys manager in this
example */
    dsigCtx = xmlSecDSigCtxCreate(NULL);
    if(dsigCtx == NULL) {
          TraceLog("err.log","Error: failed to create signature context\n");
        goto done;
    }

    /* load private key, assuming that there is not password */
    dsigCtx->signKey = xmlSecCryptoAppKeyLoad(key_file,
xmlSecKeyDataFormatPkcs12, pass, NULL, NULL);
    if(dsigCtx->signKey == NULL) {
          TraceLog("err.log","Error: failed to load private pem key from
\"%s\"\n", key_file);
        goto done;
    }

    /* set key name to the file name, this is just an example! */
    if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
      TraceLog("err.log","Error: failed to set key name for key from
\"%s\"\n", key_file);
        goto done;
    }

    /* sign the template */
    if(xmlSecDSigCtxSign(dsigCtx, node) < 0) {
        TraceLog("err.log","Error: signature failed\n");
        goto done;
    }

    /* print signed document to stdout */
    //xmlDocDump(stdout, doc);
    xmlSaveFile(outfile,doc);

    /* success */
    res = 0;

done:
    /* cleanup */
    if(dsigCtx != NULL) {
        xmlSecDSigCtxDestroy(dsigCtx);
    }

    if(doc != NULL) {
        xmlFreeDoc(doc);
    }
    return(res);
}


HB_FUNC( SIGNXMLEX)
{
       const char* xml_file= hb_parc(1);
       const char* key_file = hb_parc(2);
        const char* outfile= hb_parc(3 ) ;
        const char * pass = hb_parc( 4 ) ;
//        const char *  datafile = hb_parc( 5);
    xmlInitParser();
    LIBXML_TEST_VERSION
    xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
    xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
    xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */

    /* Init xmlsec library */
    if(xmlSecInit() < 0) {
        TraceLog("err.log", "Error: xmlsec initialization failed.\n");
        hb_retnl( -1 ) ; return ;
    }

    /* Check loaded library version */
    if(xmlSecCheckVersion() != 1) {
        TraceLog("err.log", "Error: loaded xmlsec library version is not
compatible.\n");
        hb_retnl( -1 ) ; return ;
    }

    /* Load default crypto engine if we are supporting dynamic
     * loading for xmlsec-crypto libraries. Use the crypto library
     * name ("openssl", "nss", etc.) to load corresponding
     * xmlsec-crypto library.
     */
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
   if(xmlSecCryptoDLLoadLibrary("openssl") < 0 )
   {
                               hb_retnl( -1 ) ; return ;
   }
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */

    /* Init crypto library */
    if(xmlSecCryptoAppInit(NULL) < 0) {
        TraceLog("err.log", "Error: crypto initialization failed.\n");
        hb_retnl( -1 ) ; return ;
    }

    /* Init xmlsec-crypto library */
    if(xmlSecCryptoInit() < 0) {
        TraceLog("err.log", "Error: xmlsec-crypto initialization failed.\n");
        hb_retnl( -1 ) ; return ;
    }

    if(sign_fileex( xml_file, key_file, outfile , pass ) < 0) {
        hb_retnl( -1 ) ; return ;
    }

    /* Shutdown xmlsec-crypto library */
    xmlSecCryptoShutdown();

    /* Shutdown crypto library */
    xmlSecCryptoAppShutdown();

    /* Shutdown xmlsec library */
    xmlSecShutdown();

    /* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
    xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
    xmlCleanupParser();

    hb_retnl( 0);return;
}



but when i run this code, i get the follow erros
func=xmlSecTransformNodeRead:file=..\src\transforms.c:line=1533:obj=unknown:subj=xmlSecTransformIdListFindByHref:error=1:xmlsec
library function failed:href=
func=xmlSecTransformCtxNodeRead:file=..\src\transforms.c:line=684:obj=unknown:subj=xmlSecTransformNodeRead:error=1:xmlsec
library function failed:name=CanonicalizationMethod
func=xmlSecDSigCtxProcessSignedInfoNode:file=..\src\xmldsig.c:line=689:obj=unknown:subj=xmlSecTransformCtxNodeRead:error=1:xmlsec
library function failed:node=CanonicalizationMethod
func=xmlSecDSigCtxProcessSignatureNode:file=..\src\xmldsig.c:line=547:obj=unknown:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxSign:file=..\src\xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed:

what is the error with template

Regards
Luiz



More information about the xmlsec mailing list