[xmlsec] xml with multiple <Signature> nodes
Aleksey Sanin
aleksey at aleksey.com
Thu Feb 27 08:43:31 PST 2014
You specify the signature node with --node-id/xpath option and do
signatures one at a time.
Aleksey
On 2/27/14, 5:18 AM, Thiago Margarida wrote:
> Hi,
>
> I’m trying since yesterday to sign a xml with multiple <Signature>
> nodes. I tried in a few diferente ways, and I Always got an error, or
> just 1 node signed.
>
> Can you give a clue of whats’s wrong and the right way/where to look to
> find the right way to do?
>
>
>
> Thank you in advance!
>
>
>
> The xml used is at the end of the email, and the last way I tried was
> with this line:
>
> xmlsec1 --sign --dtd-file tosign.dtd --output notaassinada.xml --pkcs12
> certificado.p12 --pwd pass --trusted-pem certificado.pem
> notafiscal1393445081.xml
>
>
>
> The DTD:
>
> <!ATTLIST LoteRps Id ID #IMPLIED>
>
> <!ATTLIST InfRps Id ID #IMPLIED>
>
>
>
> And the xml:
>
> (LoteRps is a invoice, and InfRps are the invoice itens)
>
>
>
>
>
>
>
> <?xml version="1.0" encoding="UTF-8" ?>
>
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:e="http://www.betha.com.br/e-nota-contribuinte-ws"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>
> <soap:Header/>
>
> <soap:Body>
>
> <e:EnviarLoteRpsEnvio
> xmlns:e="http://www.betha.com.br/e-nota-contribuinte-ws">
>
> <LoteRps Id="Lote35">
>
> <NumeroLote>35</NumeroLote>
>
> <Cnpj>1111111111111</Cnpj>
>
> <InscricaoMunicipal>857</InscricaoMunicipal>
>
> <QuantidadeRps>2</QuantidadeRps>
>
> <ListaRps>
>
> <Rps>
>
> <InfRps Id="RPS8181">
>
> <IdentificacaoRps>
>
> <Numero>8181</Numero>
>
> <Serie>AAAAA</Serie>
>
> <Tipo>1</Tipo>
>
> </IdentificacaoRps>
>
> <DataEmissao>2014-02-26T15:30:06</DataEmissao>
>
> <NaturezaOperacao>1</NaturezaOperacao>
>
> <OptanteSimplesNacional>2</OptanteSimplesNacional>
>
> <IncentivadorCultural>2</IncentivadorCultural>
>
> <Status>1</Status>
>
> <Servico>
>
> <Valores>
>
> <ValorServicos>483.00</ValorServicos>
>
> <ValorDeducoes>362.25</ValorDeducoes>
>
> <IssRetido>2</IssRetido>
>
> <BaseCalculo>-241.50</BaseCalculo>
>
> <ValorLiquidoNfse>120.75</ValorLiquidoNfse>
>
> <DescontoIncondicionado>362.25</DescontoIncondicionado>
>
> </Valores>
>
> <ItemListaServico>1111111</ItemListaServico>
>
> <Discriminacao>aaaaaaaaa</Discriminacao>
>
> <CodigoMunicipio>1111</CodigoMunicipio>
>
> </Servico>
>
> <Prestador>
>
> <Cnpj>1111</Cnpj>
>
> <InscricaoMunicipal>111111</InscricaoMunicipal>
>
> </Prestador>
>
> <Tomador>
>
> <IdentificacaoTomador>
>
> <CpfCnpj>
>
> <Cpf>111111111</Cpf>
>
> </CpfCnpj>
>
> </IdentificacaoTomador>
>
> <RazaoSocial>aaaaaaa</RazaoSocial>
>
> <Endereco>
>
> <Endereco>aaaaa</Endereco>
>
> <Numero>1111</Numero>
>
> <Bairro>1111</Bairro>
>
> <CodigoMunicipio>1111111111</CodigoMunicipio>
>
> <Uf>SC</Uf>
>
> <Cep>1111</Cep>
>
> </Endereco>
>
> </Tomador>
>
> </InfRps>
>
> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
>
> <SignedInfo>
>
> <CanonicalizationMethod
> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
>
> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>
> <Reference URI="#RPS8181">
>
> <Transforms>
>
> <Transform
> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
>
> </Transforms>
>
> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <DigestValue>1</DigestValue>
>
> </Reference>
>
> </SignedInfo>
>
> <SignatureValue/>
>
> <KeyInfo>
>
> <X509Data><X509Certificate/>
>
> </X509Data>
>
> </KeyInfo>
>
> </Signature>
>
> </Rps>
>
> <Rps>
>
> <InfRps Id="RPS8182">
>
> <IdentificacaoRps>
>
> <Numero>8182</Numero>
>
> <Serie>AAAAA</Serie>
>
> <Tipo>1</Tipo>
>
> </IdentificacaoRps>
>
> <DataEmissao>2014-02-26T15:30:06</DataEmissao>
>
> <NaturezaOperacao>1</NaturezaOperacao>
>
> <OptanteSimplesNacional>2</OptanteSimplesNacional>
>
> <IncentivadorCultural>2</IncentivadorCultural>
>
> <Status>1</Status>
>
> <Servico>
>
> <Valores>
>
> <ValorServicos>435.00</ValorServicos>
>
> <ValorDeducoes>65.25</ValorDeducoes>
>
> <IssRetido>2</IssRetido>
>
> <BaseCalculo>304.50</BaseCalculo>
>
> <ValorLiquidoNfse>369.75</ValorLiquidoNfse>
>
> <DescontoIncondicionado>65.25</DescontoIncondicionado>
>
> </Valores>
>
> <ItemListaServico>0801</ItemListaServico>
>
> <Discriminacao>Serviços educacionais - Ana Paula Alves Borges de
> Jesus</Discriminacao>
>
> <CodigoMunicipio>111111</CodigoMunicipio>
>
> </Servico>
>
> <Prestador>
>
> <Cnpj>111111</Cnpj>
>
> <InscricaoMunicipal>857</InscricaoMunicipal>
>
> </Prestador>
>
> <Tomador>
>
> <IdentificacaoTomador>
>
> <CpfCnpj>
>
> <Cpf>1111111</Cpf>
>
> </CpfCnpj>
>
> </IdentificacaoTomador>
>
> <RazaoSocial>aaaaaaaaaa</RazaoSocial>
>
> <Endereco>
>
> <Endereco>Porto Seguro</Endereco>
>
> <Numero>sn</Numero>
>
> <Bairro>Guarujá</Bairro>
>
> <CodigoMunicipio>111111</CodigoMunicipio>
>
> <Uf>SC</Uf>
>
> <Cep>1111111</Cep>
>
> </Endereco>
>
> </Tomador>
>
> </InfRps>
>
> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
>
> <SignedInfo>
>
> <CanonicalizationMethod
> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
>
> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>
> <Reference URI="#RPS8182">
>
> <Transforms>
>
> <Transform
> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
>
> </Transforms>
>
> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <DigestValue>1</DigestValue>
>
> </Reference>
>
> </SignedInfo>
>
> <SignatureValue/>
>
> <KeyInfo>
>
> <X509Data><X509Certificate/>
>
> </X509Data>
>
> </KeyInfo>
>
> </Signature>
>
> </Rps>
>
> </ListaRps>
>
> </LoteRps>
>
> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
>
> <SignedInfo>
>
> <CanonicalizationMethod
> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
>
> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>
> <Reference URI="#Lote35">
>
> <Transforms>
>
> <Transform
> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
>
> </Transforms>
>
> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <DigestValue>1</DigestValue>
>
> </Reference>
>
> </SignedInfo>
>
> <SignatureValue/>
>
> <KeyInfo>
>
> <X509Data><X509Certificate/>
>
> </X509Data>
>
> </KeyInfo>
>
> </Signature>
>
> </e:EnviarLoteRpsEnvio>
>
> </soap:Body>
>
> </soap:Envelope>
>
More information about the xmlsec
mailing list