Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signature is not verified at ESP end although public certificate updated #216

Open
fixbug11081 opened this issue Aug 31, 2020 · 4 comments
Open

Signature is not verified at ESP end although public certificate updated #216

fixbug11081 opened this issue Aug 31, 2020 · 4 comments

Comments

@fixbug11081
Copy link

fixbug11081 commented Aug 31, 2020
edited
Loading

Please see the request xml data and signed request xml using algo RSA_SHA256
[](https://pastebin.com/vpAd4ng6)

https://pastebin.com/vpAd4ng6
Response

<EsignResp errCode="ESP-911" errMsg="Input XML Signature verification failed" ............>

`
error

=================================
Below is programm

// Load the XML to be signed
$doc = new DOMDocument();
$doc->load(storage_path().'/'.'cdacrequest.xml');

// Create a new Security object
$objDSig = new XMLSecurityDSig('');
$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
// Sign using SHA-256
$objDSig->addReference(
    $doc,
    XMLSecurityDSig::SHA256,
    array('http://www.w3.org/2000/09/xmldsig#enveloped-signature')
);

// Create a new (private) Security key
$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type'=>'private'));
  //If key has a passphrase, set it using
//$objKey->passphrase = 'Mail@54cr';

// Load the private key
$objKey->loadKey(storage_path().'/'.'test_primarykey.pem', TRUE);

// Sign the XML file
$objDSig->sign($objKey);

// Add the associated public key to the signature

// $objDSig->add509Cert(file_get_contents(storage_path().'/'.'certificate.crt'));

// Append the signature to the XML
$objDSig->appendSignature($doc->documentElement);
// Save the signed XML
$doc->save(storage_path().'/'.'cdacsigned256xml.xml');
$signedXML = file_get_contents(storage_path().'/'.'cdacsigned256xml.xml');

$signedXML = str_replace('<?xml version="1.0"?>','', $signedXML);

return view('esign')->with(['requestcontent'=>$signedXML]);

===============End of program====================

They are saying signature is wrong and not having right algorithm . I have used RSA_SHA256 algo.......
What is issue ? Please tell me.
@akalongman
Copy link

@fixbug11081 same issue here. Did you find a solution?

@big89
Copy link

big89 commented Sep 27, 2022

@fixbug11081 Did you got solution for this issue?

@big89
Copy link

big89 commented Oct 4, 2022

Hi @robrichards Could you please help me with similar issue?

Thanks in advance!

@robrichards
Copy link
Owner

@big89 Does the documentation for the endpoint you are integrating with have any hard requirements for algorithms that can be used?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@robrichards @akalongman @big89 @fixbug11081