Please read the spec:
https://www.w3.org/TR/xmldsig-core1/#sec-CoreGeneration
As I said, debugging this w/o being able to look into the signature
generator is hard if not impossible. If this is not c14n issue then
it might be an incorrectly generated PKCS1 for the RSA signature
https://www.w3.org/TR/xmldsig-core1/#sec-PKCS1
though I highly doubt that. In this case, set breakpoints in the openssl
code and see if the generated PKCS1 is valid.
However, I would bet it is c14n -- it's a tricky standard and many
implementations don't get it right.
Aleksey
On 11/29/20 2:57 PM, Márk BARTOS wrote:
Hello,
Thank you for your answer.
Unfortunately the signer is 3rdparty (government) thing, I can't access it.
If I change all the CanonicalizationMethod Algorithm strings to
something randomly different, i got:
func=xmlSecOpenSSLEvpDigestVerify:file=digests.c:line=274:obj=sha256:subj=unknown:error=12:invalid
data:data and digest do not match [0]
and since otherwise i get:
func=xmlSecOpenSSLEvpSignatureVerify:file=evp_signatures.c:line=364:obj=rsa-sha256:subj=unknown:error=18:data
do not match:details=EVP_VerifyFinal: signature does not verify [1]
the canonicalization algorithm is applied correctly, and the digests match.
(I also get error [0] if I add a random no-op xml element like
"<elem></elem>" just before "</SignedProperties>".)
Thus I do not think this error is related to canonicalization.
(SignatureValue is generated from digest and not an xml elem thus has no
c14n pass?)
So to recap:
* xmlsec successfully verifies all the digests
* xmlsec successfully verifies the embedded cert with the one i give as
argument
* eg. there is no
"func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=341:obj=x509-store:subj=unknown:error=71:certificate
verification failed:X509_verify_cert:..<cert>...err=20; msg=unable to
get local issuer certificate" error
* yet i get error [1]
* the generated signature value does not match the value in the
SignatureValue element?
* but that is generated via the embedded cert over the embedded
digest value(known good), nothing from outside the signature xml
I am really not sure if i do something incorrectly or if this is a bug.
May I ask for further pointers?
Thank you.
Best regards,
Márk
On Thu, Nov 26, 2020 at 3:40 AM Aleksey Sanin <alek...@aleksey.com
<mailto:alek...@aleksey.com>> wrote:
It is not possible to debug it w/o having the signer along. I would
check how c14n is performed on both sides.
Aleksey
On 11/24/20 2:58 PM, Márk BARTOS wrote:
> Hello,
>
> I apologize if this is not the right place to ask.
>
> I'd like to ask for pointers why signature verification always
fails.
> (xmlsec/xmlsec-openssl 1.2.31)
> With this error:
>
func=xmlSecOpenSSLEvpSignatureVerify:file=evp_signatures.c:line=368:obj=rsa-sha256:subj=unknown:error=18:data
> do not match:details=EVP_VerifyFinal: signature does not verify
>
> Since my data (from 3rdparty, known to be good) is detached I use
xmlsec
> io callbacks to read the data.
> I know here there is no error, since if I intentionally leave the
last
> byte, the digests do not match, and the verification exits sooner
with
> that error.
>
> I also know the CA cert I use verifies the embedded cert because
if I
> set a known bad cert the verification again exits very soon with the
> "unable to verify known issuer" error.
>
> Thus I do not understand what I am missing. Could you provide
some pointers?
>
> Thank you.
>
> Signatures.xml:
> <?xml version="1.0"encoding="UTF-8"?>
> <asic:XAdESSignatures
xmlns:asic="http://uri.etsi.org/02918/v1.2.1#
<http://uri.etsi.org/02918/v1.2.1#>
> <http://uri.etsi.org/02918/v1.2.1#
<http://uri.etsi.org/02918/v1.2.1#>>">
> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#
<http://www.w3.org/2000/09/xmldsig#>
> <http://www.w3.org/2000/09/xmldsig#
<http://www.w3.org/2000/09/xmldsig#>>"Id="Signature-1">
> <SignedInfo Id="Signature-1__SignedInfo-1">
> <CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#
<http://www.w3.org/2001/10/xml-exc-c14n#>
> <http://www.w3.org/2001/10/xml-exc-c14n#
<http://www.w3.org/2001/10/xml-exc-c14n#>>"></CanonicalizationMethod>
> <SignatureMethod
> Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
<http://www.w3.org/2001/04/xmldsig-more#rsa-sha256>
> <http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
<http://www.w3.org/2001/04/xmldsig-more#rsa-sha256>>"></SignatureMethod>
> <Reference
>
Id="Signature-1__Reference-1"Type="http://uri.etsi.org/01903#SignedProperties
<http://uri.etsi.org/01903#SignedProperties>
> <http://uri.etsi.org/01903#SignedProperties
<http://uri.etsi.org/01903#SignedProperties>>"URI="#Signature-1__SignedProperties-1">
> <Transforms>
> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#
<http://www.w3.org/2001/10/xml-exc-c14n#>
> <http://www.w3.org/2001/10/xml-exc-c14n#
<http://www.w3.org/2001/10/xml-exc-c14n#>>"></Transform>
> </Transforms>
> <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>
> <http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>>"></DigestMethod>
>
<DigestValue>qIYr8zG/J0LWT8H3/WzaX+kMBkWdlOIgVOezVmyRzm8=</DigestValue>
> </Reference>
> <Reference Id="Signature-1__Reference-2"URI="pack_other_1.csv">
> <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>
> <http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>>"></DigestMethod>
>
<DigestValue>XyV+GBMP3La9CPNW9Cze75tKFIfymZKujciJmXTmMUk=</DigestValue>
> </Reference>
> <Reference Id="Signature-1__Reference-3"URI="pack_mobile_1.csv">
> <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>
> <http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>>"></DigestMethod>
>
<DigestValue>lVFUCp2gUnfLagRujP5ZsT9uvm7gmAZzppnvuqo6vp0=</DigestValue>
> </Reference>
> <Reference Id="Signature-1__Reference-4"URI="pack_fix_1.csv">
> <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>
> <http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>>"></DigestMethod>
>
<DigestValue>c/GS40xgZnkj//07+uC7wPPBa7a7xvvXlgcTJekuqGI=</DigestValue>
> </Reference>
> <Reference Id="Signature-1__Reference-5"URI="pack_location_1.csv">
> <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>
> <http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>>"></DigestMethod>
>
<DigestValue>uupcGpfOSSNFpZKiqr7jGYKr8gds422ZNLCMw+9YNWY=</DigestValue>
> </Reference>
> <Reference Id="Signature-1__Reference-6"URI="pack_fix_2.csv">
> <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>
> <http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>>"></DigestMethod>
>
<DigestValue>C27xuWDL+IpkQHo1A7mKNGBQEDnYwsWmnohgPu+Oib0=</DigestValue>
> </Reference>
> <Reference Id="Signature-1__Reference-7"URI="pack_mobile_2.csv">
> <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>
> <http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>>"></DigestMethod>
>
<DigestValue>1QyKiZ8V5bNszzMMJm38cQ3LvZ96zW8++U3+5a7zui0=</DigestValue>
> </Reference>
> </SignedInfo>
> <SignatureValue Id="Signature-1__SignatureValue-1">
> omitted
> </SignatureValue>
> <KeyInfo Id="Signature-1__KeyInfo-1">
> <X509Data>
> <X509Certificate>
> omitted
> </X509Certificate>
> </X509Data>
> </KeyInfo>
>
> <Object Id="Signature-1__Object-1">
> <QualifyingProperties xmlns="http://uri.etsi.org/01903/v1.3.2#
<http://uri.etsi.org/01903/v1.3.2#>
> <http://uri.etsi.org/01903/v1.3.2#
<http://uri.etsi.org/01903/v1.3.2#>>"Id="Signature-1__QualifyingProperties-1"Target="#Signature-1">
> <SignedProperties Id="Signature-1__SignedProperties-1">
> <SignedSignatureProperties>
> <SigningTime>2020-11-11T11:17:35Z</SigningTime>
> <SigningCertificate>
> <Cert>
> <CertDigest>
> <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#
<http://www.w3.org/2000/09/xmldsig#>
> <http://www.w3.org/2000/09/xmldsig#
<http://www.w3.org/2000/09/xmldsig#>>"Algorithm="http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>
> <http://www.w3.org/2001/04/xmlenc#sha256
<http://www.w3.org/2001/04/xmlenc#sha256>>"></DigestMethod>
> <DigestValue xmlns="http://www.w3.org/2000/09/xmldsig#
<http://www.w3.org/2000/09/xmldsig#>
> <http://www.w3.org/2000/09/xmldsig#
<http://www.w3.org/2000/09/xmldsig#>>">omitted</DigestValue>
> </CertDigest>
> <IssuerSerial>
> <X509IssuerName xmlns="http://www.w3.org/2000/09/xmldsig#
<http://www.w3.org/2000/09/xmldsig#>
> <http://www.w3.org/2000/09/xmldsig#
<http://www.w3.org/2000/09/xmldsig#>>">omitted</X509IssuerName>
> <X509SerialNumber xmlns="http://www.w3.org/2000/09/xmldsig#
<http://www.w3.org/2000/09/xmldsig#>
> <http://www.w3.org/2000/09/xmldsig#
<http://www.w3.org/2000/09/xmldsig#>>">omitted</X509SerialNumber>
> </IssuerSerial>
> </Cert>
> </SigningCertificate>
> <SignaturePolicyIdentifier>
> <SignaturePolicyImplied></SignaturePolicyImplied>
> </SignaturePolicyIdentifier>
> </SignedSignatureProperties>
> <SignedDataObjectProperties>
> <DataObjectFormat ObjectReference="#Signature-1__Reference-2">
> <MimeType>text/csv</MimeType>
> </DataObjectFormat>
> <DataObjectFormat ObjectReference="#Signature-1__Reference-3">
> <MimeType>text/csv</MimeType>
> </DataObjectFormat>
> <DataObjectFormat ObjectReference="#Signature-1__Reference-4">
> <MimeType>text/csv</MimeType>
> </DataObjectFormat>
> <DataObjectFormat ObjectReference="#Signature-1__Reference-5">
> <MimeType>text/csv</MimeType>
> </DataObjectFormat>
> <DataObjectFormat ObjectReference="#Signature-1__Reference-6">
> <MimeType>text/csv</MimeType>
> </DataObjectFormat>
> <DataObjectFormat ObjectReference="#Signature-1__Reference-7">
> <MimeType>text/csv</MimeType>
> </DataObjectFormat>
> </SignedDataObjectProperties>
> </SignedProperties>
> </QualifyingProperties>
> </Object>
> </Signature>
> </asic:XAdESSignatures>
>
> Best regards,
>
> Márk
>
> /This e-mail and any attachments is intended solely for the
addressee.
> If you are not the addressee please do not read, print, re-transmit,
> store or act in reliance on it or any attachments. Instead,
please email
> it back to the sender and then immediately permanently delete it.
Any
> disclosure, reproduction, distribution or other use of this
message or
> any attachments by an individual or entity other than the intended
> recipient is prohibited./
/This e-mail and any attachments is intended solely for the addressee.
If you are not the addressee please do not read, print, re-transmit,
store or act in reliance on it or any attachments. Instead, please email
it back to the sender and then immediately permanently delete it. Any
disclosure, reproduction, distribution or other use of this message or
any attachments by an individual or entity other than the intended
recipient is prohibited./
_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec
