asn1js Error: Too big integer - Unable to sign and verify Xades-EPES with pfx emitted by public authority.
bleikg9 opened this issue · 1 comments
First and foremost, great library and thank you for building and publishing this repo.
To the good part - I started out by trying to sign my electronic invoice and adding a couple of references, but on my couple of days of reading and failing, I noticed that my digest values were always changing. So I turned to a much simpler example and used the sandbox example you guys posted here:
CodeSandBox by microshine
to validate a simple xml file. i.e
const xml = <xml><test/></xml>;
-
I updated the Certificate value and the path to the .pfx file handed to me by the public authority my company bough it from and when using this code to validate it returns invalid.
When using online xades validators as well as this code to verify my signature i get that it is invalid.
const fs = require("fs"); const { Crypto } = require("@peculiar/webcrypto"); const xadesjs = require("xadesjs"); xadesjs.Application.setEngine("NodeJS", new Crypto()); const xmlToValidate = fs.readFileSync("/Users/bleikurrego/Desktop/invoiceXML2.xml","utf8"); // Read completed file/ let signedDocument = xadesjs.Parse(xmlToValidate); let xmlSignature = signedDocument.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature"); let signedXmlToValidate = new xadesjs.SignedXml(signedDocument); // console.log(xmlSignature); signedXmlToValidate.LoadXml(xmlSignature[0]); signedXmlToValidate.Verify() .then(res => { console.log((res ? "Valid" : "Invalid") + " signature", res); }) .catch(function (e) { console.error(e); });
After many failed attempts I turned to converting the pfx file to to their respective .pem files using openssl:
openssl pkcs12 -in LNDLCert.pfx -clcerts -nokeys -out certificate.pem
openssl pkcs12 -in LNDLCert.pfx -nocerts -out private_key.pem -nodes
and used the examples in the repo to run the signature. But when using this method I can't event get it to sign since I get this error from asn1js:
Error: Too big integer at Function.parse (/Users/bleikurrego/Downloads/sandbox/node_modules/@peculiar/asn1-schema/build/index.js:325:19) at Function.importKey (/Users/bleikurrego/Downloads/sandbox/node_modules/@peculiar/webcrypto/build/webcrypto.js:1112:54) at RsaSsaProvider.onImportKey (/Users/bleikurrego/Downloads/sandbox/node_modules/@peculiar/webcrypto/build/webcrypto.js:1271:37) at RsaSsaProvider.importKey (/Users/bleikurrego/Downloads/sandbox/node_modules/webcrypto-core/build/webcrypto-core.js:213:33) at SubtleCrypto.importKey (/Users/bleikurrego/Downloads/sandbox/node_modules/webcrypto-core/build/webcrypto-core.js:825:29) at main (/Users/bleikurrego/Downloads/sandbox/index2.js:39:35) at Object.<anonymous> (/Users/bleikurrego/Downloads/sandbox/index2.js:91:1) at Module._compile (node:internal/modules/cjs/loader:1099:14) at Object.Module._extensions..js (node:internal/modules/cjs/loader:1153:10) at Module.load (node:internal/modules/cjs/loader:975:32)
I dont know if the Serial number on the certificate is the issue or if the private key itself is it. Anyone that could help me out would be greatly appreciated (a cup of coffee would be in debt).
Closing this issue, the problem pertained to the header of the key and certificate were generated.