I'm trying to sign a xml with a X509Certificate, i'm using the signer gem.
private_key_file = File.join(File.dirname(__FILE__), '/cert/1234567890001_priKEY.pem')
cert_file = File.join(File.dirname(__FILE__), '/cert/1234567890001_certKEY.pem')
input_xml_file = File.join(File.dirname(__FILE__), 'nfce_xml.xml')
signer = Signer.new(File.read(input_xml_file))
signer.cert = OpenSSL::X509::Certificate.new(File.read(cert_file))
signer.private_key = OpenSSL::PKey::RSA.new(File.read(private_key_file), "")
signer.security_node = signer.document.root
signer.security_token_id = ""
signer.digest!(signer.document.root, :id => "NFe51150501882109000162650010000000011064552496", :enveloped => true)
signer.sign!(:issuer_serial => true)
signed_xml = signer.to_xml
File.open("signed.xml", 'w') {|f| f.write(signed_xml) }
the signature:
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="#NFe51150501882109000162650010000000011064552496">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>xgvKmWBZeQSt0vue30DzzBvc494=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>DE8BKKsxBAh/zEnX/N/P0f/xOZD7O...</SignatureValue>
<KeyInfo>
<X509Data>
<X509IssuerSerial>
<X509IssuerName>System.Security.Cryptography.X509Certificates.X500DistinguishedName</X509IssuerName>
<X509SerialNumber>2701224559233645315</X509SerialNumber>
</X509IssuerSerial>
<X509Certificate>MIIIHzCCBgegAwIBAgIIJXytbMe...</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
but i need remove the X509IssuerSerial tag, add this transform:
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
and also change CanonicalizationMethod to:
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
Someone can help?
Thanks.
