1

I need to sign an UBL 2.1 Invoice using c#. The proble is that, after signing i need the Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" to be embeded in

an UBLExtensions element, like so

<Invoice xmlns="urn:oasis:names:specification:ubl:schema:xsd:Invoice-2" xmlns:cbc="urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2" xmlns:cac="urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2" xmlns:ext="urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2">

I have tried to add these elements at a later time, but the signature is not considered valid.

I don't have any experience signing XML files, so any help would be much apreciated

EDIT

The initial XML file is

<Invoice xmlns="urn:oasis:names:specification:ubl:schema:xsd:Invoice-2" xmlns:cbc="urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2" xmlns:cac="urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2" xmlns:ext="urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2">
   ... Invoice Elements
</Invoice>

I need to produce something like

<Invoice xmlns="urn:oasis:names:specification:ubl:schema:xsd:Invoice-2" xmlns:cbc="urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2" xmlns:cac="urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2" xmlns:ext="urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2">
   <ext:UBLExtensions>
      <ext:UBLExtension xmlns:sac="urn:oasis:names:specification:ubl:schema:xsd:SignatureAggregateComponents-2" xmlns:sbc="urn:oasis:names:specification:ubl:schema:xsd:SignatureBasicComponents-2" xmlns:sig="urn:oasis:names:specification:ubl:schema:xsd:CommonSignatureComponents-2">
         <ext:ExtensionContent>
            <sig:UBLDocumentSignatures>
               <sac:SignatureInformation>
                  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
                     ... signature contents produced by signed xml class
                  </Signature>
               </sac:SignatureInformation>
            </sig:UBLDocumentSignatures>
         </ext:ExtensionContent>
      </ext:UBLExtension>
   </ext:UBLExtensions>
    ... Invoice Elements
</Invoice>

If I add these elements at a later time, the signature is considered invalid.

Again, any help will be highly appreciated.

The link to the actual signed file is this one: signed_xml

MSantos
  • 53
  • 1
  • 7
  • Do you mean the signature is not meeting schema requirements? Take xml that is failing and paste in view as follows from VS menu : Project : Add new Item : Xml file. Errors will show as compiler errors in Error View. You should be able to click on schema(s) to see the actual schema requirement that is failing. – jdweng Jan 03 '19 at 12:20
  • Thank you for your time but I have no schema validation problems. The problem lies within the signature itself. – MSantos Jan 03 '19 at 12:31
  • Do you mean like in following SOAP : https://stackoverflow.com/questions/46722997/saml-assertion-in-a-xml-using-c-sharp/46724392 – jdweng Jan 03 '19 at 12:34
  • No, i just edited my question, hope it clarifies the subject. But thanks anyway. – MSantos Jan 03 '19 at 13:25
  • I think it is failing the schema check for ExtensionContent. See schema at following URL : https://github.com/ept/oaccounts/blob/master/xsd/common/UBL-CommonExtensionComponents-2.0.xsd Look at line 141. There is no definition. Line 138 indicates the min and max are 1. Must Have. It also indicates the names space is xsd while you have ext. – jdweng Jan 03 '19 at 13:52
  • Thanks again, but my document validades correctly against the schema. Inside the ExtensionContent element I have de SignatureInformation element, from the signature agregate components.If I add the signature element as the first element in the document (below invoice) I can validate the signature correctly, but the signature validation fails when i use it in the ubl extension – MSantos Jan 03 '19 at 14:46
  • The schema is showing UBLExtensions (with s) and UBLExtension (no s). It looks like it is an array. You are missing . The signature doesn't look like it is part of the UBLExtensions. The signature I think belongs someplace else in the xml. – jdweng Jan 03 '19 at 17:03
  • Please take a look at the actual file i'm producing. You'll see it validates. Tjanks in advance! [example file](https://drive.google.com/open?id=1dwDyLfpvRYN59T5Thkldu6t1ErMVtQ16) – MSantos Jan 03 '19 at 17:16
  • It is not validating. Do what I said in my first response. The closing tag is missing the forward slash. Then go to following url (I clicked on the URL in signature to get link) and read paragraph 2.0 : http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/Overview.html# – jdweng Jan 03 '19 at 17:56
  • Sorry, but that is misspelled. Have you donloaded the file in the link (it's plain xml)? If that tag wasn't closed, i would have a malformed xml, and that is not the case – MSantos Jan 03 '19 at 18:00
  • Can you clarify what the xml looks like before you start to add signature. The code should be very similar to the SOAP link I posted in my 2nd response. You need to use my code from SignXmlWithCertificate(). You have to pass the XmlElement and the certificate. – jdweng Jan 03 '19 at 20:33

2 Answers2

1

The problem was that the extension elements must be placed on the document before the signing process. Shame on me! Thak you for your time!

MSantos
  • 53
  • 1
  • 7
0

How about this...

var nodes = xmlDoc.GetElementsByTagName("Invoice");
nodes(0).AppendChild(signature);
xmlDoc.Save(xmlFilePath);
Josip Sibenik
  • 21
  • 4