0

I am using an example (Node.js Create Egypt ITIDA CAdES-BES Signature with Automatic JSON Canonicalization) but I always get this error ( 4043 4043:message-digest attribute value does not match calculated value[message-digest attribute value does not match calculated value] ).

Can you help me with the solution?

Code Used:

 // This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

var crypt = new chilkat.Crypt2();
crypt.VerboseLogging = true;

var cert = new chilkat.Cert();
cert.VerboseLogging = true;

// Set the smart card PIN, which will be needed for signing.
cert.SmartCardPin = "12345678";

// There are many ways to load the certificate.  
// This example was created for a customer using an ePass2003 USB token.
// Assuming the USB token is the only source of a hardware-based private key..
var success = cert.LoadFromSmartcard("");
if (success !== true) {
    console.log(cert.LastErrorText);
    return;
}

// Tell the crypt class to use this cert.
success = crypt.SetSigningCert(cert);
if (success !== true) {
    console.log(crypt.LastErrorText);
    return;
}

var cmsOptions = new chilkat.JsonObject();
// Setting "DigestData" causes OID 1.2.840.113549.1.7.5 (digestData) to be used.
cmsOptions.UpdateBool("DigestData",true);
cmsOptions.UpdateBool("OmitAlgorithmIdNull",true);

// Indicate that we are passing normal JSON and we want Chilkat do automatically
// do the ITIDA JSON canonicalization:
cmsOptions.UpdateBool("CanonicalizeITIDA",true);

crypt.CmsOptions = cmsOptions.Emit();

// The CadesEnabled property applies to all methods that create CMS/PKCS7 signatures. 
// To create a CAdES-BES signature, set this property equal to true. 
crypt.CadesEnabled = true;

crypt.HashAlgorithm = "sha256";

var jsonSigningAttrs = new chilkat.JsonObject();
jsonSigningAttrs.UpdateInt("contentType",1);
jsonSigningAttrs.UpdateInt("signingTime",1);
jsonSigningAttrs.UpdateInt("messageDigest",1);
jsonSigningAttrs.UpdateInt("signingCertificateV2",1);
crypt.SigningAttributes = jsonSigningAttrs.Emit();

// By default, all the certs in the chain of authentication are included in the signature.
// If desired, we can choose to only include the signing certificate:
crypt.IncludeCertChain = false;


var jsonToSign = "{ ... }";

// Create the CAdES-BES signature.
crypt.EncodingMode = "base64";

// Make sure we sign the utf-8 byte representation of the JSON string
crypt.Charset = "utf-8";

var sigBase64 = crypt.SignStringENC(jsonToSign);
if (crypt.LastMethodSuccess == false) {
    console.log(crypt.LastErrorText);
    return;
}

console.log("Base64 signature:");
console.log(sigBase64);
Eslam
  • 1
  • 1
  • Please provide enough code so others can better understand or reproduce the problem. – Community Jun 05 '22 at 23:31
  • FYI, we have added Digital Signature as per Egypt ITIDA CAdES-BES standard to [Signer.Digital](https://signer.digital/) offerings. – Bharat Vasant Jul 08 '22 at 10:27
  • Refer to answer https://stackoverflow.com/a/72964373/9659885 for free javascript api for Egypt ITIDA CAdES-BES signature; to be used in web applications from modern browsers. – Bharat Vasant Jul 13 '22 at 10:15

3 Answers3

1

We were having this error, until we were advised of not using any null values in the json file. So, pls try to replace any null values in json file with "".

Mohamed Hedeya
  • 153
  • 5
  • 22
0

Check to see if the information at this Chilkat blog post helps: https://cknotes.com/itida-4043message-digest-attribute-value-does-not-match-calculated-value/

Chilkat Software
  • 1,405
  • 1
  • 9
  • 8
  • ok, now as i read in blog you mentioned i try " Create ITIDA Signed JSON and Send to ETA (Egypt Tax Authority) Portal " but i get this response Response status code: 400 Response body: { "error": { "code": "ValidationError", "message": null, "target": null, "details": [ { "code": "submission", "target": "submission", "message": "Invalid structured submission. For more details contact the System Admin using Correlation Id: 0HMHR7GAN3E9F:0000000B" } ] } } – Eslam Jun 06 '22 at 12:15
  • i use this tool to generate json https://tools.chilkat.io/Default.cshtml , as you mentioned in example – Eslam Jun 06 '22 at 12:17
  • any suggestions? @ChilkatSoftware – Eslam Jun 06 '22 at 13:13
0

See this example for details about debugging and what you can send to Chilkat: https://www.example-code.com/nodejs/itida_egypt_debug.asp

Chilkat Software
  • 1,405
  • 1
  • 9
  • 8