Written by

Developer at Consistem Sistemas

Question Marcio Coelho · Dec 15, 2021

Validate XML signature

#Caché #XML

I Have a problem with a Signature validator to XML file, when this file have more than one Signature tag.

Like This

This is my method of validation

Validate(file,element,clazz) ;new reader,sc,data,xmlSignature;set sc=reader.OpenFile(file)quit:$$$ISERR(sc) sc; get elementetdo reader.Correlate(element,clazz)if 'reader.Next(.data,.sc){quit sc };do reader.Correlate("Signature","%XML.Security.Signature")if 'reader.Next(.xmlSignature,.sc) {
    quit sc};quit xmlSignature.ValidateDocument(data)

I Get this error when to try call Validate("file.xml","NFe","class")
<METHOD DOES NOT EXIST>zValidateElement+35^%XML.Security.Signature.1 *GetNode "class"

Discussion (3)0

Add reply

Comments

Eduard Lebedyuk · Dec 17, 2021

Try it like this:

new reader,sc,data,xmlSignature

set sc=reader.OpenFile(file)
quit:$$$ISERR(sc) sc

set document = reader.Document

do reader.Correlate("Signature","%XML.Security.Signature")
if 'reader.Next(.xmlSignature,.sc) {
    quit sc
}

quit xmlSignature.ValidateDocument(document)

From docs.

0 0

Marcio Coelho Dec 17, 2021 to Eduard Lebedyuk

I talked to intersystems support. he asked me to break validation into two steps. one for each Tag. I'm trying to follow the support tips. But without success so far. In this example I'm trying to validate just the first <NFe> tag

; ; set sc=$$ValidateNFe("teste.xml","v400");ValidateNFe(cswFileNameOrStream,cswNFeVersion) ;new reader,sc,data,nfeStream,protNFeStream,clazzProc,clazzNFe,clazzProtNFe;set sc=$$Reader(cswFileNameOrStream,.reader)quit:$$$ISERR(sc) sc;set clazzProc="br.com.sefaz.nfe."_cswNFeVersion_".TNfeProc";set sc=##class(%Dictionary.CompiledClass).%ExistsId(clazzProc)quit:$$$ISERR(sc) $$$ERROR(10000,"Classe ("_clazzProc_") não existente!"); do reader.Correlate("nfeProc",clazzProc)if 'reader.Next(.data,.sc){quit $$$ERROR(10000,"Arquivo XML inválido!") };set sc=$$XmlToStream(data.NFe,.nfeStream)quit:$$$ISERR(sc) sc;set sc=##class(%XML.Document).GetDocumentFromStream(nfeStream,.document)do document.AddIDs()quit data.NFe.Signature.ValidateDocument(document)Reader(cswFileNameOrStream,cswReader) ;new sc;set cswReader=##class(%XML.Reader).%New()set sc=cswReader.OpenStream(cswFileNameOrStream)quit sc

XmlToStream(cswObj,xmlStream) ;new writer,sc;set writer=##class(%XML.Writer).%New() set writer.Charset="UTF-8"set writer.Indent=1set writer.NoXMLDeclaration=1set xmlStream=##class(%GlobalBinaryStream).%New();set sc=writer.OutputToStream(.xmlStream)quit:$$$ISERR(sc) sc;set sc=writer.RootObject(cswObj)quit sc

I get this error

w sc
FailedCheck

I believe that my "XmlToStream" rule is changing the original XML and therefore the validation was compromised. Does that make any sense?

0 0

Marcio Coelho Jan 4, 2022 to Marcio Coelho

HI all.....
I found a simple solution....

ValidateSignature(cswFileNameOrStream) ;new sc,status,xmlSignature,cswRootCA,reader;set cswRootCA="/certfiles/root_ca_icp-brasil.crt"set reader=##class(%XML.Reader).%New();set sc=reader.OpenFile(cswFileNameOrStream)quit:$$$ISERR(sc) sc;do reader.Correlate("Signature", "%XML.Security.Signature")while (reader.Next(.xmlSignature, .status) && (sc=$$$OK)) {set sc = xmlSignature.ValidateDocument(reader.Document,,cswRootCA)};quit sc

0 0