Android Question managing the signature of XML files

DonManfred

Expert
Licensed User
Longtime User
where is the documentation you are trying to follow???
Which Api exactly are you trying to access/need the signing for?
 
Upvote 0

Angelo Messina

Active Member
Licensed User
Longtime User
I have to send data to the Italian tax agency and use xml files to sign.
I attach an example

the first is the request for a certificate

<?xml version="1.0" encoding="UTF-8"?>
<RichiestaCertificatoDispositivo>
<Csr>MII.......NZ</Csr>
<Dispositivo>
<Tipo>DM</Tipo>
</Dispositivo>
<TecnicoVerificatore>
<CodiceFiscale>FISCALCOD</CodiceFiscale>
<PIvaSocieta>
<IdPaese>IT</IdPaese>
<IdCodice>099999999999</IdCodice>
</PIvaSocieta>
</TecnicoVerificatore>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>MZM....=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>kQRk....

==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIE.............
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</RichiestaCertificatoDispositivo>

the second is activation

<?xml version="1.0" encoding="utf-8"?>
<p:AttivaDispositivo versione="1.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:p="http://ivaservizi.agenziaentrate.gov.it/docs/xsd/corrispettivi/v1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Gestore>
<IdPaese>IT</IdPaese>
<IdCodice>09999999999</IdCodice>
</Gestore>
<TecnicoVerificatore>
<CodiceFiscale>FISCALCOD</CodiceFiscale>
<PIvaSocieta>
<IdPaese>IT</IdPaese>
<IdCodice>PERSONALCOD</IdCodice>
</PIvaSocieta>
</TecnicoVerificatore><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>c7hs..==</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>AEO...........==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIEx...</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</p:AttivaDispositivo>

and the third is the transmission of the sales amounts
 
Upvote 0

Angelo Messina

Active Member
Licensed User
Longtime User
and the third is the transmission of the sales amounts

<?xml version="1.0" encoding="utf-8"?>
<p:DatiCorrispettivi xmlns:p="http://ivaservizi.agenziaentrate.gov.it/docs/xsd/corrispettivi/dati/v1.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" versione="COR10">
<Trasmissione>
<Progressivo>4</Progressivo>
<Formato>COR10</Formato>
<Dispositivo>
<Tipo>DA</Tipo>
<IdDispositivo>0535989COG00000000</IdDispositivo>
<GeoLocalizzazione>
<Lat>38.13</Lat>
<Long>13.34</Long>
</GeoLocalizzazione>
</Dispositivo>
</Trasmissione>
<DataOraRilevazione>2018-01-04T12:24:00</DataOraRilevazione>
<DatiDA>
<Cumulato>
<Venduto>720.56</Venduto>
<VendutoContante>720.56</VendutoContante>
<VendutoNoContante>0.00</VendutoNoContante>
<Incassato>1386.70</Incassato>
<IncassatoRicarica>0.00</IncassatoRicarica>
<IncassatoVendita>1369.40</IncassatoVendita>
<TotaleResoTubiResto>628.90</TotaleResoTubiResto>
<TotaleCaricatoTubiResto>642.90</TotaleCaricatoTubiResto>
<TotaleResoManualeTubiResto>0.00</TotaleResoManualeTubiResto>
<TotaleCaricatoManualeTubiResto>17.30</TotaleCaricatoManualeTubiResto>
</Cumulato>
</DatiDA><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>AL..=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>ek...c0M==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIE..==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</p:DatiCorrispettivi>
 
Upvote 0

DonManfred

Expert
Licensed User
Longtime User
again: where is the documentation which describes the signingprotocol?
Posting some examples is of NO help.

Help us helping you and post a detailed description of the needed signing (in english language).
Otherwise i am not able to help here. And probably no other too.
 
Upvote 0

Angelo Messina

Active Member
Licensed User
Longtime User
REST API Devices
API for the use of the management and transmission services of the Fees. Where the term signed file is used, reference is made to a file in xml format signed with Xml Signature conforming to a specific element of an xml schema where the Signature element contains the XML signature. The definition of the XML signature format can be found at http://www.w3.org/TR/xmldsig-core/ (http://www.w3.org/TR/xmldsig-core/). The XML signature is profiled to facilitate interoperability, in particular:
within the Signature element there is no optional Object element
within the SignedInfo element there is a single Reference element that identifies the entire document (URI = "")
only the canonicalization algorithm is used http://www.w3.org/TR/2001/RECxml-c14n-20010315 as defined in http://www.w3.org/TR/xml-c14n (http: // www.w3.org/TR/xmlc14n)
only the signature algorithm is used http://www.w3.org/2001/04/xmldsig-more#rsasha256 as defined in http://www.w3.org/TR/xmldsig-core/ (http: / /www.w3.org/TR/xmldsig-core/)
only the hash algorithm is used http://www.w3.org/2001/04/xmlenc#sha256 as defined in http://www.w3.org/TR/xmlenc-core/ (http: // www .w3.org / TR / xmlenc-core /)
the transformation to be applied during the signature generation phase is the one defined in http://www.w3.org/TR/xmldsig-core/ (http://www.w3.org/TR/xmldsig-core/) as
http://www.w3.org/2000/09/xmldsig#envelopedsignature
the KeyInfo element contains only the signature key certificate
 
Upvote 0
Top