2
Invalid Signature
Good afternoon, I have a problem transmitting the information to the webservices of eSocial. The process I do is the following: the events Xmls are generated on the server, returned to an application that runs on the client machine and is responsible for signing the events and carrying the transmission to eSocial. The transmission of the batch is made and received successfully, but when consulting the information by the query webservice ( by the return delivery receipt in the shipment ) a code error is returned 142 and description Invalid event signature. Suggested Actions: Check for event changes after signing. Check for subscription validity.
I will put down the submitted file and the method responsible for signing. (The certificate data were omitted)
<eSocial xmlns="http://www.esocial.gov.br/schema/lote/eventos/envio/v1_1_1">
<envioLoteEventos grupo="2">
<ideEmpregador>
<tpInsc>1</tpInsc>
<nrInsc>95784204000177</nrInsc>
</ideEmpregador>
<ideTransmissor>
<tpInsc>1</tpInsc>
<nrInsc>05964161000119</nrInsc>
</ideTransmissor>
<eventos>
<evento Id="ID1957842040001772018121314262900000">
<eSocial xmlns="http://www.esocial.gov.br/schema/evt/evtToxic/v02_05_00">
<evtToxic Id="ID1957842040001772018120609352600000">
<ideEvento>
<indRetif>0</indRetif>
<tpAmb>2</tpAmb>
<procEmi>1</procEmi>
<verProc>01.00.00</verProc>
</ideEvento>
<ideEmpregador>
<tpInsc>1</tpInsc>
<nrInsc>95784204000177</nrInsc>
</ideEmpregador>
<ideVinculo>
<cpfTrab>56641686094</cpfTrab>
<nisTrab>12025177234</nisTrab>
<matricula>621</matricula>
</ideVinculo>
<toxicologico>
<dtExame>2018-12-06</dtExame>
<indRecusa>S</indRecusa>
</toxicologico>
</evtToxic>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<DigestValue>...</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>...</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>...</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</eSocial>
</evento>
</eventos>
</envioLoteEventos>
</eSocial>
Here the code responsible for creating the lot and then signing the event.
var cl = new WSEsocial.Envio.ServicoEnviarLoteEventosClient();
cl.ClientCredentials.ClientCertificate.SetCertificate(cert.SubjectName.Name, System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser, System.Security.Cryptography.X509Certificates.StoreName.My);
XmlElement _getXmlElement(string xml)
{
var d = new XmlDocument();
d.LoadXml(_serviceSign.Sign(cert, xml).OuterXml);
return d.DocumentElement;
}
var lote = new eSocial()
{
envioLoteEventos = new eSocialEnvioLoteEventos()
{
grupo = (sbyte)model.GrupoEvento,
ideEmpregador = new TIdeEmpregador()
{
nrInsc = model.UnidadeInsc,
tpInsc = (sbyte)model.TipoInsc
},
ideTransmissor = new TIdeTransmissor()
{
nrInsc = cnpj,
tpInsc = (sbyte)1
},
eventos = new eSocialEnvioLoteEventosEventos()
{
evento = model.Eventos.Select(x => new TArquivoEsocial
{
Id = x.Id,
Any = _getXmlElement(x.XmlString)
}).ToList()
}
}
};
public XmlDocument Sign(System.Security.Cryptography.X509Certificates.X509Certificate2 cert, string xmlString)
{
var doc = new XmlDocument();
doc.PreserveWhitespace = false;
doc.LoadXml(xmlString);
Reference referenc = new Reference
{
Uri = string.Empty,
DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256",
};
referenc.AddTransform(new XmlDsigEnvelopedSignatureTransform());
referenc.AddTransform(new XmlDsigC14NTransform());
referenc.DigestMethod = XmlSignatureExtensions.SHA256DIGEST;
var kInfo = new KeyInfo();
kInfo.AddClause(new KeyInfoX509Data(cert));
var privKey = (RSACryptoServiceProvider)cert.PrivateKey;
var enhCsp = new RSACryptoServiceProvider().CspKeyContainerInfo;
var cspparams = new CspParameters(enhCsp.ProviderType, enhCsp.ProviderName, privKey.CspKeyContainerInfo.KeyContainerName);
privKey = new RSACryptoServiceProvider(cspparams);
var signDoc = new SignedXml(doc)
{
KeyInfo = kInfo,
SigningKey = privKey
};
signDoc.SignedInfo.SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
signDoc.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigC14NTransformUrl;
signDoc.AddReference(referenc);
signDoc.ComputeSignature();
doc.DocumentElement.AppendChild(doc.ImportNode(signDoc.GetXml(), true));
return doc;
}
I really appreciate it if someone can shed some light on. Thank you
Thanks for the feedback, I am aware of this issue of SST, by the fact that our software is responsible only for these events.
– Vicenzo Martinelli
I’ll check the two links you forwarded, thank you very much
– Vicenzo Martinelli
I got it @Vicenzomartinelli. But anyway start testing with an S-1000, because I don’t think the S-2221 is even available to test yet. Let me know if you have solved the signature error.
– Pedro Gaspar
I already performed the test Pedro, really the problem was in the form that was taking the information from the private key, changed the code a little and worked ok.
– Vicenzo Martinelli
Nice @Vicenzomartinelli! If you can then mark the answer as you accept, then! ;-) See: Someone answered me and Why vote?.
– Pedro Gaspar