Exception with initialization XAdES signature with X509Certificate2

uaprogrammer · June 17, 2021, 6:52pm

Hi,

We have faced with error with creation of XAdES digital signature in code – passing X509Certificate2 combined with XAdES signature type throws an exception

Steps to reproduce :

Try create digital signature instance with X509Certificate2, not passing row data with password
Set the signature type to XAdES

Actual result

Exception is thrown:

Aspose.Cells.CellsException: Please use ‘DigitalSignature(byte[] rawData, string password, string comments, DateTime signTime)’ constructor to instance DigitalSignature object.

at Aspose.Cells.DigitalSignatures.DigitalSignature.set_XAdESType(XAdESType value)

at DCError.Program.Main() in C:\Users\alexander.zolotarev\source\repos\DCError\DCError\Program 185697 2.cs:line 27

Expected result

No exception

Content :

Program.cs – the example of the code for conversion
Cert .pfx – the certificate for signing
content.zip (3.2 KB)

Please, note, we are using:

Aspose.Cell v. 21.6.0.0

Could you please advise us with the current behavior? Or could you please advise us on another way to initialize the digital signature, for example, from the Windows Store?

Best regards,

Alexander

Amjad_Sahi · June 17, 2021, 7:47pm

@uaprogrammer,

Please comment the line in your code, it will work fine:

signature.XAdESType = XAdESType.XAdES;

You cannot specify/set XAdESType attribute if you are creating digital signatures with respect to “X509Certificate2”. If you have to set XAdESType then you will instantiate DigitalSignature as following or your code should be like following:
e.g.
Sample code:

var certificate = File.ReadAllBytes("e:\\test2\\digitalsig\\cert.pfx");
var password = "1q2w3e4r5t";

var signature = new Aspose.Cells.DigitalSignatures.DigitalSignature(certificate, password, "Comments", DateTime.Now);
signature.XAdESType = Aspose.Cells.DigitalSignatures.XAdESType.XAdES;

uaprogrammer · June 17, 2021, 9:21pm

Is it an issue? Or some kind of restriction of XAdES? Do you have any workaround to set a singing certificate for XAdES signature from Windows Store(in kind of X509Certficate) then?

Best regards,
Alexander

ahsaniqbalsidiqui · June 18, 2021, 7:31am

@uaprogrammer,
We have observed the issue and have logged it in our database for detailed analysis. We will write back here once any update is ready for sharing.

This issue is logged as:
CELLSNET-48170 - Exception while initializing the XAdES signature with X509Certificate2

Amjad_Sahi · June 18, 2021, 8:43am

@uaprogrammer,

For your query:

Is it an issue? Or some kind of restriction of XAdES?

It is not an issue. There are some info which are needed to implement XAdES, but .NET X509Certificate2 can’t provide the info.

Do you have any workaround to set a singing certificate for XAdES signature from Windows Store(in kind of X509Certficate) then?

If your X509Certficate from Windows Store is exportable, please try the following code:

//get cert from Windows Store
X509Certficate cert=...

//Export, make sure the cert is exportable, otherwise you will get the CryptographicException: 'Key not valid for use in specified state.'
byte[] data = cert.Export(X509ContentType.Pkcs12, YOURPASSWORD);

var signature = new DigitalSignature(
    data,
    YOURPASSWORD,
    "Comments",
    DateTime.Now);
signature.XAdESType = XAdESType.XAdES;

Hope, this helps a bit.