Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error during signing #131

Open
matswiderski opened this issue Jan 31, 2024 · 1 comment
Open

Error during signing #131

matswiderski opened this issue Jan 31, 2024 · 1 comment

Comments

@matswiderski
Copy link

matswiderski commented Jan 31, 2024
edited
Loading

Hello
I am unable to find an answer on the internet so I am asking for help.
I am trying to sign document using both methods

Signature signature = SignatureBuilder
		.aSignature(container)
		.withSignatureToken(signatureToken)
		.invokeSigning()

DataToSign dataToSign = SignatureBuilder
              .aSignature(container)
              .withSigningCertificate(signingCert)
              .withSignatureDigestAlgorithm(DigestAlgorithm.SHA512)
              .buildDataToSign()

And both of them cause the same error:

javax.script.ScriptException: eu.europa.esig.dss.model.DSSException: Unable to instantiate default RevocationDataVerifier. Reason : SECURITY : unable to set attribute(s)! [http://javax.xml.XMLConstants/property/accessExternalDTD: org.xml.sax.SAXNotRecognizedException: Property 'http://javax.xml.XMLConstants/property/accessExternalDTD' is not recognized.; http://javax.xml.XMLConstants/property/accessExternalSchema: org.xml.sax.SAXNotRecognizedException: Property 'http://javax.xml.XMLConstants/property/accessExternalSchema' is not recognized.]
javax.script.ScriptException: eu.europa.esig.dss.model.DSSException: Unable to instantiate default RevocationDataVerifier. Reason : SECURITY : unable to set attribute(s)! [http://javax.xml.XMLConstants/property/accessExternalDTD: org.xml.sax.SAXNotRecognizedException: Property 'http://javax.xml.XMLConstants/property/accessExternalDTD' is not recognized.; http://javax.xml.XMLConstants/property/accessExternalSchema: org.xml.sax.SAXNotRecognizedException: Property 'http://javax.xml.XMLConstants/property/accessExternalSchema' is not recognized.]

Im using Java 17.0.3.1 and digidoc4j 5.2.0
Is something wrong with my xml document or it is a bug?
Also if I downgrade to lower version Im getting error:
Access denied to TSP service http://tsa.sk.ee
javax.script.ScriptException: Access denied to TSP service http://tsa.sk.ee
@naare
Copy link
Contributor

naare commented Feb 1, 2024

Hello,

Could you please send your signing certificate to [email protected] so we can analyze further.

As background information:

If you use default configuration then digidoc4j tries to access Estonian specific TimeStamp and OCSP services (which require access to use them). You can configure any freely available time stamp service that is listed in any trust list referenced by EU LOTL. OCSP service must correspond to the certificate you are using for signing (the certificate must be issued by CA that is listed in any trust list referenced by EU LOTL). You can find additional information on configuring here: https://github.com/open-eid/digidoc4j/wiki/Questions-&-Answers#using-a-yaml-file-for-configuration (TSP_SOURCE and OCSP_SOURCE parameters correspondingly). If your signing certificate contains AIA OCSP url then you can configure automatic usage of AIA OCSP source (PREFER_AIA_OCSP: true). All the parameters can be configured programmatically as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@naare @matswiderski