xadesjs icon indicating copy to clipboard operation
xadesjs copied to clipboard

Published 20 hours ago verified publisher icon PeculiarVentures

The XADES-BES sign example does not work with IE11

Open gcie opened this issue 4 years ago • 12 comments

Hello, The XADES-BES signature example from readme fails in IE11 with "WrongDocumentError". I have created a fiddle with it: https://jsfiddle.net/tao24/4a3bog9d/4/

Also I have tracked the error up to "toString()" method in "SignedXml" definition in xmldsigjs:

    public toString() {
        // Check for EnvelopedTransform
        const signature = this.XmlSignature;
        const enveloped = signature.SignedInfo.References && signature.SignedInfo.References.Some((r) =>
            r.Transforms && r.Transforms.Some((t) => t instanceof Transforms.XmlDsigEnvelopedSignatureTransform),
        );

        if (enveloped) {
            const doc = this.document!.documentElement.cloneNode(true);
            const node = this.XmlSignature.GetXml();
            if (!node) {
                throw new XmlCore.XmlError(XmlCore.XE.XML_EXCEPTION, "Cannot get Xml element from Signature");
            }
            const sig = node.cloneNode(true);
            doc.appendChild(sig); // this line causes problems in IE
            return new XMLSerializer().serializeToString(doc);
        }
        return this.XmlSignature.toString();
    }

However I don't know whether the issue is within xadesjs or xmldsigjs.

gcie avatar Apr 28 '20 10:04 gcie

I do not have an IE11 machine handy but I did not see the use of a polyfill for webcrypto: https://github.com/PeculiarVentures/webcrypto-liner

rmhrisk avatar Apr 28 '20 11:04 rmhrisk

I have copied this example from readme.md from your repository: https://github.com/PeculiarVentures/xadesjs#in-the-browser And I also swapped arrow functions to regular ones (because IE does not support arrow functions), but I doubt that's the case.

The polyfill for webcrypto is included. If something is missing, please fix the example in readme.md.

gcie avatar Apr 28 '20 11:04 gcie

Looks like it's IE11 limitation. It throws an exception on appending a signature element to the XML document.

// SignedXml.toString
doc.appendChild(sig);

As I can see from this StackOverflow answer, a signature element must be created from XML document object.

I'll pay attention to the problem

microshine avatar Apr 28 '20 14:04 microshine

I updated your code a bit

    })
-    .then(function() {
-      return signedXml.toString();
+    .then(function(signature) {
+      return new XMLSerializer().serializeToString(signature.GetXml());
    });
}

image

microshine avatar Apr 28 '20 14:04 microshine

Ok, so we can access the signature. But can we get the whole document with enveloped signature as it was in other browsers?

gcie avatar Apr 29 '20 07:04 gcie

I found a solution

var xmlDoc = new DOMParser().parseFromString(xmlString, "application/xml");
var xmlSig = new DOMParser().parseFromString(signedDocument, "application/xml");

xmlDoc.documentElement.appendChild(xmlSig.documentElement);

console.log(new XMLSerializer().serializeToString(xmlDoc));

image

microshine avatar Apr 29 '20 08:04 microshine

Is solution to change lib or app code?

rmhrisk avatar Apr 29 '20 15:04 rmhrisk

It fixes IE11 limitation only but lib works fine for other browsers

microshine avatar Apr 29 '20 15:04 microshine

So change is in app code or in our library?

rmhrisk avatar Apr 29 '20 15:04 rmhrisk

app code

microshine avatar Apr 29 '20 15:04 microshine

Should we update our sample so future people don't encounter this?

rmhrisk avatar Apr 29 '20 17:04 rmhrisk

If I were to decide, then definitely.

gcie avatar Apr 30 '20 07:04 gcie