I'm trying to do XML signature validation. Here is the link to Aadhaar Paperless Offline e-kyc tutorial https://uidai.gov.in/ecosystem/authentication-devices-documents/about-aadhaar-paperless-offline-e-kyc.html
with open('/home/user/Downloads/uidai_auth_sign_prod_2023.cer', 'rb') as f:
key = f.read()
import xml.etree.ElementTree as ET
tree=ET.parse("/home/user/Downloads/offlineaadhaar202205040207.xml")
root = tree.getroot()
print(root)
try:
verified_data = XMLVerifier().verify(root, require_x509=False, x509_cert=key).signed_xml
print("Data is : %s" % verified_data)
except Exception as exce:
print(exce)
This code is giving error:
Signature verification failed: invalid padding
If there is any other solution to verify xml signature. please let us know.
I have found out XMLVerifier usefull to verify signed xml. pip package need to be install
pip install signxml
here is my working snippet
Code
from signxml import XMLVerifier
aadhar_file = '<path_to_signed_aadhaar_xml>'
cert = open('path_to_uidai_auth_sign_prod_2023.pem', "r+").read()
root = le.parse(aadhar_file).getroot()
try:
verify = XMLVerifier().verify(root, x509_cert=cert)
except Exception as e:
print(str(e))
In case of invalid signature this will throw an exception
InvalidDigest: Digest mismatch for reference 0
NOTE: Kindly use valid certificate(Based on recommended by https://uidai.gov.in/ecosystem/authentication-devices-documents/about-aadhaar-paperless-offline-e-kyc.html) to validate aadhaar xml