Статус: Участник
Группы: Участники
Зарегистрирован: 10.06.2021(UTC) Сообщений: 17  Откуда: Орел Сказал(а) «Спасибо»: 1 раз
|
Сценарий: 1) Установить КриптоПро 4.0 или 5.0 (неважно), применить лицензию 2) Осуществить подпись через API, все хорошо 3) Установить "ЭЦП Browser plug-in" 4) Подпись начинает выдавать ошибку "A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. (0x800B0101)" 5) Удалить "ЭЦП Browser plug-in", подпись начинает работать опять нормально. Нужен рабочий "ЭЦП Browser plug-in". Для исправления ошибки я уже пробовал: - выпускать новые сертификаты в тестовом УЦ. Ошибка на любом сертификате. - проверять время на компьютере, время супер-точное - перезагружать компьютер - успокоиться, и заняться этим завтра (тоже не помогло) - проверять лицензии КриптоПро всех модулей - пишет все хорошо - на тестовой странице подпись работает без проблем https://www.cryptopro.ru...ge/cades_bes_sample.html (внезапно) - проверять срок действия закрытого ключа (естественно, для новых сертификатов он актуальный) - устанавливать CSP разных версий 4 и 5 - устанавливать старую версию "ЭЦП Browser plug-in" от 2018 года - все точно также - через IObit uninstaller следить за изменениями, которые вносит на компьютер инсталлятор "ЭЦП Browser plug-in", откатывать вручную все правки в реестре и в файловой системе - почему-то не помогает. При попытке подписи все записи в реестре восстанавливаются. Помогает только удаление "ЭЦП Browser plug-in". Проблема возникла не только на моей машине, у коллеги также она обнаружилась. В целом проблема появилась после запуска автоматического конфигуратора в Контур.Диадок. Там скачивается утилита, которая устанавливает необходимые программы и конфигурирует систему автоматически для использования Контур.Диадок. После этой конфигурации появилась эта ошибка, и никак победить ее не удается. Подпись через API осуществляется в Docsvison. Ошибка одинаковая в десктопном клиенте, и в веб-версии при подписи через браузерный плагин. Помогите, пожалуйста, куда еще копать. Есть варианты кроме переустановки Windows? Пока думаю заняться игрой "найди десять отличий" нашей подписи в веб-версии и подписи на тестовой странице... ОС: Windows 10 Home Версии CryptoPro CSP: 4.0.9944, 4.0.9842, 5.0.11455 (на всех репро) Версии ЭЦП Browser plug-in: 2.0.14660, 2.0.13292 (на всех репро) Лог ошибки при подписи через десктопный клиент: Код:
00000001 0.00000000 [28716] cadescom.dll: {30320} /CadesSignMessage/ cades.cpp(2453) : (pSignPara=0x0098DFF8, fDetachedSignature=-1, cToBeSigned=1, rgpbToBeSigned=0x0098E00C, rgcbToBeSigned=0x0098E010, ppSignedBlob=0x0098E044)
00000002 0.00190140 [28716] cadescom.dll: {30320} /CadesSignMessageImpl/ cades.cpp(2329) : Signer updating start
00000003 0.00198490 [28716] cadescom.dll: {30320} /CadesSignMessageImpl/ cades.cpp(2332) : Hash algorithm deduced
00000004 0.00205400 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::SigningTimeAttributeExists/ cades.cpp(178) : (pAttr=0)
00000005 0.00213550 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::AttributeExists/ cades.cpp(160) : (pAttr=0)
00000006 0.00214250 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::UpdateSignedAttributes/ cades.cpp(407) : Attributes copied
00000007 0.00220270 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::UpdateSignedAttributes/ cades.cpp(410) : Signer does not have any of signing-certificate attributes
00000008 0.00250690 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::UpdateSignedAttributes/ cades.cpp(414) : signing-certificate(-v2) attribute assembled
00000009 0.00258760 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::UpdateSignedAttributes/ cades.cpp(418) : Signer does not have signingTime attribute
00000010 0.00265010 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::UpdateSignedAttributes/ cades.cpp(423) : signingTime attribute assembled
00000011 0.00272730 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::UpdateSignedAttributes/ cades.cpp(428) : Signer is updated successfully
00000012 0.00273290 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncode/ cades.cpp(525) : (dwMsgEncodingType=0x00010001, dwFlags=0x00000004, pvMsgEncodeInfo=0x0098DB40, pszInnerContentObjID=0, pStreamInfo=0x00000000)
00000013 0.00278310 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImpl/ cades.cpp(466) : Start
00000014 0.00287400 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImpl/ cades.cpp(470) : Input parameters checked
00000015 0.00291840 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImpl/ cades.cpp(486) : Copy of input structures is ready
00000016 0.00298200 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImpl/ cades.cpp(492) : Signers updating start
00000017 0.00302120 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImpl/ cades.cpp(497) : Signer #0
00000018 0.00336500 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImpl/ cades.cpp(503) : Certificates equality checked
00000019 0.00339820 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::CheckAlgorithms/ cades.cpp(439) : Signature algoritm OID info is found: 1.2.643.7.1.1.3.2
00000020 0.00346340 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::DeduceHashAlgorithm/ cades.cpp(136) : (szHashAlgorithm=1.2.643.7.1.1.2.2)
00000021 0.00351370 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImpl/ cades.cpp(506) : Hash algorithm deduced
00000022 0.00355270 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::SigningTimeAttributeExists/ cades.cpp(173) : (pAttr->pszObjId=1.2.840.113549.1.9.5)
00000023 0.00357830 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImplNamespace::AttributeExists/ cades.cpp(155) : (pAttr->pszObjId=1.2.840.113549.1.9.16.2.47)
00000024 0.00360190 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncodeImpl/ cades.cpp(513) : Calling CryptMsgOpenToEncode()
00000025 0.00365940 [28716] cadescom.dll: {30320} /CadesMsgOpenToEncode/ cades.cpp(556) : (hMsg=0x1A8066E8, GetLastError=0x00000000)
00000026 0.00640570 [28716] cadescom.dll: {30320} /CadesMsgEnhanceSignature/ cades.cpp(1327) : (hCryptMsg=0x1A806810, dwSignatureIndex=0, pCadesSignPara=0x0098DA0C)
00000027 0.00648660 [28716] cadescom.dll: {30320} /CadesMsgEnhanceSignatureImpl/ cades.cpp(1093) : Input parameters checked
00000028 0.00665270 [28716] cadescom.dll: {30320} /CadesMsgEnhanceSignatureImpl/ cades.cpp(1097) : Signer certificate ID found
00000029 0.00673960 [28716] cadescom.dll: {30320} /CadesMsgEnhanceSignatureImpl/ cades.cpp(1112) : pSignerCert=0x1B44FA38
00000030 0.00692840 [28716] cadescom.dll: {30320} /CadesMsgGetType/ CadesMsgGetType.cpp(135) : (hCryptMsg=0x1A806810, dwSignatureIndex=0, pdwCadesType=0x0098D6FC)
00000031 0.00700080 [28716] cadescom.dll: {30320} /CadesMsgGetType/ CadesMsgGetType.cpp(160) : (res=1, GetLastError=0x00000000
00000032 0.00707970 [28716] cadescom.dll: {30320} /CadesMsgEnhanceSignatureImpl/ cades.cpp(1155) : Hash algorithm deduced
00000033 0.00715160 [28716] cadescom.dll: {30320} /CadesMsgEnhanceSignatureImplNamespace::ExtractSignature/ cades.cpp(604) : Signature extracted via CMSG_ENCRYPTED_DIGEST
00000034 0.00937020 [28716] cadescom.dll: {30320} /CryptoPro::PKI::TSP::Client::CRequest::Impl::CheckPolicies/ TSPRequest_Impl.cpp(196) : Checking policies...
00000035 0.00945630 [28716] cadescom.dll: {30320} /CryptoPro::PKI::TSP::Client::CRequest::Impl::CheckPolicies/ TSPRequest_Impl.cpp(282) : Checking policies... OK.
00000036 0.00947280 [28716] cadescom.dll: {30320} /CryptoPro::PKI::TSP::Client::CRequest::Impl::MakeRequest/ TSPRequest_Impl.cpp(152) : Making request...
00000037 0.00951160 [28716] cadescom.dll: {30320} /CryptoPro::PKI::TSP::Client::CRequest::Impl::MakeRequest/ TSPRequest_Impl.cpp(172) : Initializing request...
00000038 0.00972450 [28716] cadescom.dll: {30320} /CryptoPro::PKI::TSP::Client::CRequest::Impl::MakeRequest/ TSPRequest_Impl.cpp(186) : Encoding request...
00000039 0.00978970 [28716] cadescom.dll: {30320} /CryptoPro::PKI::TSP::Client::CRequest::Impl::MakeRequest/ TSPRequest_Impl.cpp(190) : Making request... OK.
00000040 0.06374230 [28716] cadescom.dll: {30320} /CryptoPro::PKI::TSP::Client::CStamp::Import/ TSPStamp.cpp(60) : Importing time-stamp...
00000041 0.06488000 [28716] cadescom.dll: {30320} /CryptoPro::PKI::TSP::Client::CStamp::Import/ TSPStamp.cpp(75) : Checking status of time-stamp response...
00000042 0.06489710 [28716] cadescom.dll: {30320} /CryptoPro::PKI::TSP::Client::CStamp::Import/ TSPStamp.cpp(104) : Parsing and checking time-stamp token fields...
00000043 0.06506680 [28716] cadescom.dll: {30320} /CryptoPro::PKI::TSP::Client::CStamp::Import/ TSPStamp.cpp(196) : Importing time-stamp... OK
00000044 0.06580590 [28716] cadescom.dll: {30320} /CadesMsgGetCertificateValues/ cades.cpp(3658) : (hCryptMsg=0x1A806810, dwSignatureIndex=0, ppCertificates=0x0098D0EC)
00000045 0.06587610 [28716] cadescom.dll: {30320} /GetUnauthAttr/ cades.cpp(3569) : Exception thrown: _hr
00000046 0.06588500 [28716] cadescom.dll: {30320} /CadesMsgGetCertificateValues/ cades.cpp(3668) : CAtlException, m_hr=0x8009100f
00000047 0.06595820 [28716] cadescom.dll: {30320} /CadesMsgGetCertificateValues/ cades.cpp(3687) : (res=0, GetLastError=0x8009100f
00000048 0.06607610 [28716] cadescom.dll: {30320} /CChainValidationProcess::validateChain/ ChainValidation.h(1194) : #start#
00000049 0.06615930 [28716] cadescom.dll: {30320} /CChainValidationProcess::buildChain/ ChainValidation.h(1224) : #start#
00000050 0.09821260 [28716] cadescom.dll: {30320} /CChainWalker::walk/ ChainValidation.h(1048) : #start#
00000051 0.09832570 [28716] cadescom.dll: {30320} /CChainObserverQueue::verifyTime/ ChainValidation.h(299) : #start#
00000052 0.09834280 [28716] cadescom.dll: {30320} /CChainPolicyVerification::verifyTime/ ChainValidation.h(673) : #start#
00000053 0.09840020 [28716] cadescom.dll: {30320} /CChainPolicyVerification::verifyTime/ ChainValidation.h(675) : #success#
00000054 0.09849140 [28716] cadescom.dll: {30320} /CChainObserverQueue::evidenceVerifyTime/ ChainValidation.h(305) : #start#
00000055 0.09850820 [28716] cadescom.dll: {30320} /CChainObserverQueue::chainContext/ ChainValidation.h(311) : #start#
00000056 0.09856960 [28716] cadescom.dll: {30320} /CSingleChain::chainContext/ ChainValidation.h(485) : #start#
00000057 0.09866210 [28716] cadescom.dll: {30320} /CSingleChain::chainContext/ ChainValidation.h(489) : #success#
00000058 0.09867940 [28716] cadescom.dll: {30320} /CChainStatus::chainContext/ ChainValidation.h(509) : #start#
00000059 0.09878950 [28716] cadescom.dll: {30320} /CChainStatus::chainContext/ ChainValidation.h(529) : Subject = Тестовая служба штампов времени ООО "КРИПТО-ПРО"
00000060 0.09889460 [28716] cadescom.dll: {30320} /CChainStatus::chainContext/ ChainValidation.h(537) : #failure# HRESULT: (0x800b0101)
00000061 0.09897680 [28716] cadescom.dll: {30320} /CChainStatus::chainContext/ ChainValidation.h(537) : Unacceptable dwErrorStatus: CERT_TRUST_IS_NOT_TIME_VALID
00000062 0.10908610 [28716] cadescom.dll: {30320} /CadesMsgEnhanceSignatureImplNamespace::MakeCAdES_T/ cades.cpp(761) : Exception thrown: _hr
00000063 0.10920960 [28716] cadescom.dll: {30320} /CadesMsgEnhanceSignature/ cades.cpp(1337) : CAtlException, m_hr=0x800b0101
00000064 0.10929240 [28716] cadescom.dll: {30320} /CadesMsgEnhanceSignature/ cades.cpp(1356) : (res=0, GetLastError=0x800b0101
00000065 0.10937130 [28716] cadescom.dll: {30320} /CadesSignMessageImpl/ cades.cpp(2426) : Expression FAILED: ::CadesMsgEnhanceSignature(msgDecode.GetHandle(), 0, &cadesSignPara)
00000066 0.10945200 [28716] cadescom.dll: {30320} /CadesSignMessageImpl/ cades.cpp(2426) : Last win32 error thrown as exception
00000067 0.10955560 [28716] cadescom.dll: {30320} /CadesSignMessage/ cades.cpp(2466) : CAtlException, m_hr=0x800b0101
00000068 0.10965720 [28716] cadescom.dll: {30320} /CadesSignMessage/ cades.cpp(2485) : (res=0, GetLastError=0x800b0101
00000069 0.11035270 [28716] System.Runtime.InteropServices.COMException (0x800B0101): A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
00000070 0.11035270 [28716] в CAdESCOM.ICPSignedData5.SignCades(Object Signer, CADESCOM_CADES_TYPE CadesType, Boolean bDetached, CAPICOM_ENCODING_TYPE EncodingType)
00000071 0.11035270 [28716] в DocsVision.BackOffice.DigitalSignature.CadesXLongType1Signature.SignatureLogic.Sign(X509Certificate2 certificate, IDictionary`2 attributes, String tsaAddress, Stream content, Boolean detached, DigitalSignatureKind signatureKind) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel.CryptoPro\BackOffice\DigitalSignature\CadesXLongType1Signature\SignatureLogic.cs:строка 90
00000072 0.11035270 [28716] в DocsVision.BackOffice.DigitalSignature.CadesXLongType1Signature.SignatureLogic.Sign(X509Certificate2 certificate, IDictionary`2 attributes, String tsaAddress, Stream content, Boolean detached) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel.CryptoPro\BackOffice\DigitalSignature\CadesXLongType1Signature\SignatureLogic.cs:строка 49
00000073 0.11035270 [28716] в DocsVision.BackOffice.DigitalSignature.CadesXLongType1Signature.CadesXLongType1Signer.Sign(ISignatureData signatureData) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\DigitalSignature\CadesXLongType1Signature\CadesXLongType1Signer.cs:строка 16
00000074 0.11035270 [28716] в DocsVision.BackOffice.DigitalSignature.DigitalSignatureService.Sign(ISignatureData signatureData) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\DigitalSignature\DigitalSignatureService.cs:строка 135
00000075 0.11035270 [28716] в DocsVision.BackOffice.ObjectModel.Services.BaseCardService.ComputeSignature(Stream contentStream, X509Certificate2 certificate, Pkcs9AttributeObject[] signedAttributes, Boolean detached, DigitalSignatureKind signatureKind, Boolean skipOCSPCheck) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\ObjectModel\Services\BaseCardService.cs:строка 2069
00000076 0.11035270 [28716] в DocsVision.BackOffice.ObjectModel.Services.DocumentService.ComputeMainFileSignature(Document document, BaseCardSignature signature, X509Certificate2 cert, DigitalSignatureKind signatureKind, Boolean skipOCSPCheck) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\ObjectModel\Services\DocumentService.cs:строка 1165
00000077 0.11035270 [28716] в DocsVision.BackOffice.ObjectModel.Services.DocumentService.ComputeSignature(Document document, BaseCardSignature signature, X509Certificate2 certificate, Boolean signDocument, Boolean signAttachments, ICollection`1 fields, DigitalSignatureKind signatureKind, Boolean skipOCSPCheck) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\ObjectModel\Services\DocumentService.cs:строка 4698
00000078 0.11035270 [28716] в DocsVision.BackOffice.ObjectModel.Services.DocumentService.AddSignature(Document document, X509Certificate2 certificate, Boolean signAttachments, ICollection`1 fields, DigitalSignatureKind signatureKind, Boolean skipOCSPCheck) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\ObjectModel\Services\DocumentService.cs:строка 796
00000079 0.11035270 [28716] в DocsVision.BackOffice.Cards.CardDocument.MainControl.AddSignature()
00000080 0.11035270 [28716] в DocsVision.BackOffice.Cards.CardDocument.MainControl.signButtonItem_ItemClick(Object sender, ItemClickEventArgs e)
00000081 0.11055310 [28716] 06.12.2022 18:13:22 : Common. 06.12.2022 18:13:22 : System.Runtime.InteropServices.COMException (0x800B0101): A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
00000082 0.11055310 [28716] в CAdESCOM.ICPSignedData5.SignCades(Object Signer, CADESCOM_CADES_TYPE CadesType, Boolean bDetached, CAPICOM_ENCODING_TYPE EncodingType)
00000083 0.11055310 [28716] в DocsVision.BackOffice.DigitalSignature.CadesXLongType1Signature.SignatureLogic.Sign(X509Certificate2 certificate, IDictionary`2 attributes, String tsaAddress, Stream content, Boolean detached, DigitalSignatureKind signatureKind) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel.CryptoPro\BackOffice\DigitalSignature\CadesXLongType1Signature\SignatureLogic.cs:строка 90
00000084 0.11055310 [28716] в DocsVision.BackOffice.DigitalSignature.CadesXLongType1Signature.SignatureLogic.Sign(X509Certificate2 certificate, IDictionary`2 attributes, String tsaAddress, Stream content, Boolean detached) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel.CryptoPro\BackOffice\DigitalSignature\CadesXLongType1Signature\SignatureLogic.cs:строка 49
00000085 0.11055310 [28716] в DocsVision.BackOffice.DigitalSignature.CadesXLongType1Signature.CadesXLongType1Signer.Sign(ISignatureData signatureData) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\DigitalSignature\CadesXLongType1Signature\CadesXLongType1Signer.cs:строка 16
00000086 0.11055310 [28716] в DocsVision.BackOffice.DigitalSignature.DigitalSignatureService.Sign(ISignatureData signatureData) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\DigitalSignature\DigitalSignatureService.cs:строка 135
00000087 0.11055310 [28716] в DocsVision.BackOffice.ObjectModel.Services.BaseCardService.ComputeSignature(Stream contentStream, X509Certificate2 certificate, Pkcs9AttributeObject[] signedAttributes, Boolean detached, DigitalSignatureKind signatureKind, Boolean skipOCSPCheck) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\ObjectModel\Services\BaseCardService.cs:строка 2069
00000088 0.11055310 [28716] в DocsVision.BackOffice.ObjectModel.Services.DocumentService.ComputeMainFileSignature(Document document, BaseCardSignature signature, X509Certificate2 cert, DigitalSignatureKind signatureKind, Boolean skipOCSPCheck) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\ObjectModel\Services\DocumentService.cs:строка 1165
00000089 0.11055310 [28716] в DocsVision.BackOffice.ObjectModel.Services.DocumentService.ComputeSignature(Document document, BaseCardSignature signature, X509Certificate2 certificate, Boolean signDocument, Boolean signAttachments, ICollection`1 fields, DigitalSignatureKind signatureKind, Boolean skipOCSPCheck) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\ObjectModel\Services\DocumentService.cs:строка 4698
00000090 0.11055310 [28716] в DocsVision.BackOffice.ObjectModel.Services.DocumentService.AddSignature(Document document, X509Certificate2 certificate, Boolean signAttachments, ICollection`1 fields, DigitalSignatureKind signatureKind, Boolean skipOCSPCheck) в C:\Dev\DV5\Backoffice\BackOffice.ObjectModel\BackOffice\ObjectModel\Services\DocumentService.cs:строка 796
00000091 0.11055310 [28716] в DocsVision.BackOffice.Cards.CardDocument.MainControl.AddSignature()
00000092 0.11055310 [28716] в DocsVision.BackOffice.Cards.CardDocument.MainControl.signButtonItem_ItemClick(Object sender, ItemClickEventArgs e)
00000093 7.15002823 [27060] [27060:26644:20221206,181329.697:ERROR filesystem_win.cc:130] GetFileAttributes C:\Users\Pavel\AppData\Local\Google\DriveFS\Crashpad\attachments\bded339a-c12c-4189-9a0a-2e43d351df22: The system cannot find the file specified. (2)
00000094 7.19271994 [18168] [18308:ipc_thread] ipc_socket_win.cc:274:GetNextConnection Accepting next connection
00000095 7.20646811 [18168]
00000096 7.21943760 [18168] [18308:ipc_thread] ipc_socket_win.cc:274:GetNextConnection Accepting next connection
00000097 7.23241138 [18168]
Отредактировано пользователем 6 декабря 2022 г. 18:21:21(UTC)
| Причина: Не указана
|
