Re: Compute XML Signature on external Xml document

From: J-P Meunier (fuimens_at_yahoo.fr)
Date: 05/22/03 

Date: Thu, 22 May 2003 10:16:14 +0200

Ivan,

Thank you very much for your response.
The Transform gives the expected XML output. But the verification always
returns false.

Here is my code, Where is the mistake ?

-------------- Signature -----------------
XmlDocument domContext = new XmlDocument();
domContext.PreserveWhitespace = true; <<----------- Is this
necessary ?
XmlNode xnContextRoot = domContext.CreateNode(XmlNodeType.Element, "",
"ClientContext", "");
domContext.AppendChild(xnContextRoot);
.... Creating childs and appending them ...

SignedXml signedXml = new SignedXml(domContext);
signedXml.SigningKey = rsaKeyPair; // rsaKeyPair exists

KeyInfo keyInfo = new KeyInfo();
keyInfo.AddClause(new KeyInfoX509Data(X509Data)); // X509Data exists
signedXml.KeyInfo = keyInfo;

Reference reference = new Reference();
reference.Uri = "";
XmlDsigEnvelopedSignatureTransform env = new
XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
signedXml.AddReference(reference);

signedXml.ComputeSignature();

XmlElement xmlDigitalSignature = signedXml.GetXml();
domContext.DocumentElement.AppendChild(domContext.ImportNode(xmlDigitalSigna
ture, true));
if (domContext.FirstChild is XmlDeclaration)
    domContext.RemoveChild(domContext.FirstChild);
domContext.Save("c:\envelopedSignature.xml");
---------- End Signature ----------------

----------- Verification -------------------
XmlDocument doc2 = new XmlDocument();
doc2.PreserveWhitespace = true;
doc2.Load("c:\envelopedSignature.xml");
SignedXml signedXml2 = new SignedXml(doc2);
XmlNodeList nodeList = doc2.GetElementsByTagName("Signature");
signedXml2.LoadXml((XmlElement)nodeList[0]);
signedXml2.CheckSignature();
----------- End Verification --------------------

Cheers,

J-P

"Ivan Medvedev [MS]" <ivanmed@online.microsoft.com> a écrit dans le message
de news:uRDXHo7HDHA.3280@tk2msftngp13.phx.gbl...
> J-P -
> you will need to use an EnvelopedSignatureTransform. Here is approximately
> how you would do this:
>
> ------------------------- sign --------------------------
> XmlDocument doc = ... // your enveloping document
> SignedXml signedXml = new SignedXml(doc);
> signedXml.SigningKey = ... // your signing key
> Reference reference = new Reference();
> reference.Uri = "";
> XmlDsigEnvelopedSignatureTransform env = new
> XmlDsigEnvelopedSignatureTransform();
> reference.AddTransform(env);
> signedXml.AddReference(reference);
> ... // add key info if neccessary
> signedXml.ComputeSignature();
> // now insert the signature into the doc
> XmlElement xmlDigitalSignature = signedXml.GetXml();
> XmlTextWriter xmltw = new XmlTextWriter( _name_ , new
> UTF8Encoding(false));
> doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature,
> true)); // insert the signature into the document
> if (doc.FirstChild is XmlDeclaration) doc.RemoveChild(doc.FirstChild);
> doc.WriteTo(xmltw);
> xmltw.Close();
>
> ------------------------ verify ---------------------------
> XmlDocument xmlDocument = new XmlDocument();
> xmlDocument.PreserveWhitespace = true;
> xmlDocument.Load(_name_);
> SignedXml signedXml = new SignedXml(xmlDocument);
> XmlNodeList nodeList =
> xmlDocument.GetElementsByTagName("Signature");
> signedXml.LoadXml((XmlElement)nodeList[0]);
> return signedXml.CheckSignature();
>
> -----------------------------------------------------------
>
> Hope this helps.
> --Ivan
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
>
>
> "J-P Meunier" <fuimens@yahoo.fr> wrote in message
> news:eGEI053HDHA.2176@TK2MSFTNGP10.phx.gbl...
> > Hi all,
> >
> > I need to make an Xml Signature
> (System.Security.Cryptography.Xml.SignedXml)
> > of an XmlDocument and then to include the signature into that
XmlDocument.
> >
> > Example:
> > <XmlSign>
> > <Identity id="ToBeSigned">
> > <Name>myName</Name>
> > <Surname>mySignature</Surname>
> > </Identity>
> > <IdentitySignature>
> > *SignedXml*
> > </IdentitySignature>
> > <XmlSign>
> >
> > The solution would be to create a SignedXml object and insert it
> > <IdentitySignature>, to set the correct references and then to compute
> the
> > signature. But I can't to that because the XML element of SignedXml
can't
> be
> > accessed before computing the signature ...
> >
> > So how can I solve that problem?
> > Any comment would be appreciated,
> >
> > Thanks
> >
> > J-P
> >
> >
>
>

Relevant Pages

  • Digitally Sign an XML Doc with X509Certificate Solution :)
    ... So I made a .NET DLL that could be called from classic asp - I didn't want to affect too much of the existing infrastructure/website so I just replaced the existing DLL only with a .NET one making it Interop enabled to be called from classic asp. ... string SignXml; ... XmlDocument xmlDoc = new XmlDocument; ... SignedXml signedXml = GetCertSignature; ...
    (microsoft.public.dotnet.framework)
  • Re: Editting an XML file
    ... I have an overriden XmlDocument. ... A whole segment of my XML is disappearing during my save. ... Here is an example how you could build your own method to find child ...
    (microsoft.public.dotnet.xml)
  • Re: Convert String data from Web Service to XML
    ... Are you using Xlang or external .net assembly to load xml? ... XmlDocument temp2 = ... why not use temp instead of temp2, ... I am trying to Convert String data from Web Service to XML ...
    (microsoft.public.biztalk.general)
  • Re: XPathNavigator.SelectSingleNode(xpath) on space returns 0 leng
    ... But I can use the Stream to create an XmlDocument, ... why does XPathDocument eat all of the whitespace? ... Because xml schemes like Excel's SpreadsheetML need it. ... XmlDocument without preserveWhitespace, ...
    (microsoft.public.dotnet.xml)
  • Re: Using XPath Against A Node
    ... made to the XML DOM passed into the DoSomeXmlProcessing, ... Dim WholeXmlDocument As New XmlDocument ... If Not VehicleNode Is Nothing Then ...
    (microsoft.public.dotnet.languages.vb)