RE: problem verifying XML signature

From: Shawn Farkas (shawnfa_at_online.microsoft.com)
Date: 04/01/04

• Next message: Alain Hogue: "Re: DES and UUEncoded"
• Previous message: Hyde Wu: "How to retrieve "Security EventLog" from Win32_NTLogEvent"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 01 Apr 2004 00:40:55 GMT

Hi Mark,

        The signature is in fact valid. Unfortunately, support for X509 cerficiates in v1.1 and v1.0 of the framework is not very good. The good
news is that we've put a lot of effort into X509 for v2.0 of the framework. I've just tried to verify your signature using v2.0, and it does work as
expected. There is a technical preview of v2.0 available for MSDN subscribers (check out http://msdn.microsoft.com/vs2005). I would also
recommend checking out the Web Service Extensions for v1.1 of the framework. These include better support for certificates. (You may have to
use the extensions to get the key from your certificate manually, then pass that key to the signature verification method)

-Shawn
http://blogs.msdn.com/shawnfa

-- 
This posting is provided "AS IS" with no warranties, and confers no rights.
Note:  For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they 
originated.  
--------------------
>Date: Wed, 31 Mar 2004 10:28:53 +0200
>From: Marko Macek <mark@hermes.si>
>User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207)
>X-Accept-Language: en-us, en
>MIME-Version: 1.0
>Subject: problem verifying XML signature
>Content-Type: multipart/mixed;
> boundary="------------010309010308020706040304"
>Message-ID: <ObIY2ovFEHA.3984@TK2MSFTNGP10.phx.gbl>
>Newsgroups: microsoft.public.dotnet.security
>NNTP-Posting-Host: external-7.hermes.si 213.253.102.145
>Lines: 1         
>Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
>Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.security:5600
>X-Tomcat-NG: microsoft.public.dotnet.security
>
>Hello!
>
>I have a problem verifying a signature (attached xml) made with 
>Ubisignature.
>
>I have tried verifying the signature with Microsoft SignedXml class 
>(framework 1.1) and it dies like this:
>
>System.Security.Cryptography.CryptographicException:
>Cryptographic service provider (CSP) for this implementation generated an
>internal error while attempting to verify the signature. at
>System.Security.Cryptography.RSACryptoServiceProvider.VerifyHash(Byte[]
>rgbHash, String str, Byte[] rgbSignature) at
>System.Security.Cryptography.RSAPKCS1SignatureDeformatter.VerifySignature(By
>te[] rgbHash, Byte[] rgbSignature) at
>System.Security.Cryptography.AsymmetricSignatureDeformatter.VerifySignature(
>HashAlgorithm hash, Byte[] rgbSignature) at
>System.Security.Cryptography.Xml.SignedXml.CheckSignature(AsymmetricAlgorith
>m key) at
>System.Security.Cryptography.Xml.SignedXml.CheckSignatureReturningKey(Asymme
>tricAlgorithm& signingKey) at
>
>
>I'm also tried to verify it using xmlsec (www.aleksey.com/xmlsec/).
>
>The of xmlsec output is:
>
>C:\work\xmlsec>xmlsec --verify --node-xpath 
>//*[@Id='DepositorSignature'] --trusted-der sigov-ca.crt --print-debug 
>podpis_mm3.xml  = VERIFICATION CONTEXT
>== Status: invalid
>== flags: 0x00000000
>== flags2: 0x00000000
>== Id: "DepositorSignature"
>== Key Info Read Ctx:
>= KEY INFO READ CONTEXT
>== flags: 0x00000000
>== flags2: 0x00000000
>== enabled key data: all
>== RetrievalMethod level (cur/max): 0/1
>== TRANSFORMS CTX (status=0)
>== flags: 0x00000000
>== flags2: 0x00000000
>== enabled transforms: all
>=== uri: NULL
>=== uri xpointer expr: NULL
>== EncryptedKey level (cur/max): 0/1
>== Key Info Write Ctx:
>= KEY INFO WRITE CONTEXT
>== flags: 0x00000000
>== flags2: 0x00000000
>== enabled key data: all
>== RetrievalMethod level (cur/max): 0/1
>== TRANSFORMS CTX (status=0)
>== flags: 0x00000000
>== flags2: 0x00000000
>== enabled transforms: all
>=== uri: NULL
>=== uri xpointer expr: NULL
>== EncryptedKey level (cur/max): 0/1
>== Signature Transform Ctx:
>== TRANSFORMS CTX (status=2)
>== flags: 0x00000000
>== flags2: 0x00000000
>== enabled transforms: all
>=== uri: NULL
>=== uri xpointer expr: NULL
>=== Transform: c14n (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315)
>=== Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1)
>=== Transform: membuf-transform (href=NULL)
>== Signature Method:
>=== Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1)
>== Signature Key:
>== KEY
>=== method: RSAKeyValue
>=== key type: Public
>=== key usage: 65535
>=== rsa key: size = 1023
>== SignedInfo References List:
>=== list size: 1
>= REFERENCE VERIFICATION CONTEXT
>== Status: succeeded
>== URI: ""
>== Reference Transform Ctx:
>== TRANSFORMS CTX (status=2)
>== flags: 0x00000000
>== flags2: 0x00000000
>== enabled transforms: all
>=== uri: NULL
>=== uri xpointer expr: NULL
>=== Transform: enveloped-signature 
>(href=http://www.w3.org/2000/09/xmldsig#enveloped-signature)
>=== Transform: c14n (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315)
>=== Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1)
>=== Transform: membuf-transform (href=NULL)
>== Digest Method:
>=== Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1)
>== Manifest References List:
>=== list size: 0
>func=:file=..\src\openssl\signatures.c:line=248:obj=rsa-sha1:subj=EVP_VerifyFinal:error=18:data 
>do not match:signature do not match
>FAIL
>SignedInfo References (ok/all): 1/1
>Manifests References (ok/all): 0/0
>Error: failed to verify file "podpis_mm3.xml"
>============================================================
>
>One thing that I find odd is:
>
>=== rsa key: size = 1023
>
>But Ubisignature and Java (apache) implementations verify the signature 
>as valid.
>
>Can anyone help? Is the signature valid or not? Where is the problem?
>
>The CA certificate is at http://www.sigov-ca.gov.si/sigov-ca.crt
>
>Thanks,
>Mark
>
>
>
>
>
>

---

• Next message: Alain Hogue: "Re: DES and UUEncoded"
• Previous message: Hyde Wu: "How to retrieve "Security EventLog" from Win32_NTLogEvent"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: how can we restrict what certificate WSE will use? ... > X509SecurityTokenManager to verify the request is from a trusted client. ... > certificate to build a valid signature and encrypted data section. ... (microsoft.public.dotnet.framework.webservices.enhancements) Re: Keyed hash vs Digital signature ???? ... For DSIGs you usually use certificates. ... Otherwise it is not possible to verify that you are really using the right public key ... Certs can be made available in various ways - e.g. you can embed them in the signature, make them downloadable and so forth. ... I have understand that hashing a file with a keyed Hash class, ... (microsoft.public.dotnet.security) Re: Check EXE for MY signature only ... signature - but at least the code-signing certificate would reveal WHO ... I am trying to figure out how to verify that a dll is signed by my own ... I should probably compare the public key, ... (microsoft.public.platformsdk.security) problem verifying XML signature ... I have tried verifying the signature with Microsoft SignedXml class ... internal error while attempting to verify the signature. ... (microsoft.public.dotnet.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)