Sign an XML message using Capicom: Error

Dear all,
i am tryng to sign an XML message with CAPICOM (create a digital by using
the method “SHA1 via DSA” and than transforming the digital signature by
base64-encoding in ASCII).
Platform: Windows 2003, Framework 1.1, Capicom Version 2.0.0.3

I performed the following step:
1: regsvr32.exe C:\WINDOWS\system32\capicom.dll
2:TlbImp.exe C:\WINDOWS\system32\capicom.dll /out:Interop.CAPICOM.DLL
3: I created a digital certificate with the makecert utility
makecert -sk myNewKS -r -n "CN=VWSingW" -sky Signature -a sha1 -ss my -sr
localmachine myNew.cer
4:I wrote the following method:

string Sign(string XmlMessage)
{
// lookup for the certificate

storeName = "My";
certificate = "62CFF44B1A5D6FC84BF4F016920E7AEC734C5869";
storeLocation =CAPICOM_STORE_LOCATION.CAPICOM_LOCAL_MACHINE_STORE;
//HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\My\Certificates\BF29CCE1BBD21D181CDC0D3CC5A0F60A63E407DD
//("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\SystemCertificates\\My\\Certificates\\");
//HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\My\Certificates\0F880F503084735EED6647271E3FB7CC33B3F96A
StoreClass CertStore = new StoreClass();
CertStore.Open (storeLocation, storeName,
CAPICOM_STORE_OPEN_MODE.CAPICOM_STORE_OPEN_READ_ONLY);
//search the certificate by the thumbprint
Certificates certs =
((Certificates)CertStore.Certificates).Find(CAPICOM_CERTIFICATE_FIND_TYPE.CAPICOM_CERTIFICATE_FIND_SHA1_HASH, this.certificate, false);
Certificate cert = null;
//the Find method shoul return only 1 certificate
if (certs.Count != 0)
{
cert = (Certificate)certs[1];
// create signer
SignerClass signer = new SignerClass();
signer.Certificate = cert;
// sign message
SignedDataClass data = new SignedDataClass();
string PrivK = cert.PrivateKey.KeySpec.ToString();
data.Content = XmlMessage;
//data.Content = "<?xmlversion=1.0
encoding=utf-8?><MESSAGE>Prova</MESSAGE>";
try
{
return data.Sign(signer, false,
Interop.CAPICOM.CAPICOM_ENCODING_TYPE.CAPICOM_ENCODE_BASE64);
}
catch(Exception e)
{
int i = 0;
return "false";
}
}
else
{
//...
return null;
}

}

5: I received an error (The Handle is Invalid -2147024890) on
data.Sign(signer, false,
Interop.CAPICOM.CAPICOM_ENCODING_TYPE.CAPICOM_ENCODE_BASE64);



Could please anyone help me?

Thanks in advance.
Davisco



.

Relevant Pages

  • Re: Newbie: Getting my head around Certificates
    ... and does not ship with Windows. ... CAPICOM as part of your application. ... To retrieve the server SSL certificate used by IE, ... > .Display() method of the ICertificate2 interface. ...
    (microsoft.public.platformsdk.security)
  • Re: MSDN examples not working --to Wayne Scott
    ... // Define the names of two certificate subjects. ... // Initialize the first element of an array of signer BLOBs. ... // Allocate memory for the encoded BLOB. ... // Verify the countersignature. ...
    (microsoft.public.platformsdk.security)
  • RE: IEEE 802.1x & EAP-TLS design based on Windows 2000 Server
    ... CAPICOM is not installed - if that's a blocker, it looks like you'll need to ... For SSL certificate mapping to work for AD principals, ... > That's not crazy at all - in fact, for standalone CAs, certreq, xenroll, ... You want to use client certificates, ...
    (Focus-Microsoft)
  • Re: Get Certificate
    ... I used this CAPICOM in my .NET code and it worked, I god my data signed at ... send af signed mail:o) Great!! ... password for the certificate. ... CAPICOM or what do you think i shoul do? ...
    (microsoft.public.dotnet.security)
  • Re: possibly capicom bug?
    ... I'm sure that it's not a bug. ... Main program of CAPICOM Store sample. ... > both version of windows! ... > certificate in an English version windows. ...
    (microsoft.public.platformsdk.security)