Support for XPath Filter 2.0 Transform? (Xml Digital Signatures)
- From: "Tim Davis" <tdavis34@xxxxxxxxxxx>
- Date: Tue, 18 Sep 2007 20:05:37 -0400
Hello all,
I am working with Adobe LiveCycle Designer 8.1 to create forms that the user
will sign with their X.509 Certificate and submit electronically to a
generic .NET HTTP handler (ASHX). I have done some work in both creating and
verifying digital signatures, but I have run into an issue that I'm hoping
someone else has seen. Adobe's XML Digital Signatures seem to use the
XML-Signature XPath Filter 2.0
(http://www.w3.org/TR/2002/PR-xmldsig-filter2-20020827/Overview.html), but
there doesn't seem to be a corresponding .NET Framework class to support
this transform, and the SignedXml.LoadXml() call fails when I try to specify
an XML element containing a Transform with the Algorithm ID
"http://www.w3.org/2002/06/xmldsig-filter2";.
Does anyone know where I can get a class that will support this
transformation, such that I can check Adobe-generated XML Digital
Signatures? It's also fine if someone knows a way to instruct Adobe not to
use this Transform when creating the Signature. Least desirable but also a
last-resort option is for someone to provide guidance on "rolling my own"
such Transform.
TIA,
Tim
Here's what I'm getting:
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"; Id="datasignature_1">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#iddb88862c-6627-11dc-8d00-000c6e541685"
Type="http://www.w3.org/2000/09/xmldsig#SignatureProperties";>
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>CP/cXdv2OcTnq7bKaWOgOSR9N8g=</DigestValue>
</Reference>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2";>
<XPath xmlns="http://www.w3.org/2002/06/xmldsig-filter2";
xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";
Filter="intersect">here()/ancestor::dsig:Signature[1]/../../form1[1]//. |
here()/ancestor::dsig:Signature[1]/../../form1[1]//@* |
here()/ancestor::dsig:Signature[1]/../../form1[1]//namespace::*</XPath>
</Transform>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>IIiJsLFvk2HvWO+roUQwC0P/ODw=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>
..
..
..
.
- Prev by Date: Re: Invalid length for a Base-64 char array
- Next by Date: Encryption / Decryption problem
- Previous by thread: Re: i seem to be having memory issues, will deplying a release build instead of a debug build help with memory usage of my .net process?
- Next by thread: Encryption / Decryption problem
- Index(es):
Relevant Pages
|
