[xmlsec] Microsoft .NET 2.0 compatibility

Name Removed email-removed at domain.com
Wed Oct 29 13:36:37 PST 2008 

I've created a project in Visual Studio that uses libxmlsec, and I've
used it to successfully verify some of the sample signed documents that
are provided with the Online Verifier.  However, a coworker created a
signed document for me using Microsoft's implementation of .NET 2.0, and
I can't verify the signature on it.  

 

He sent me the entire X509 certificate chain that he used, including the
root certificate, and I successfully loaded each certificate into a keys
manager.  When I try to verify the signature, I get this error message:

 

func=xmlSecOpenSSLEvpDigestVerify:file=..\..\src\open_ssl\digests.c:line
=229:obj=sha1:subj=unknown:error=12:invalid data:data and digest do not
match

Signature is INVALID

 

I noticed that, back in a 2004 thread, someone mentioned that
Microsoft's .NET implementation had a problem with c14n, but not with
exc-c14n.  Does anyone out there know whether this continues to be a
problem?

 

Here is the Signature portion of the document I'm trying to work with:

 

  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">

    <SignedInfo>

      <CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />

      <SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />

      <Reference URI="">

        <Transforms>

          <Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />

        </Transforms>

        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
/>

        <DigestValue>BCxyTVrdNmHOUVJeCyuAoFm3Yfg=</DigestValue>

      </Reference>

    </SignedInfo>
<SignatureValue>bRfw29/Xz11s+IpE6VrGNHvs2Ry1wx5fQyf+Q2hkjcJxG5TiB5rt/HmM
r7T4gXA/J9DfV7BtrLalNnhXhlhZCRs4mv/ek1oukoOC8VuDzOyDlmNhcaggsgIdJkDo9YO3
RloqnKWsW3E7dP7+xRq161j/JXmcq1JAko0e097gXx4=</SignatureValue>

  </Signature>

 

Any advice would be appreciated.  Thank you!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20081029/4250e073/attachment-0001.htm

More information about the xmlsec mailing list