EldoS | Feel safer!

Software components for data protection, secure storage and transfer

XML Signer error "Failed to process the message: Invalid secret key"

Also by EldoS: SecureBlackbox
200+ components and classes for digital security, signing, encryption and secure networking.
#24576
Posted: 04/14/2013 02:17:52
by Ehab Bustami (Basic support level)
Joined: 04/12/2013
Posts: 3

I have tried to implement the XML signer pipeline to digitally sign an XML.
- I used the sample Certificate file provided by the installation package "cert_no_pwd.pfx"

- In the Biztalk project i have added new pipeline component
- used the Biz crypto XML Signer component.
- updated the following properties:
* CanonicalizationMethod : Canonical
* DigestAlgorithm : SHA 1
* IncludeKey : False
* KeyFile : "c:\...\cert_no_pwd.pfx"
* KeyFileSource : 0 " i think it is for File"
* LicenseKey : 5838...AF7A

* SignatureMethodType : Signature
* SignatureType : Enveloped


I have build and deployed the application onto my local testing machine that has Biztalk Server 2010 developer edition 32-bit installed and running.

in the sample biztalk application i used the new pipeline "I called it XMl Signer after the component provided".

Restarted the host instance, started the application again and put sample xml file in the folder that had already receive handler configured to read from.

The errors shown in the application event view are:

1. EventData: Searching for installed BizCrypto addons. Type: Information
2. EventData: No addons found (the exact message: BizCrypto.BizTalk.Addons. Could not load file or assembly 'BizCrypto.BizTalk.Addons, Version=9.1.216.0, Culture=neutral, PublicKeyToken=5a62fa96d0ac431a' or one of its dependencies. The system cannot find the file specified.) Type: Information

3. EventData: You are using trial version of BizCrypto. All the major functionality is a subject for the following EVALUATION LIMITATIONS : - opaque DELAYS of up to 1.5 seconds per atomic operation make the components work SLOWER than they do, - the number of components' invocations is limited by 50 per single BizTalk host instance. Please consider purchasing a license to get rid of the above limitations. You can also request a time-limited non-evaluation license key, which removes the evaluation restrictions using the web form on http://www.eldos.com/bizcrypto/keyreq/ Type: Warning

4. EventData: Failed to process the message: Invalid secret key. Type: Error
5. EventData: BTS_Pipelines.XML_Signer, BTS_Pipelines, Version=1.0.0.0, Culture=neutral, PublicKeyToken=fcb4d1edf9734dea
XML signer
Send_File_UsageData_XML
C:\Users\Axiom\Documents\Visual Studio 2010\Projects\UsageData_XML_SQL\UsageData_XML_SQL\out\%MessageID%.xml
Invalid secret key
Type: Error

6. EventData: {8592FE0D-D996-428E-9BAC-2A09EADE3168}
{2A09DC54-1A5D-42F7-B5AB-2185D91A44E0}
FILE
C:\Users\Axiom\Documents\Visual Studio 2010\Projects\UsageData_XML_SQL\UsageData_XML_SQL\out\%MessageID%.xml
Send_File_UsageData_XML
There was a failure executing the send pipeline: "BTS_Pipelines.XML_Signer, BTS_Pipelines, Version=1.0.0.0, Culture=neutral, PublicKeyToken=fcb4d1edf9734dea" Source: "XML signer" Send Port: "Send_File_UsageData_XML" URI: "C:\Users\Axiom\Documents\Visual Studio 2010\Projects\UsageData_XML_SQL\UsageData_XML_SQL\out\%MessageID%.xml" Reason: Invalid secret key

Type: Error


the message has been suspended and not processed properly. I understand the warning is due to not licensed version but the rest i cannot follow. The process is to use the private key to sign the XML file and the result would an addition of an elelmet < signature > to the end of the xml file, right?

Can you provide a sample bistalk application that implements the XML signer and verifier Pipeline components?

I have gone through the documentations provided but seems that i am missing something here. I suspect:
- using a wrong certificate file. ( the concept of private key exported file)
- some attributes need to be configured to generate and XMLdsig compliant signed xml files.


Thanks,
Ehab
#24579
Posted: 04/15/2013 03:47:46
by Dmytro Bogatskyy (EldoS Corp.)

Thank you for contacting us.

Quote
KeyFileSource : 0 " i think it is for File"

Yes, it is right. See: http://www.eldos.com/documentation/bi...ource.html

Quote
5. EventData: BTS_Pipelines.XML_Signer, BTS_Pipelines, Version=1.0.0.0, Culture=neutral, PublicKeyToken=fcb4d1edf9734dea
XML signer
Send_File_UsageData_XML
C:\Users\Axiom\Documents\Visual Studio 2010\Projects\UsageData_XML_SQL\UsageData_XML_SQL\out\%MessageID%.xml
Invalid secret key
Type: Error

What is a value of SignatureMethod property? Please, set it to RSASHA1
See: http://www.eldos.com/documentation/bi...ethod.html
#24580
Posted: 04/15/2013 05:34:52
by Ehab Bustami (Basic support level)
Joined: 04/12/2013
Posts: 3

Yes Signature Method is set to RSASHA1
SignatureMethodType is set to Signature
SignatureType = Enveloped

I think I have an issue with the file itself. I have created the certificate using Makecert utility and exported it with private key to a .pfx file. just to confirm, I need the file to contain private key to do the signing, correct?

many thanks for your reply.
Ehab
#24583
Posted: 04/15/2013 07:39:51
by Dmytro Bogatskyy (EldoS Corp.)

Quote
I think I have an issue with the file itself. I have created the certificate using Makecert utility and exported it with private key to a .pfx file. just to confirm, I need the file to contain private key to do the signing, correct?

Yes, it is correct. You need a private key to perform signing.
#24673
Posted: 04/24/2013 10:32:53
by Ehab Bustami (Basic support level)
Joined: 04/12/2013
Posts: 3

Dear support,
I still cannot configure the XML Signer. I created a pfx file and used in the test application and I always get incorrect secret key... how can you help me? I want to buy the professional version but I need a proof that it works. I need an online support or chat to discuss what have I have done wrongly

---
ehab
#24675
Posted: 04/24/2013 13:10:17
by Ken Ivanov (EldoS Corp.)

Dear Ehab,

I am really sorry about the confusion. We ran several checks on our side, and tracked the issue down to a mistake in the pipeline component that prevents it from loading RSA certificates correctly. We've managed to fix it and prepared a correct pipeline assembly for you. I'll create a Helpdesk ticket for you to send you the updated assembly through.
#27533
Posted: 12/02/2013 09:35:18
by Sharon Olsen (Basic support level)
Joined: 12/02/2013
Posts: 1

Hi
I have the same issue. Can you please send me the corrected pipeline component as well?

Kind Regards

Sharon Olsen
#27545
Posted: 12/02/2013 14:45:01
by Ken Ivanov (EldoS Corp.)

Hello Sharon,

Please create a ticket in our Helpdesk system, and we will upload the correct assembly there. BTW, if you have a BizCrypto license, please assign your license ticket to your web site account so that we could identify you as a customer and provide you a faster support.
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 7368 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!