EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Signature Attribute

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#19026
Posted: 02/13/2012 18:33:08
by Javier Mejia (Basic support level)
Joined: 02/13/2012
Posts: 6

Hi all, im trying your product, so before we can buy it we are using to see if works for what we need, but i have some "issues", for example i set the ID attribute over Signature, and isnot on the sign xml.and there is a way to add namespace to de same "Signature" node?
for example: i want:
Code
<ds:Signature xmlns="http://www.CustomNamespace" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="MyID">

but i cant figure out how.
my code its:
Code
try
            {
                F = new FileStream(@"c:\folder\xmlEjemplo.xml", FileMode.Open, FileAccess.Read);
                FXMLDocument.LoadFromStream(F, "utf-8", true);
                F.Dispose();
            }
            catch (Exception E)
            {
                //MessageBox.Show("Error: " + E.Message, "", MessageBoxButtons.OK, MessageBoxIcon.Error);
            }
            
            Refs = new TElXMLReferenceList();
            Ref = new TElXMLReference();
            Ref.DigestMethod = SBXMLSec.Unit.xdmSHA1;
            Ref.URINode = (TElXMLDOMNode)FXMLDocument.DocumentElement;
            Ref.URI = "";

            //transformacion
            TElXMLReference FReference = new TElXMLReference();
            FReference.DigestMethod = SBXMLSec.Unit.xdmSHA1;

            TElXMLNamespaceMap NSMap = new TElXMLNamespaceMap();
            NSMap.AddNamespace("x", @"http://www.CsutomNamespaceThatWorksOnxPath");
            TElXMLNodeSet NodeSet = FXMLDocument.SelectNodes("/x:NODO", NSMap);
            TElXMLDOMNode FURINode = NodeSet.get_Node(0);
            NodeSet.Dispose();
            FReference.URINode = FURINode;

            TElXMLXPathTransform XPathTransform = new TElXMLXPathTransform();
            XPathTransform.XPath = "not(ancestor-or-self::ds:Signature)";
            FReference.TransformChain.Add(XPathTransform);
            FReference.UpdateDigestValue();
            Refs.Add(FReference);

            Signer = new TElXMLSigner();
            Signer.SignatureType = SBXMLSec.Unit.xstEnveloped;
            Signer.CanonicalizationMethod = SBXMLDefs.Unit.xcmCanon_v1_1;
            Signer.SignatureMethodType = SBXMLSec.Unit.xmtSig;
            Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA1;
            Signer.MACMethod = SBXMLSec.Unit.xmmHMAC_SHA1;
            Signer.References = Refs;
            //Signer.KeyName = frmSign.KeyName;
            Signer.IncludeKey = true;
....more code....
Signer.UpdateReferencesDigest();
            Signer.GenerateSignature();

any help?

and last how i can just get the "string" of the xml signed, like if i choose detached, but i note if i choose detached the sign changes, im asking that because i need to sign twice, so i dont want to "add" to first node until i finish.
#19028
Posted: 02/14/2012 00:04:37
by Eugene Mayevski (EldoS Corp.)

Quote
Javier Mejia wrote:
Hi all, im trying your product, so before we can buy it we are using to see if works for what we need, but i have some "issues", for example i set the ID attribute over Signature, and isnot on the sign xml.and there is a way to add namespace to de same "Signature" node?


We have a nice FAQ to check. In particular your question is answered here.

Quote
Javier Mejia wrote:
and last how i can just get the "string" of the xml signed, like if i choose detached, but i note if i choose detached the sign changes, im asking that because i need to sign twice, so i dont want to "add" to first node until i finish.


I am not sure that I understood you right. Do you want to embed two independent signatures into the document, where each signature is made over "original" document?


Sincerely yours
Eugene Mayevski
#19035
Posted: 02/14/2012 09:41:52
by Javier Mejia (Basic support level)
Joined: 02/13/2012
Posts: 6

Quote
Eugene Mayevski wrote:
Quote
Javier Mejia wrote:
and last how i can just get the "string" of the xml signed, like if i choose detached, but i note if i choose detached the sign changes, im asking that because i need to sign twice, so i dont want to "add" to first node until i finish.


I am not sure that I understood you right. Do you want to embed two independent signatures into the document, where each signature is made over "original" document?

yes!!! i need sign twice over the original document, so when i use save i need to "paste" over the existing xml, but i dont want this, i want return just the signature node or string.
the only that comes to my mind as workaround its use replace, to replace original xml so in this way i can get just signature, because after getting the 2 strings i will "paste" over original xml.
i will check ID issue thanks a lot
#19060
Posted: 02/15/2012 02:45:09
by Eugene Mayevski (EldoS Corp.)

Do you have documents of specific format or any documents can be there? The reason I am asking is that if you have only one top node with actual data, then you can sign that particular node any number of times. However, if you have eg.

Quote

<RootElement>
<node1>
</node1>
<node2>
</node2>
</RootElement>


and you need to sign both node1 and node2, then XPath would be needed.


Sincerely yours
Eugene Mayevski
#19064
Posted: 02/15/2012 06:50:53
by Dmytro Bogatskyy (EldoS Corp.)

Quote
i need sign twice over the original document, so when i use save i need to "paste" over the existing xml, but i dont want this, i want return just the signature node or string.
the only that comes to my mind as workaround its use replace, to replace original xml so in this way i can get just signature, because after getting the 2 strings i will "paste" over original xml.

In general case you can't place a signature to a string, for example if a signature opted to use (inclusive) canonicalization method for SignedInfo element (ElXMLSigner.CanonicalizationMethod property) then signer should be aware of the parent nodes of the signature node otherwise signer could produce incorrect signature.
So, you can save a signature to the desired place, then obtain a signature contents as a string using OuterXML property, then delete a signature node using RemoveChild method.
http://www.eldos.com/documentation/sb...erxml.html
http://www.eldos.com/documentation/sb...child.html
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 629 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!