EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Cant Verify Reference

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#24259
Posted: 03/22/2013 18:48:37
by Javier Mejia (Basic support level)
Joined: 02/13/2012
Posts: 6

Hi, i need help, i cant verify references or signature (XML nodes)
im using the following code

Code
   TElXMLDOMNode Node;
            TElXMLDOMDocument FXMLDocument = new TElXMLDOMDocument();
            string xmlName = @"c:\test\test.xml";
            using (FileStream fs = new System.IO.FileStream(xmlName, FileMode.Open))
            {
                FXMLDocument.LoadFromStream(fs);
            }
            TElXMLDOMNodeList nodeList = FXMLDocument.DocumentElement.GetElementsByTagName("Signature");
            if (nodeList.Length <= 0)
            {
                throw new ApplicationException("No se encontró la firma en el documento");
            }
            Node = (TElXMLDOMNode)nodeList[0];
            TElXMLVerifier Verifier = new TElXMLVerifier();
            try
                {
                    Verifier.Load(FXMLDocument.DocumentElement);
                }
                catch (Exception E)
                {
                    throw new ApplicationException("Error al cargar la Firma del XML");
                }
            
            if (!Verifier.ValidateSignature())
            {
                throw new ApplicationException("Firma Inválida");

            }
          
                
            if (!Verifier.ValidateReference(Ref))
            {
                throw new ApplicationException("Firma Inválida");
            }


this code its false
Quote
if (!Verifier.ValidateReference(Ref))
{
throw new ApplicationException("Firma Inválida");
}

should be OK, i sign using secure blackbox as well , im attaching the XML


[ Download ]
#24260
Posted: 03/22/2013 19:46:54
by Dmytro Bogatskyy (EldoS Corp.)

Thank you for contacting us.

Quote
should be OK, i sign using secure blackbox as well , im attaching the XML

Please ensure that you have set a correct node for TElXMLReference.URINode property while signing.
#24290
Posted: 03/25/2013 11:46:40
by Javier Mejia (Basic support level)
Joined: 02/13/2012
Posts: 6

Quote
Dmytro Bogatskyy wrote:
Thank you for contacting us.

Quote
should be OK, i sign using secure blackbox as well , im attaching the XML

Please ensure that you have set a correct node for TElXMLReference.URINode property while signing.

yes im using the next code:
Code
public static void FirmaNodoXml(XmlDocument xmlDoc, TElX509Certificate dsigCert, string idXml)
        {
            // Check arguments.


            TElXMLDOMDocument FXMLDocument = new TElXMLDOMDocument();
            try
            {
                MemoryStream ms = new MemoryStream(Encoding.UTF8.GetBytes(xmlDoc.OuterXml)); // this XML contains the XML with the reference node to sign
                FXMLDocument.LoadFromStream(ms, "utf-8", true);
                ms.Close();
            }
            catch (Exception E)
            {

            }
            TElXMLSigner Signer = new TElXMLSigner();
            Signer.SignatureType = SBXMLSec.Unit.xstEnveloped;
            Signer.CanonicalizationMethod = SBXMLDefs.Unit.xcmCanon;
            Signer.SignatureMethodType = SBXMLSec.Unit.xmtSig;
            Signer.SignatureMethod = SBXMLSec.Unit.xsmDSS;
            Signer.MACMethod = SBXMLSec.Unit.xmmHMAC_SHA1;
            TElXMLReferenceList Refs = new TElXMLReferenceList();
            TElXMLReference Ref = new TElXMLReference();
            Ref.DigestMethod = SBXMLSec.Unit.xdmSHA1;
            Ref.URINode = FXMLDocument.DocumentElement; //de XML node to sign
            Ref.URI = "#" + idXml; // the id its te XML id
            Ref.TransformChain.Add(new TElXMLEnvelopedSignatureTransform());
            Refs.Add(Ref);

            Signer.References = Refs;
            //Signer.KeyName = "key_name";
            Signer.IncludeKey = true;

            TElXMLKeyInfoX509Data X509KeyData = new TElXMLKeyInfoX509Data(false);
            X509KeyData.IncludeDataParams = 8;
            X509KeyData.Certificate = dsigCert;
            Signer.KeyData = X509KeyData;

            Signer.UpdateReferencesDigest();
            Signer.GenerateSignature();

          
            TElXMLDOMNode SigNode = FXMLDocument.DocumentElement.LastChild;
            try
            {
                </FCAE>
                Signer.Save(ref SigNode);
//save the signed XML:
System.IO.File.WriteAllText(@"c:\test\tstSign.xml",SigNode.OuterXML);
            }
            catch (Exception E)
            {
                //logger.Error(string.Format("Signed data saving failed. ({0})", E.Message));
            }
          
        }

im attaching the xml to sign


[ Download ]
#24295
Posted: 03/25/2013 17:51:09
by Dmytro Bogatskyy (EldoS Corp.)

Quote

yes im using the next code:
...
Ref.URINode = FXMLDocument.DocumentElement;
...

Here you are signing a document element ("CAE" element in your document).
According to the value that you have set to Ref.URI property, you wanted to sign "DCAE" element. In this case you may use TElXMLDOMElement.FindNode or SelectNodes methods to select a desired element.
#24316
Posted: 03/26/2013 18:34:01
by Javier Mejia (Basic support level)
Joined: 02/13/2012
Posts: 6

Quote
Dmytro Bogatskyy wrote:
Quote

yes im using the next code:
...
Ref.URINode = FXMLDocument.DocumentElement;
...

Here you are signing a document element ("CAE" element in your document).
According to the value that you have set to Ref.URI property, you wanted to sign "DCAE" element. In this case you may use TElXMLDOMElement.FindNode or SelectNodes methods to select a desired element.

well actually i had a little bug and this too , thanks a lot its working now :D
Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.

Reply

Statistics

Topic viewed 902 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!