EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to change DigestMethod Algorithm at SignedProperties reference

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#26910
Posted: 10/21/2013 06:39:10
by Karel Okleštěk (Basic support level)
Joined: 10/21/2013
Posts: 1

Hello, i need to change digest method algorithm at
<ds:Reference Type="http://uri.etsi.org/01903#SignedProperties" URI="#SignedProperties-1312974886">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>FbtHFGSoI40zgyYzUcN59RndIQQ=</ds:DigestValue>
</ds:Reference>
to http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 algorithm

My code:
TElXMLSigner Signer;
TElXAdESSigner XAdESSigner = null;
TElXMLKeyInfoX509Data X509KeyData = null;
TElXMLKeyInfoPGPData PGPKeyData = null;
TElXMLDOMNode SigNode;

Signer = new TElXMLSigner();
Signer.EnvelopingObjectID = "id-" + SBRandom.Unit.SBRndGenerate(int.MaxValue).ToString();
TElXMLReferenceList Refs = new TElXMLReferenceList();
TElXMLReference Ref = new TElXMLReference();
Ref.DigestMethod = SBXMLSec.Unit.xdmSHA512; // xdmSHA1;
Ref.URI = '#' + Signer.EnvelopingObjectID;
Refs.Add(Ref);

try
{
Signer.SignatureType = SBXMLSec.Unit.xstEnveloping;
Signer.CanonicalizationMethod = 1;
Signer.SignatureMethodType = 0;
Signer.SignatureMethod = 5;
Signer.MACMethod = 5;
Signer.References = Refs;
Signer.KeyName = "";
Signer.IncludeKey = true;
X509KeyData = new TElXMLKeyInfoX509Data(false);
X509KeyData.Certificate = Cert;
Signer.KeyData = X509KeyData;
XAdESSigner = new TElXAdESSigner();
Signer.XAdESProcessor = XAdESSigner;
XAdESSigner.XAdESVersion = SBXMLAdES.Unit.XAdES_v1_3_2;
XAdESSigner.PolicyId.SigPolicyId.IdentifierQualifier = SBXMLAdES.Unit.xqtNone;
TElMemoryCertStorage CertStorage = new TElMemoryCertStorage();
CertStorage.Add(Cert, true);
XAdESSigner.SigningCertificates = CertStorage;
XAdESSigner.SigningTime = DateTime.UtcNow;
// create XAdESSigner.QualifyingProperties
XAdESSigner.Generate();
// Finally we can modify QualifyingProperties if needed
// For example set xades prefix:
XAdESSigner.QualifyingProperties.XAdESPrefix = "xades";
Signer.GenerateSignature();
...

generated XAdES-BES file:
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-937703624">
- <ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" />
- <ds:Reference URI="#id-1759749061">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" />
<ds:DigestValue>JifER2AyQ5pVBtydBt8EusBCeAvKjkTQNEyToNRWJby7wRO+0UD773V6izoQXaVjYEPPVHVvfzht/YBrG53Peg==</ds:DigestValue>
</ds:Reference>
- <ds:Reference Type="http://uri.etsi.org/01903#SignedProperties" URI="#SignedProperties-772527599">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>YHmerfaOzryL/bIGmiiAJ3WajJk=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>UpSK...l5FQ/wrQXSrqEQWNDufupSJSKnf+KwX+qOa2Z/tqYtsZ+6VwjzTzPh8VoM5uAYnRwv/cMW+NkHqEUYevuSzNeL+98Ik=</ds:SignatureValue>
- <ds:KeyInfo>
- <ds:KeyValue>
- <ds:RSAKeyValue>
<ds:Modulus>vlaMZrozfsq4Oxb+f9KEEWj+to/Sm1m...Ie9F+pOgy+I+wxk6lr+QcBql2DNe0OhVUJ/3iCAagGgQFU=</ds:Modulus>
<ds:Exponent>EQ==</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
- <ds:X509Data>
- <ds:X509IssuerSerial>
<ds:X509IssuerName>CN=Mono Test Root Agency</ds:X509IssuerName>
<ds:X509SerialNumber>115654192839930464664456319321534494352</ds:X509SerialNumber>
</ds:X509IssuerSerial>
<ds:X509SubjectName>CN=poupou</ds:X509SubjectName>
<ds:X509Certificate>MIIB...uDsW/n/ShBFo/raP0...EGpD+CosUlzeRx+TDppnSQVnmbb/JiHvRfqToMviPsMZOpa/kHAa...OBg4/fS9hQEFBjvgBTa8Z7R9FHwfHqAE+7qu5...SpSQ==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
- <ds:Object>
- <xades:QualifyingProperties xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" Target="#Signature-937703624">
- <xades:SignedProperties Id="SignedProperties-772527599">
- <xades:SignedSignatureProperties>
<xades:SigningTime>2013-10-21T11:43:07.458Z</xades:SigningTime>
- <xades:SigningCertificate>
- <xades:Cert>
- <xades:CertDigest>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>LDIZth6dqPQjL+dQRTJx+ncRbwU=</ds:DigestValue>
</xades:CertDigest>
- <xades:IssuerSerial>
<ds:X509IssuerName>CN=Mono Test Root Agency</ds:X509IssuerName>
<ds:X509SerialNumber>115654192839930464664456319321534494352</ds:X509SerialNumber>
</xades:IssuerSerial>
</xades:Cert>
</xades:SigningCertificate>
- <xades:SignaturePolicyIdentifier>
<xades:SignaturePolicyImplied />
</xades:SignaturePolicyIdentifier>
</xades:SignedSignatureProperties>
</xades:SignedProperties>
</xades:QualifyingProperties>
</ds:Object>
- <ds:Object Id="id-1759749061">
- <ProtectedFile>
123
<AltId>DOCNAME_001</AltId>
<Revison>3</Revison>
<FileName>Navrh projektu.doc</FileName>
<MimeType>application/msword</MimeType>
350032
<DigestType>SHA-512</DigestType>
<DigestValue>i6qdOBXmetneViQcecotM8PS7d840F3JTBdAQXs4x/hOwfwTy++HKHp9M+HwdnUIXCt6RZHGOFguvFkWceRnLw==</DigestValue>
</ProtectedFile>
</ds:Object>
</ds:Signature>

Thank you very much for your answer.
Karel Oklestek
#26911
Posted: 10/21/2013 06:45:12
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

Here is the topic with an answer for your question: https://www.eldos.com/forum/read.php?F...ssage20567

Reply

Statistics

Topic viewed 1905 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!