xml-signature

XML Signature: How to calculate the digest value?

拥有回忆 提交于 2019-11-29 23:04:55
I have an XML like this <?xml version="1.0" encoding="utf-8"?> <foo> <bar> <value>A</value> </bar> <bar> <value>B</value> </bar> <baz> <value>C</value> </baz><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /></Transforms><DigestMethod Algorithm="http

signing a xml document with x509 certificate

别等时光非礼了梦想. 提交于 2019-11-29 18:14:06
问题 Every time I try to send a signed XML, the web service verifier rejects it. To sign the document I just adapted this sample code provided by Microsoft: http://msdn.microsoft.com/es-es/library/ms229745(v=vs.110).aspx My implementation: public static XmlDocument FirmarXML(XmlDocument xmlDoc) { try { X509Certificate2 myCert = null; var store = new X509Store(StoreLocation.CurrentUser); //StoreLocation.LocalMachine fails too store.Open(OpenFlags.ReadOnly); var certificates = store.Certificates;

Java XML DSig and XPath

百般思念 提交于 2019-11-29 10:56:07
问题 I'm signing part of an XML document using the Java XML DSig api. I'm trying to understand how it is arriving at the Digest value. My document is: <?xml version=\"1.0\" encoding=\"UTF-8\"?><PurchaseOrder><foo>bar</foo></PurchaseOrder> My xpath expression is: PurchaseOrder/foo/text() What I attempt to do is: Call the Java DSIG library and view the value of the generated digest. Use the MessageDigest (SHA-1) class to digest the value "bar". Verify that the digests from 1 and 2 match. When I do

.NET Signed XML Prefix

回眸只為那壹抹淺笑 提交于 2019-11-29 09:35:15
Is there a way to set the prefix on the Signature of a Signed XML Document (SignedXml class in .Net)? So instead of: <Signature xmlns="http://www.w3.org/2000/09/xmldsig#> ... </Signature> I could have the following: <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#> ... </ds:Signature> First of all, there really isn't any good reason to do this. The two forms are functionally equivalent. Any well-behaved XML processor will handle them absolutely identically. So unless you are trying to talk to an application that doesn't properly implement XML namespaces, it's better (IMO) just to

OpenSAML (2.0) Signature validation not working

為{幸葍}努か 提交于 2019-11-28 22:31:29
问题 Problem: I am using OpenSAML to build a means of authenticating the SAML 2.0 response posted to our servers. I have got most of it working, with the ability to access the various aspects of the assertion. The only issue is that when I attempt to validate the signature using the public key below, it states that " Signature did not validate against the credential's key ". Any ideas? Public Key: MIICozCCAgygAwIBAgIGATxK1oY4MA0GCSqGSIb3DQEBBQUAMIGUMQswCQYDVQQGEwJVUzETMBEG

XML Signature: How to calculate the digest value?

烈酒焚心 提交于 2019-11-28 20:09:18
问题 I have an XML like this <?xml version="1.0" encoding="utf-8"?> <foo> <bar> <value>A</value> </bar> <bar> <value>B</value> </bar> <baz> <value>C</value> </baz><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />

.NET Signed XML Prefix

馋奶兔 提交于 2019-11-28 02:59:19
问题 Is there a way to set the prefix on the Signature of a Signed XML Document (SignedXml class in .Net)? So instead of: <Signature xmlns="http://www.w3.org/2000/09/xmldsig#> ... </Signature> I could have the following: <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#> ... </ds:Signature> 回答1: First of all, there really isn't any good reason to do this. The two forms are functionally equivalent. Any well-behaved XML processor will handle them absolutely identically. So unless you are

Xpath transformation not working in java

点点圈 提交于 2019-11-27 23:24:28
This is my xml document. I want to sign only the userID part using xml signature. I am using xpath transformation to select that particular element. <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Version="2.0" IssueInstant="2012-05-22T13:40:52:390" ProtocolBinding="urn:oasis:na mes:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="localhos t:8080/consumer.jsp"> <UserID> xyz </UserID> <testing> text </testing> <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"> http://localhost:8080/saml/SProvider.jsp </saml:Issuer> </samlp:AuthnRequest> I am

How to get X509Certificate from certificate store and generate xml signature data?

岁酱吖の 提交于 2019-11-27 23:14:51
问题 How can I get X509Certificate from certificate store and then generate XML SignatureData in .net C#? 回答1: As far as I know, certificates are not saved by XML Format , you should combine it by yourself. Is this what you want ? static void Main(string[] args) { X509Certificate2 cer = new X509Certificate2(); cer.Import(@"D:\l.cer"); X509Store store = new X509Store(StoreLocation.CurrentUser); store.Certificates.Add(cer); store.Open(OpenFlags.ReadOnly); X509Certificate2Collection cers = store

How to compute RSA-SHA1(sha1WithRSAEncryption) value with OpenSSL

蓝咒 提交于 2019-11-27 16:08:43
问题 I'm confused about RSA-SHA1, I thought it's RSA_private_encrypt(SHA1(message)). But I can't get the correct signature value. Is there anything wrong? 回答1: Yes, PKCS#1 encryption and PKCS#1 signatures are different. In the encryption case (the one you tried), the input message is simply padded before it is exponentiated. PKCS#1 signagtures on the other hand will first calculate an ASN.1 DER structure of the form DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier, digest OCTET STRING
订阅 xml-signature