Attempting to sign xml with x509


G

Guest

Good afternoon,

We've been experimenting with encrypting and signing xml with x509
certificates. We've been able to successfully encrypt and decrypt xml using a
certificate generated in makecert, however attempting to sign xml using that
certificate fails when verifying the signature (CheckSignature always returns
false). The code I'm using is below, does anyone know what I might be doing
wrong that I can't verify my signatures?

Thanks.

// get the cert (same method we used in our encryption test)
X509Certificate2 cert = GetCertifcate("CN=SOFTWORKS3TEST");

// create the xml document
XmlDocument xdOriginal = new XmlDocument();
xdOriginal.PreserveWhitespace = false;
xdOriginal.AppendChild(xdOriginal.CreateXmlDeclaration("1.0", string.Empty,
string.Empty));

XmlElement xnRoot = xdOriginal.CreateElement("RT");
xdOriginal.AppendChild(xnRoot);

XmlElement xnValue = xdOriginal.CreateElement("Value");
xnValue.InnerText = "Value here";
xnRoot.AppendChild(xnValue);

// get a signature
SignedXml sxOriginal = new SignedXml(xdOriginal);
sxOriginal.SigningKey = cert.PrivateKey;
Reference refCode = new Reference(string.Empty);
sxOriginal.AddReference(refCode);
sxOriginal.ComputeSignature();

// add the signature
xdOriginal.DocumentElement.AppendChild(sxOriginal.GetXml());
// create a new xml document to verify
XmlDocument xdVerify = new XmlDocument();
xdVerify.PreserveWhitespace = false;
xdVerify.LoadXml(xdOriginal.OuterXml);

// attempt to verify the signature
SignedXml sxVerify = new SignedXml(xdVerify);
sxVerify.LoadXml((XmlElement)xdVerify.GetElementsByTagName("Signature")[0]);
MessageBox.Show(sxVerify.CheckSignature(cert, true).ToString());
 
Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top