santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Milan Tomic" <mi...@setcce.org>
Subject RE: Verifying RSA
Date Wed, 17 Aug 2005 07:30:40 GMT

Could you post your XML file here for analisys?

Have you tried to verify signature with some other library like Apache
XSEC Java library?

Best regards,
Milan


> -----Original Message-----
> From: Matthias Niggemeier [mailto:M@thias.de] 
> Sent: Wednesday, August 17, 2005 9:19 AM
> To: security-dev@xml.apache.org
> Subject: Verifying RSA
> 
> 
> Hi there,
> I have a problem verifying a signed xml doc. My doc looks like this:
> 
> ... xml snipped ...
> </Product>
> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
> <SignedInfo>
> <CanonicalizationMethod 
> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" 
> /> <SignatureMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> 
> <Reference URI=""> <Transforms> <Transform 
> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signatu
> re" /> </Transforms> <DigestMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> 
> <DigestValue>abcde</DigestValue> </Reference> </SignedInfo> 
> <SignatureValue>abcdefg</SignatureValue>
> </Signature>
> 
> When I try to verify, I get an error
> 
> Reference URI="" failed to verify
> 
> What is wrong? The sender of the xml doc persists that the 
> signature is valid. My code to verify:
> 
> bool LoadValidateRSA(tstring sURI)
> {
>     xercesc::DOMDocument *doc = NULL;   
>     XSECProvider prov;
>     DSIGSignature* sig = NULL;
>     XERCES_CPP_NAMESPACE::DOMBuilder* builder = NULL;
> 	WinCAPICryptoKeyRSA* pRSA = NULL;
> 	WinCAPICryptoProvider WCProv;
> 
> 	builder = 
> GetImplementationLS()->createDOMBuilder(xercesc::DOMImplementa
> tionLS::MODE_SYNCHRONOUS,0);
>       builder->setFeature(xercesc::XMLUni::fgDOMNamespaces, true);
>       doc = builder->parseURI(X(sURI));
> 
> 	pRSA = (WinCAPICryptoKeyRSA*)WCProv.keyRSA();
> 	sig = prov.newSignatureFromDOM(doc); 
> 	char cModulus[] = "sAGXf2IjqajW1F7m"; // snipped
> 	char cExponent[] = "ABCD";
> 	
> 	pRSA->loadPublicExponentBase64BigNums(cExponent, 
> (unsigned int) strlen(cExponent));
> 	pRSA->loadPublicModulusBase64BigNums(cModulus, 
> (unsigned int) strlen(cModulus));
> 	
> 	sig->load();
> 	sig->setSigningKey(pRSA);
> 	bVerifyOK = sig->verify();
> }
> 
> I looked at the samples, but they didn't help me further than this :-(
> 
> Regards
> 
> Matthias
> 


Mime
View raw message