santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Milan Tomic" <mi...@setcce.org>
Subject RE: Verifying RSA
Date Wed, 17 Aug 2005 08:48:06 GMT

You can try to validate signature with those toolkits:

1. Download trial:

http://www.setcce.si/eng/index45c.php

2. Download XMLSec binaries:

http://www.aleksey.com/xmlsec/download.html

3. Download Apache XSEC java lib. There are samples how to validate
signed doc.

Best regards,
Milan


> -----Original Message-----
> From: Matthias Niggemeier [mailto:M@thias.de] 
> Sent: Wednesday, August 17, 2005 10:36 AM
> To: security-dev@xml.apache.org
> Subject: RE: Verifying RSA
> 
> 
> Milan,
> thats a bit problematic since i have only "real" data for 
> testing, so i don't think that my customer would be amused if 
> i post the file here. Is there any program available which is 
> able to verify a dsig? I googled around and found none :-(
> 
> Should the code work? (as far as it is possible to say 
> without debugger) 
> 
> Kind regards
> 
> Matthias
> 
> > -----Original Message-----
> > From: Milan Tomic [mailto:milan@setcce.org]
> > Sent: Wednesday, August 17, 2005 9:31 AM
> > To: security-dev@xml.apache.org
> > Subject: RE: Verifying RSA
> > 
> > 
> > Could you post your XML file here for analisys?
> > 
> > Have you tried to verify signature with some other library 
> like Apache 
> > XSEC Java library?
> > 
> > Best regards,
> > Milan
> > 
> > 
> > > -----Original Message-----
> > > From: Matthias Niggemeier [mailto:M@thias.de]
> > > Sent: Wednesday, August 17, 2005 9:19 AM
> > > To: security-dev@xml.apache.org
> > > Subject: Verifying RSA
> > > 
> > > 
> > > Hi there,
> > > I have a problem verifying a signed xml doc. My doc looks 
> like this:
> > > 
> > > ... xml snipped ...
> > > </Product>
> > > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
> > > <SignedInfo>
> > > <CanonicalizationMethod
> > > Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" 
> > > /> <SignatureMethod 
> > > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> 
> > > <Reference URI=""> <Transforms> <Transform 
> > > Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signatu
> > > re" /> </Transforms> <DigestMethod 
> > > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> 
> > > <DigestValue>abcde</DigestValue> </Reference> </SignedInfo>

> > > <SignatureValue>abcdefg</SignatureValue>
> > > </Signature>
> > > 
> > > When I try to verify, I get an error
> > > 
> > > Reference URI="" failed to verify
> > > 
> > > What is wrong? The sender of the xml doc persists that the
> > > signature is valid. My code to verify:
> > > 
> > > bool LoadValidateRSA(tstring sURI)
> > > {
> > >     xercesc::DOMDocument *doc = NULL;   
> > >     XSECProvider prov;
> > >     DSIGSignature* sig = NULL;
> > >     XERCES_CPP_NAMESPACE::DOMBuilder* builder = NULL;
> > > 	WinCAPICryptoKeyRSA* pRSA = NULL;
> > > 	WinCAPICryptoProvider WCProv;
> > > 
> > > 	builder =
> > > GetImplementationLS()->createDOMBuilder(xercesc::DOMImplementa
> > > tionLS::MODE_SYNCHRONOUS,0);
> > >       builder->setFeature(xercesc::XMLUni::fgDOMNamespaces, true);
> > >       doc = builder->parseURI(X(sURI));
> > > 
> > > 	pRSA = (WinCAPICryptoKeyRSA*)WCProv.keyRSA();
> > > 	sig = prov.newSignatureFromDOM(doc); 
> > > 	char cModulus[] = "sAGXf2IjqajW1F7m"; // snipped
> > > 	char cExponent[] = "ABCD";
> > > 	
> > > 	pRSA->loadPublicExponentBase64BigNums(cExponent,
> > > (unsigned int) strlen(cExponent));
> > > 	pRSA->loadPublicModulusBase64BigNums(cModulus, 
> > > (unsigned int) strlen(cModulus));
> > > 	
> > > 	sig->load();
> > > 	sig->setSigningKey(pRSA);
> > > 	bVerifyOK = sig->verify();
> > > }
> > > 
> > > I looked at the samples, but they didn't help me further
> > than this :-(
> > > 
> > > Regards
> > > 
> > > Matthias
> > > 
> > 
> 


Mime
View raw message