XML Digital Signatures in .Net

re: XML Digital Signatures in .Net

shawnfa — Fri, 22 May 2009 00:27:11 GMT

Nope - the ds namespace is normal in an XML digital signature.

-Shawn

re: XML Digital Signatures in .Net

Jake — Mon, 06 Apr 2009 20:06:04 GMT

As simple as this seems, I have not been able to get CheckSignature() to return anything other than false...

The signature tag has a "ds" namespace (I'm not having any trouble extracting the signature though), do you think this has anything to do with it?

re: XML Digital Signatures in .Net

preguntoncojonero — Wed, 04 Mar 2009 18:46:42 GMT

and using xades ?? any sample code ???

thanks

re: XML Digital Signatures in .Net

shawnfa — Mon, 23 Feb 2009 22:37:59 GMT

If you're interested in how this process takes place, it's all documented by a publicly available standard: http://www.w3.org/TR/xmldsig-core/

If the public key holder wants to verify that we did a correct job, they could implement an alternate version of the standard to verify the results.

-Shawn

re: XML Digital Signatures in .Net

Volen — Sat, 14 Feb 2009 00:51:34 GMT

Hi this all is very interesting, but what I really want to know is the process of the validation.

The important step in signing an XML is pretty obvious:

1. Compute the hash code (based on the xml body)

2. Encrypt the hash code with the private key.

3. Write the result as the signature value.

My question is, what does the public key holder to do verify that the signature value is correct as in what is the actual process that takes place???

- Volen

re: XML Digital Signatures in .Net

shawnfa — Wed, 28 Jun 2006 03:35:00 GMT

Nothing -- in this example, you have to know the public key of hte expected signer, and filter on that. You might also want to check out http://blogs.msdn.com/shawnfa/archive/2004/01/22/61779.aspx for an alternative which does not have that requirement.

-Shawn

re: XML Digital Signatures in .Net

Anthony Wieser — Tue, 27 Jun 2006 15:35:41 GMT

What's to stop someone else signing the code again with a different key pair?

re: XML Digital Signatures in .Net

Edith — Wed, 26 Apr 2006 22:34:16 GMT

Hello,

I make this example, but when I run this, marck an error en this line:

doc.Load("order-signed.xml");SignedXml verifier = new SignedXml(doc);

an de message is: Invalid character in a Base-64 string.

I hope, someone can help me.

re: XML Digital Signatures in .Net

Kianoush — Wed, 21 Dec 2005 19:37:13 GMT

Hi,
Ich want to sign and encryt a particular portion of a XML-Fragment. supposing that an application should sign and encrypt the XML-Fragment, which should be secure. Another application should verifies the attached Signature and decrypt the encrypted XML-Fragment. Could you point me to the respective implementation for the purpose?

Virtual Thought » Nice article on SignedXML

TrackBack — Thu, 22 Jul 2004 22:53:00 GMT

Virtual Thought » Nice article on SignedXML