SignXML.LoadXML failes with unknown transformation
-
Wednesday, January 26, 2011 10:21 AM
I am working with VS 2010 / .NET 4 to implement a simple XMLdSig verification. The signature is created by a webservice provider and out of my control. As far as I could examine, the structure of the signature is valid. Hours of googling gave my the impression that xmlenc#256 may be a problem, but before that I even cannot load the XML document.
Can anyone help and tell me whats going wrong resp. where/how to find a solution?
Here is my code snippet:
DialogResult rc = oFDXML.ShowDialog(); if (rc!=DialogResult.OK) { return; } XmlDocument xdoc = new XmlDocument(); xdoc.PreserveWhitespace = true; xdoc.Load(oFDXML.FileName); XmlNamespaceManager ebMgr = new XmlNamespaceManager(xdoc.NameTable); string PrefixURLeb = http://www.ebinterface.at/schema/3p0/; string PrefixURLsig = http://www.w3.org/2000/09/xmldsig#; ebMgr.AddNamespace("eb", PrefixURLeb); ebMgr.AddNamespace("dsig", PrefixURLsig); SignedXml sXdoc = new SignedXml(xdoc); XmlNodeList nodelist = xdoc.GetElementsByTagName("dsig:Signature"); sXdoc.LoadXml((XmlElement)nodelist.Item(0)); if (sXdoc.CheckSignature()) { MessageBox.Show("Signature OK"); } else { MessageBox.Show("Signature not OK"); }
Here is the XML File:
<?xml version="1.0" encoding="UTF-8" standalone="no" ?> <eb:Invoice xmlns:eb="http://www.ebinterface.at/schema/3p0/" eb:DocumentTitle="Beispiel-Rechnung" eb:DocumentType="Invoice" eb:GeneratingSystem="ebInterface 3.0 Word Formular Vorlage Version 2.0.0 RC2 SVN Rev:149" eb:InvoiceCurrency="EUR" eb:Language="ger" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ebinterface.at/schema/3p0/ http://www.ebinterface.at/schema/3p0/Invoice.xsd"> <dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <dsig:Reference Id="reference-1-1" URI=""> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> <dsig:DigestValue>RJc1W6Us9foLWNdOAbOud69orIFo+lOq6TpWN/Pqk94=</dsig:DigestValue> </dsig:Reference> <dsig:Reference Id="etsi-data-reference-1-1" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI=""> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"> <xpf:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xpf="http://www.w3.org/2002/06/xmldsig-filter2">//*[@Id='etsi-signed-1-1']/etsi:QualifyingProperties/etsi:SignedProperties</xpf:XPath> </dsig:Transform> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> <dsig:DigestValue>JKUoHDJjvrkPxk2Scd81nNzn6tE2ThyKF56Z7oMXIMs=</dsig:DigestValue> </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue>SsdpxgvP74sXBW2f3yKJbkTBdsVTwHzc1R3CE7iQoUzmwkzXymCkV3Su/qUZqQh57nEJ4LovN2iCiQ/7ptM3wj4MlQ68soPHZGCjfdVL8X1+3HWXlw//e/1hW3HuIa5nFNaA82qzFqVAp4cMkT6c7YM74g7kmZ/wtVkwP8VonysCXv3w5T8T9ur+nnAbqKYp9114GTbwi0NHMASk+vpEZdK9tDF4ZBNWsckZpKYI9m30atdoGqnifHFEa8deQCapp66rH8ckrjikDGf4R8ogDlchDGzhSTMUxqKJ99P+zyLTvw0VNQZ2OnYs13jlHyLnGP0xquMkgu+kq3JYJ4AQKg==</dsig:SignatureValue> <dsig:KeyInfo> <dsig:X509Data> <dsig:X509Certificate>MIIFvzCCBKegAwIBAgIDAk6pMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSMwIQYDVQQLDBphLXNpZ24tUHJlbWl1bS1UZXN0LVNpZy0wMjEjMCEGA1UEAwwaYS1zaWduLVByZW1pdW0tVGVzdC1TaWctMDIwHhcNMTEwMTE5MTYyNDQ5WhcNMTYwMTE5MTYyNDQ5WjBgMQswCQYDVQQGEwJBVDEXMBUGA1UEAwwOTWF4IE11c3Rlcm1hbm4xEzARBgNVBAQMCk11c3Rlcm1hbm4xDDAKBgNVBCoMA01heDEVMBMGA1UEBRMMNzIzOTY0NjI2NDMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12CM2FTRpMTN+fSuDy82vK9GHu3iYpdvq61a7YGiSBO4yOHPogVqjSj7QDUyXbPht4BDXpeWoGtmfzk3o4sAoFp50wHpp7UndBoVmBrHT1QbuW6L/qIN8KP++ISMjDXbHcQHNvu5wxocYLEmYv2x5KJ2TznZd3Is1c6NmDcBu/ZeDqq+8HIX8upJ4LPay4Zdv9GoggQJCYJ8Vs3fVouM/eyOJgAFELSl4btpKoPKR3vVuLPctx2LJrE9uM6UrDYTJUsmK9rclmAWLPhtpDbgY4xKwNkKAJUxbEDLIWOqw/RClnf1MK3nTYAWs3UVWOUpv33QtAG/gAHKjwbeScKKEwIDAQABo4ICPjCCAjowEwYDVR0jBAwwCoAIRgafjkGOFb0wJwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBhAYIKwYBBQUHAQEEeDB2MCwGCCsGAQUFBzABhiBodHRwOi8vb2NzcC10ZXN0LmEtdHJ1c3QuYXQvb2NzcDBGBggrBgEFBQcwAoY6aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVtaXVtLVRlc3QtU2lnLTAyLmNydDCBnQYDVR0gBIGVMIGSMIGFBgYqKAARAQMwezA9BggrBgEFBQcCARYxaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLXByZW1pdW0tdGVzdDA6BggrBgEFBQcCAjAuGixEaWVzZXMgWmVydGlmaWthdCBkaWVudCBudXIgenUgVGVzdHp3ZWNrZW4gITAIBgYEAIswAQEwgaQGA1UdHwSBnDCBmTCBlqCBk6CBkIaBjWxkYXA6Ly9sZGFwLXRlc3QuYS10cnVzdC5hdC9vdT1hLXNpZ24tUHJlbWl1bS1UZXN0LVNpZy0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQIRab5APeSgo4wDgYDVR0PAQH/BAQDAgbAMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAE/ddaBuS612hnSahFxDPebxOWSeghmG88NPUQEbLcbHM4pLkreN+4PaE9epOUbvSABC+TCT9BHdv+1MerlHMy5pnfwGsrS/vg++Lnj4el3LNt6XboDKJCCyKzzJpa/69rdYTVE96DHUFKnyt7CdbeXfWNmZjWoOf40vSizhqVh9keFsE8JPp+tirO7EqqEHHq1uX+0YTFE1M/yhMCSX8mcOSCZGs6wKyMZxRiQx8tHcEVwRELBqqvzF2AI3VKVpKM2UthZmEG5HSRcABefdmiMGbgRdbsApwYMdIzZqrO/mwcEx2PEXt3Mwm6mgEZIcIqsMmRQv/MyPWMb2AN+MF28=</dsig:X509Certificate> </dsig:X509Data> </dsig:KeyInfo> <dsig:Object Id="etsi-signed-1-1"> <etsi:QualifyingProperties Target="#signature-1-1" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"> <etsi:SignedProperties> <etsi:SignedSignatureProperties> <etsi:SigningTime>2011-01-20T14:04:29Z</etsi:SigningTime> <etsi:SigningCertificate> <etsi:Cert> <etsi:CertDigest> <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <etsi:DigestValue>wP7ZNWqi88yJSGzB9QL//0S+ajc=</etsi:DigestValue> </etsi:CertDigest> <etsi:IssuerSerial> <dsig:X509IssuerName>CN=a-sign-Premium-Test-Sig-02,OU=a-sign-Premium-Test-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName> <dsig:X509SerialNumber>151209</dsig:X509SerialNumber> </etsi:IssuerSerial> </etsi:Cert> </etsi:SigningCertificate> <etsi:SignaturePolicyIdentifier> <etsi:SignaturePolicyImplied/> </etsi:SignaturePolicyIdentifier> </etsi:SignedSignatureProperties> <etsi:SignedDataObjectProperties> <etsi:DataObjectFormat ObjectReference="#reference-1-1"> <etsi:MimeType>text/xml</etsi:MimeType> </etsi:DataObjectFormat> </etsi:SignedDataObjectProperties> </etsi:SignedProperties> </etsi:QualifyingProperties> </dsig:Object> </dsig:Signature> <eb:InvoiceNumber>20110001</eb:InvoiceNumber> <eb:InvoiceDate>2011-01-13</eb:InvoiceDate> <eb:Delivery> <eb:Date>2011-01-13</eb:Date> </eb:Delivery> <eb:Biller> <eb:VATIdentificationNumber>ATU123456</eb:VATIdentificationNumber> <eb:Address> <eb:Name>Bogad & Partner Consulting OG</eb:Name> <eb:Street>Steinbachstrasse 17</eb:Street> <eb:Town>Mauerbach</eb:Town> <eb:ZIP>3001</eb:ZIP> <eb:Country>AT </eb:Country> </eb:Address> </eb:Biller> <eb:InvoiceRecipient> <eb:VATIdentificationNumber>00000000</eb:VATIdentificationNumber> <eb:BillersInvoiceRecipientID>111111</eb:BillersInvoiceRecipientID> <eb:OrderReference> <eb:OrderID>444444</eb:OrderID> <eb:ReferenceDate>2010-12-01</eb:ReferenceDate> </eb:OrderReference> <eb:Address> <eb:Name>BRZ</eb:Name> <eb:Street>Hintere Zollamtsstrasse 4</eb:Street> <eb:Town>Wien</eb:Town> <eb:ZIP>1030</eb:ZIP> <eb:Country>AT </eb:Country> </eb:Address> </eb:InvoiceRecipient> <eb:Details> <eb:HeaderDescription>Wir erlauben uns wie folgt zu verrechnen.</eb:HeaderDescription> <eb:ItemList> <eb:ListLineItem> <eb:PositionNumber>1</eb:PositionNumber> <eb:Description>Tagsatz</eb:Description> <eb:BillersArticleNumber>0000</eb:BillersArticleNumber> <eb:Quantity eb:Unit="Tag">5.00</eb:Quantity> <eb:UnitPrice>970.00</eb:UnitPrice> <eb:TaxRate>20.00</eb:TaxRate> <eb:DiscountFlag>false</eb:DiscountFlag> <eb:ReductionRate>0.00</eb:ReductionRate> <eb:LineItemAmount>4850.00</eb:LineItemAmount> </eb:ListLineItem> </eb:ItemList> <eb:FooterDescription>Wir danken für Ihren Auftrag.</eb:FooterDescription> </eb:Details> <eb:Tax> <eb:VAT> <eb:Item> <eb:TaxedAmount>4850.00</eb:TaxedAmount> <eb:TaxRate>20.00</eb:TaxRate> <eb:Amount>970.00</eb:Amount> </eb:Item> </eb:VAT> </eb:Tax> <eb:TotalGrossAmount>5820.00</eb:TotalGrossAmount> <eb:PaymentMethod eb:ConsolidatorPayable="false" xsi:type="eb:UniversalBankTransactionType"> <eb:BeneficiaryAccount> <eb:BankName>Volksbank Wien</eb:BankName> <eb:BankCode eb:BankCodeType="AT">43000</eb:BankCode> <eb:BankAccountNr>1234567890</eb:BankAccountNr> <eb:IBAN>1234567890</eb:IBAN> <eb:BankAccountOwner>Bogad & Partner Consulting OG</eb:BankAccountOwner> </eb:BeneficiaryAccount> </eb:PaymentMethod> <eb:PaymentConditions> <eb:DueDate>2011-01-13</eb:DueDate> </eb:PaymentConditions> <eb:PresentationDetails> <eb:URL>www.austriapro.at</eb:URL> <eb:SuppressZero>true</eb:SuppressZero> </eb:PresentationDetails> </eb:Invoice>
Spezialist für Verschlüsselung, Digitale Signatur, Smart Card, elektronische Rechnung, Liquiditätssteuerung,VSTO Entwicklung, http://www.bogad.at- Moved by eryang Friday, January 28, 2011 4:51 AM (From:.NET Base Class Library)
All Replies
-
Wednesday, January 26, 2011 10:26 AMWhat is the exact exception/error? Have you tried using XDocument from System.Linq.Xml namespace?
God bless you! -
Friday, January 28, 2011 4:50 AM
I move this thread to XML forum for better support, please feel free to let us know if you have any concern.
Eric Yang [MSFT]
MSDN Community Support | Feedback to us
Get or Request Code Sample from Microsoft
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
-
Sunday, January 30, 2011 2:52 AMModerator
Hi Josef,
I performed some tests on your sample XML. I saved the XML as a local file with utf-8 format and it is loaded into XmlDocument correctly.
For the signature issue, we will do some futher research on it. I may involve some senior engineers for help since I am not an expert of Signed XML.
Have a nice weekend!
Thanks
Michael Sun [MSFT]
MSDN Community Support | Feedback to us
Get or Request Code Sample from Microsoft
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
-
Wednesday, February 02, 2011 10:00 AM
Hi, thans for the comments.
@tillias: Interessting idea, but seems not address the problem.
@erang: I am uncertain, cause I am not so familiar with the different forums. Can you give me guidance how to do that?
@Lingzhi Sun: Sounds that we are on the same track. I have following findings: 1) xmlenc#SHA256 seems not to be supported in SignedXML class. Found some similar issue here: http://social.msdn.microsoft.com/Forums/en-US/Geneva/thread/7ea81d70-e0f0-4234-8142-a156b7238e65/
Josef
Spezialist für Verschlüsselung, Digitale Signatur, Smart Card, elektronische Rechnung, Liquiditätssteuerung,VSTO Entwicklung, http://www.bogad.at -
Tuesday, February 15, 2011 1:52 AM
Josef,
Presently we have no .Net framework classes to sign an XML using SHA2 signature. It seems currently only base-64 encoding is supported.
However, you might try the RSAPKCS1SHA256SignatureDescription class for RSA-SHA256 signatures.
RSAPKCS1SHA256SignatureDescription class is from http://clrsecurity.codeplex.com
Regards
Jay [MSFT]
Jay Akhawri -
Friday, February 18, 2011 5:29 PM
Jay,
Thx for pointing me to this codeplex project. As the project is another codeplex project http://ebinterface.codeplex.com I have only limited resources, and felt a litte lost when looking into it. It did look to me, that I would have to handle the whole XML:dsig myself, which is too much.
Regards
Josef
Spezialist für Verschlüsselung, Digitale Signatur, Smart Card, elektronische Rechnung, Liquiditätssteuerung,VSTO Entwicklung, http://www.bogad.at -
Thursday, March 01, 2012 3:36 PM
Hi @all,
finally I found a solution: http://social.msdn.microsoft.com/Forums/en-SG/netfxbcl/thread/6438011b-92fb-4123-a22f-ad071efddf85
Regards
Josef
Specialised in data encryption, digital signatur, smart card management, electronic invoicing, VSTO & Sharepoint development, http://www.bogad.at
- Marked As Answer by Josef Bogad Thursday, March 01, 2012 3:36 PM
