This project is read-only.

Exception thrown when verifying signature

Apr 26, 2012 at 5:35 PM

When using the XadesNet solution to test XAdES.NET, I sign a short test file (using XAdES and a P12 certificate containing both private & public key) and get the signed file which seems to be good, but an exception is thrown in the verification which occurs immediately after :

 File XmlDsigVerifyOperation.cs

            if (!newsignedXml.CheckSignature(verificationCertificate, !validationParameters.VerifyCertificate))
            {
                throw new InvalidOperationException("Signature is invalid.");
            }

CheckSignature() is a .NET Framework method (System.Security.Cryptography.Xml.SignedXml class) which just returns false. Hard to guess what's wrong.

Any help appreciated

Thanks

==================

Test File:

<Test>
  <SomeData>Hello World</SomeData>
</Test>

Signed Test File :

<Test>
  <SomeData>Hello World</SomeData>
  <Signature Id="signature" xmlns="http://www.w3.org/2000/09/xmldsig#">
    <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
      <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
      <Reference URI="">
        <Transforms>
          <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
        </Transforms>
        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <DigestValue>ccwlZWNFrMPu0OYf0MYXJNV3JI4=</DigestValue>
      </Reference>
      <Reference URI="#xadesSignedProperties" Type="http://www.w3.org/2000/09/xmldsig#SignatureProperties">
        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <DigestValue>9C3xCLoRGLhFxcPH41bo1swTLb8=</DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>gXJvOVQGpdYjKTRhJS+vQltkDdLKYsjPcSvbmckIEXDo0t1u3NhjlzKe2pHhLYQyzEq23sr1IOtKTCtsq+CMsULHXb8SW0c5BLzXBXLWr89cBiSO2gHDSAp8zWbwrPcByP5LK+XPABpcl8N8f8CXBJzZuJ5+NxIOGXxqcru7xfni9EHK83VADK052A4rrWpuLZoWjqv0LqwEi0XYvuJvjb9qa3Ggv7GstltLfH3xkWy+WWJHRQKpoJ58V4V+g5Kq90CEUv1oFFpqQc+hIaj4QvVOJ7BcMgf4bAGK914GaLGT5t8GsNAPyVJk0913QCMy/BxP9i7P2kg6pcWznIfRNQ==</SignatureValue>
    <KeyInfo>
      <X509Data>
        <X509Certificate>MIIErjCCApagAwIBAgIBdzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJGUjEQMA4GA1UECgwHRWNvTW92ZTEaMBgGA1UEAwwRQUMgSU5GUkFTVFJVQ1RVUkUwHhcNMTIwMzE1MTYxMDAxWhcNMTUwMzE1MTYxMDAxWjBVMQswCQYDVQQGEwJGUjEQMA4GA1UECgwHRUNPTU9VVjEgMB4GA1UECwwXJzAwMDIgNTMwIDgwNSA0OTggMDAwMTcxEjAQBgNVBAMMCXNpZ25hdHVyZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAML++6iGE1Cgc4OVQ0sN2azzTS+88HzO3r7El3d5ZoLBSeSWR7VSmVxlSBpu3gYtDjyqkbG0P7TEEC5NFcrTXZAeZYncENb0Cmrz2ogm3yURP5nwG7DRGWhTX65jvJrbT+/Fp45ZW1JufDp1CRMCuUMi14a5e5yzhytCxz4uJqZqV49Db/oP81UPHTDchcIsLOeCc3NRrxOwepNWlsE0gMhVsAn4d6hRuraUedfEoa3RwRqB5rhQ/fOYliKA00PEqjR+Gy0uK1I5Ax6R3SRAaAarSjE7DlQhDZ4IvGw78Xkclw5JRCh1mHlz2JJai1CifVrsSol8uFPndufJQuUx9p0CAwEAAaOBojCBnzAdBgNVHQ4EFgQUnjuxNusbcWLlsRVNCTSlmXbx6NwwHwYDVR0jBBgwFoAUbKurOrGADLwvilsMXC97K95Wtt8wDgYDVR0PAQH/BAQDAgeAME0GA1UdHwRGMEQwQqBAoD6GPGh0dHA6Ly9jcmwtZWNvdW1vdXYuZWNvbW91di5mci9hY19pbmZyYXN0cnVjdHVyZV9lY29tb3V2LmNybDANBgkqhkiG9w0BAQsFAAOCAgEAt5EIrQbuRFrvJpaMhkKDqBfcx4KCbvn74tV7nVhougXbWZiorOP8YEj5OVPw7AO/6hUFGtpHibZOAt6UmUSok0kwAR8VZZFkAuRtMia+srvcAbhZbjqxPQo/2PaaRGizkUAuakQ0U/jRUP2zPKZTSroTa99Y1+mIN2FpiZXnjZR8vB7HRu6ZxVroVuN3c5htfvcW4sQpLBreQ/fJI6evmDUCTV5KTptWQLkVsm/rPGeE+hhwXMxutEnHzrN5pTaqu10m7AcNBwLEQDblQCsPw6euBuErExqZvJ0+qpCYYK6tLPgzHU3G3m2cDQVwk990fxZ/ROv6Nxg/U8e2MHNgSTQ/mx9ixvzPB3zzkmF2O4yyIWc//k4Gdgf91RLPpBPZqwTxduhO1LeTb+3dQhVLbujfBtTI24fTjteQnfFX5GW16O7Zjo1mc71+mkpEfqo7F0YqKqTwTQoF84usJ4eQNeA/GRBxfU0PJjMUlW1RkGADKK/tnCeNbHQc4n+KHrr3LFvGmCGtDSyMsT1W+gtCuqmXKRxT5cjCLvYq3FngIN358xhjBK6hVhpEZGG05egodvuCX/FWX4L2bCyQYFtc/bB9H3GaerB6+zjNTic8tYM6mvycVYlx9q+YjK2tcms1yi2EI19RY5zu4uv+xH4OGvGZJ2cogYvjOY+eDv2H/yI=</X509Certificate>
      </X509Data>
    </KeyInfo>
    <Object>
      <QualifyingProperties Target="signature" xmlns="http://uri.etsi.org/01903/v1.3.2#">
        <SignedProperties Id="xadesSignedProperties">
          <SignedSignatureProperties>
            <SigningTime>2012-04-26T16:04:56Z</SigningTime>
            <SigningCertificate>
              <Cert>
                <CertDigest>
                  <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#sha1http://www.w3.org/2000/09/xmldsig#">http://www.w3.org/2000/09/xmldsig#sha1</DigestMethod>
                  <DigestValue xmlns="bJrQQeyoztdAPO6nsoRQ5oX5oAg=http://www.w3.org/2000/09/xmldsig#">bJrQQeyoztdAPO6nsoRQ5oX5oAg=</DigestValue>
                </CertDigest>
                <IssuerSerial>
                  <X509IssuerName xmlns="CN=AC" _mce_href="http://www.w3.org/2000/09/xmldsig#">CN=AC">http://www.w3.org/2000/09/xmldsig#">CN=AC INFRASTRUCTURE, O=EcoMove, C=FR</X509IssuerName>
                  <X509SerialNumber xmlns="77http://www.w3.org/2000/09/xmldsig#">77</X509SerialNumber>
                </IssuerSerial>
              </Cert>
            </SigningCertificate>
          </SignedSignatureProperties>
        </SignedProperties>
        <UnsignedProperties>
          <UnsignedSignatureProperties />
        </UnsignedProperties>
      </QualifyingProperties>
    </Object>
  </Signature>
</Test>