Xml validation failed with RSA256with rsa Algorithm

Question

I am trying to validate offline aadhar ekyc XML file with the sample code. But the validation keeps failing, I am not sure if it's the code error or error in the .cer file.

I am using SHA256withRSA algorithm to validate the XML file as mention in the documentation and sample code.

Same thing happening with Python Code.

Is there any special encoding feed into the validation function?

using System;
using System.Security.Cryptography.X509Certificates;
using System.Xml;


namespace test
{
class MainClass
{


    public static void Main(string[] args)
    {
        // link -> 
//https://drive.google.com/file/d/1aSv3HJUFf5_42Z-FqpdVHEk5b3VA3T3D/view


        string XMLFilePath = "offlineaadhaar.xml"; //Get the XML file

// link -> 
//https://drive.google.com/file/d/1FW4ciIhZqJuelOcGF2x6VaBCSDO9J-gM/view


string KeyFilePath = "okyc-publickey.cer"; //Get the public key certificate file

        XmlDocument ObjXmlDocument = new XmlDocument();

        ObjXmlDocument.Load(XMLFilePath); //Load the XML

        XmlAttributeCollection SignatureElement = ObjXmlDocument.DocumentElement.Attributes; //Get the all XML attribute

        string SignatureValue = SignatureElement.GetNamedItem("s").InnerXml; // Get Signature value




        SignatureElement.RemoveNamedItem("s");//Remove the signature "s" attribute from XML and get the new XML to validate

        //Console.WriteLine(SignatureElement);

        /*----------------Read and parse the public key as string-----------------------*/
        X509Certificate2 ObjX509Certificate2 = new X509Certificate2(KeyFilePath, "public"); //Initialize the public ket certificate file


        Org.BouncyCastle.X509.X509Certificate objX509Certificate;
        Org.BouncyCastle.X509.X509CertificateParser objX509CertificateParser = new Org.BouncyCastle.X509.X509CertificateParser();

        objX509Certificate = objX509CertificateParser.ReadCertificate(ObjX509Certificate2.GetRawCertData());
        /*----------------End-----------------------*/


        //Console.WriteLine(objX509Certificate);

        /* Init alg */
        Org.BouncyCastle.Crypto.ISigner signer = Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA256withRSA");

        //Console.WriteLine(signer);
        /* Populate key */
        signer.Init(false, objX509Certificate.GetPublicKey());


        /* Get the signature into bytes */
        var expectedSig = Convert.FromBase64String(SignatureValue);



        /* Get the bytes to be signed from the string */
        var msgBytes = System.Text.Encoding.UTF8.GetBytes(ObjXmlDocument.InnerXml);


        /* Calculate the signature and see if it matches */
        signer.BlockUpdate(msgBytes, 0, msgBytes.Length);


        Console.WriteLine(msgBytes.Length);


        bool Flag = signer.VerifySignature(expectedSig);

        if (Flag)
        {
            Console.WriteLine("XML Validate Successfully");

        }
        else
        {
            Console.WriteLine("XML Validation Failed");


        }
    }
}
}

Make sure you are getting the correct text at each instruction.XML files consist of readable ascii. The encrypted sections are Base 64 strings which again ASCII characters. — jdweng, Dec 29 '18 at 20:23
@jdweng should I change the encoding when feed into the validation function ? — Chinmay Das, Dec 29 '18 at 21:47

Xml validation failed with RSA256with rsa Algorithm

0 Answers0