Stack Overflow
Stack Overflow

Questions tagged [xml-dsig]

XML digital signature is a standard for representing digital signatures as XML. While it can be used to sign other data, it is mainly used to sign XML documents.

XML digital signature is defined in XML Signature Syntax and Processing.

The standard mainly covers the following topics:

  • signature representation

  • definition of signed data

  • key references

  • signature generation process

106 questions
3
votes
2 answers

XMLDSig X509SerialNumber too large to be an int, fails XSD validation

I'm trying to create and XMLDSig using an X509 cert. I run the verbatim example from MS (http://msdn.microsoft.com/en-us/library/system.security.cryptography.xml.x509issuerserial.aspx) which generates the XML below. The problem with the XML is…
jhilden
  • 12,207
  • 5
  • 53
  • 76
2
votes
1 answer

XML DSIG: Enveloping signature transform in .NET

I'm using the XmlDsigEnvelopedSignatureTransform to digitally sign an XML file using an RSA private key. However, what I really want is to sign the xml using an "enveloping" signature. Does .NET have native support for that? By the way, here's my…
Ian
  • 5,625
  • 11
  • 57
  • 93
2
votes
1 answer

Verify XMLDSIG chain in .NET?

I'm using XMLDSIG to sign a configuration file. I'd like my CA to be able to issue keys that can be used to sign XML. I'd then like to verify that the XML was signed with a key issued by my CA. How do I get the signing certificate out of the…
Roger Lipscombe
  • 89,048
  • 55
  • 235
  • 380
2
votes
0 answers

What does Soap UI uses from soap envelope to create XMLDsig signature?

What does Soap UI uses from soap envelope to create XMLDsig signature? or the opposite question, how can I validate a signature of a Soap XMLDsig response? I'm asking because I only managed to get the proper response using Soap UI. Let say we have…
Alejandro L.
  • 1,066
  • 5
  • 17
  • 38
2
votes
1 answer

How to sign SAML 2.0 AuthnRequest with ECDSA (​NIST Curve P-256/​ SHA-256) in PHP

I need to sign SAML 2.0 AuthnRequest with ECDSA (​NIST Curve P-256/​ SHA-256) in PHP. To create SAML 2.0 AuthnRequest I'm using https://github.com/simplesamlphp/simplesamlphp I have a private key Private-Key: (256 bit) priv: 0d:..... pub: …
Piotr Osipa
  • 55
  • 1
  • 8
2
votes
1 answer

Xml Digital signature with C# .NET Core 1.1

I am working on a client side communication with a SOAP web services using .NET Core (latest version at the moment 1.1.) and C# (actually Omnisharp). Requests should be digitally signed with an enveloped signature, using RSA-SHA1 signing method,…
daneejela
  • 13,081
  • 7
  • 38
  • 50
2
votes
2 answers

XML Signature - Different signature value in PHP?

I want to implement an XML digital signature in PHP. I'm testing the correctness of the signature at this verifier. I'm getting the wrong signature value, so I'm going to explain step by step what I'm doing and please correct what I'm doing…
GregorMohorko
  • 2,739
  • 2
  • 22
  • 33
2
votes
1 answer

XML signature - reasons to sign KeyInfo element

According to XML Signature Specification (3.2.2 "Signature Validation"), KeyInfo element may be signed: "Note, KeyInfo (or some transformed version thereof) may be signed via a Reference element." Here we can see an example of xml with such…
dimmoborgir
  • 189
  • 1
  • 9
2
votes
1 answer

XML Relationship Transform Algorithm

I'm trying to validate a MS Word *.docx file with digital signature. In order to do validation, i have to calculate digest of referenced nodes and to check if it is same as one given in the signature (sig1.xml). I can't find info about how ti…
Georgi Iliev
  • 23
  • 5
2
votes
0 answers

Problems with Java xml-dsig and namespaces

I have been trying to get XML signing to work, using the JDK's javax.xml.crypto.dsig package. It works when i don't have any namespaces, but as soon as i add the namespaces, then the signing and validation works, on the in-memory DOM object. As soon…
eitch
  • 317
  • 2
  • 10
2
votes
2 answers

How do I validate digitally signed XML documents in C#?

I'm currently trying to build an updater for my software. So far this is not a hard task but I'd like to sign files in order to prevent harm in case these get hacked and modified (as it would allow installing harmful software). I found some…
SharpShade
  • 1,761
  • 2
  • 32
  • 45
2
votes
2 answers

Is xmldsig apache santuario provider incompatible with jdk provider?

I'm creating a xml digital signature the same way it is mentioned in nearly all examples I have found: String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI"); XMLSignatureFactory fac…
soilworker
  • 1,317
  • 1
  • 15
  • 32
2
votes
1 answer

Large number failing validation as type xs:integer

If I try and validate the following XML:
Simon Green
  • 1,131
  • 1
  • 10
  • 28
2
votes
1 answer

SignedXml.CheckSignature only returns true if I verify with private key

I have seen several similar questions but none that address exactly what I'm asking. I am trying to sign an XML then verify it with the public key using C#. I sign the XML with a key then export the key to an XML. Then take the key and the signed…
user985637
  • 115
  • 2
  • 11
2
votes
1 answer

XmlDSig: The Reference Processing Model (Node set vs Octet stream)

I'm studying XML Advanced Electronic Signatures. To create "ArchiveTimeStamp" (page 58) the Specification says: Process the retrieved ds:Reference element according to the reference processing model of XMLDSIG. If the result is a XML node set,…
Cobaia
  • 1,503
  • 3
  • 22
  • 41
1
2
3 4 5 6 7 8