Stack Overflow
Stack Overflow

Questions tagged [xml-dsig]

XML digital signature is a standard for representing digital signatures as XML. While it can be used to sign other data, it is mainly used to sign XML documents.

XML digital signature is defined in XML Signature Syntax and Processing.

The standard mainly covers the following topics:

  • signature representation

  • definition of signed data

  • key references

  • signature generation process

106 questions
2
votes
1 answer

What is stopping me from adding my own signature to things?

there is something I am missing in understanding of digital signatures and was hoping someone could clear it up for me. A digital signature is to verify something has not been modified and came from a person. So say I somehow intercepted an xml…
evenprime
  • 99
  • 10
2
votes
1 answer

How to decide on class of object to be created from algorithm URI

Because of specifications imposed on me I have written my own C# code to sign XML, and to validate signed XML. Much like the SignedXml class does, but this way I'm more flexible e.g. in using XML namespace prefixes or not (it seems SignedXml does…
Bob van Steijnen
  • 23
  • 3
2
votes
2 answers

Timestamping XML using DSIG

I need to timestamp an XML file. Is there any solution on this? I can make an digital signature and put it into XML-DSIG structure, but i need to do it with timestamp. Principialy it is the same process. Signing i do myself, timestamping do TSA…
Achiles
  • 122
  • 5
1
vote
2 answers

How can I compare public keys in .NET?

I've got an X509Certificate2 containing a public key. I've got an RSACryptoServiceProvider (which came from calling SignedXml.CheckSignatureReturningKey), also containing a public key. I want to find out if one came from the other. How can I compare…
Roger Lipscombe
  • 89,048
  • 55
  • 235
  • 380
1
vote
1 answer

Validating xml signature on part of the document using SignedXml

I am using the SignedXml class to validate a signature in a XML document. The signature refers only to part to the document. I am able to verify the signature, but how can I be sure that the signature is signing the specific part of the document…
Antoine Aubry
  • 12,203
  • 10
  • 45
  • 74
1
vote
1 answer

XML Digital Signature and Canonicalization

Is it enough to just specify the canonicalization method to canonicalize the input xml as in signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; or should we also have to new up XmlDsigExcC14NTransform and add it as…
InquisitiveLad
  • 309
  • 3
  • 16
1
vote
0 answers

How to generate a "Partial Xml Signature" (ie the content of the SignedInfo tag)?

I need to generate a "partial XML Signature" message. To summarize, when we need to sign one kind of XML document, we create a digested "partial XML Signature" message, this "partial XML Signature" message is forwarded (with some credentials) to…
Val Bonn
  • 1,129
  • 1
  • 13
  • 31
1
vote
2 answers

Append XML with XAdES-T Timestamp Response (TSR)

For a project, XML files are dynamically generated. After a while, these XML files need to be signed using the XAdES-T protocol. The signature must be included in the XML file. To do that, I generate a Timestamp Query (TSQ) from the XML file. It is…
Frank M
  • 170
  • 3
  • 14
1
vote
1 answer

Calculating SignatureValue from SignedInfo using RSACryptoServiceProvider

I am new to XML digital signing topic. After reading some tutorials, I decided to do some hands-on activity and tried to follow some examples to improve my understanding. There's one particular point that I need help with. Here's the example I am…
alokoko
  • 1,405
  • 4
  • 21
  • 35
1
vote
1 answer

transform CMS (PKCS#7 based) signature into value suitable for xmldsig field

I have CMS(PKCS#7 based) signature as input and I want to create equivalent xmldsig out of it. I can extract X509 certificate out of CMS message, but I don't see the way how to extract signature hash (to reuse in xmldsig field). Is there way to…
bigral
  • 11
  • 1
1
vote
0 answers

Why does my Reference(URI "") resolve into ds:Manifest, but not into the root element, as it should?

I have generated a Security-Label which has the root Element: Binding-Information with the Children MetadataBindingContainer and Signature. When I generate the XML, the Reference with the URI"" digests everything, but the SignatureValue and the…
Daniel Bla
  • 11
  • 5
1
vote
0 answers

How to get hash from XML for signing in java

I have to create an application which has XML data and creates Hash for signing and send the hash to an API to get the raw signature for XML and append signature for XML in Java How can I achieve this. The same thing can be done in .Net by…
Prashanth
  • 507
  • 5
  • 25
1
vote
1 answer

SignXml in C# fails to verify it's own signature

I am working to replace a legacy application that is no longer being maintained. I have most things replaced except the digital signature method. I have an implementation in .net core and I'm a bit confused as to why it's failing to verify it's…
Morcalavin
  • 142
  • 2
  • 9
1
vote
1 answer

XML file signed with xmldsig (RobRichards\XMLSecLibs) but XSD validation fails

I installed the RobRichards\XMLSecLibs PHP library to sign my XML files. These files have to be generated according to a XSD file we have ...
Marco Riezzo
  • 41
  • 8
1
vote
0 answers

Java - Problems Using Santuario/xmlsec to Sign XML Document

I'm having some trouble using the Apache xmlsec library to digitally sign an XML Document. Based on scant documentation and a few examples on the web, I've thrown together the following code: public class SOAPTester { private static final…
javaeeguy
  • 51
  • 1
  • 7
1 2
3
4 5 6 7 8