c# - How do I decide the `DigestValue`, `SignatureValue` and `RSAKeyValue` for digital signing of XML -


i working on project need verify xml digitally signed or not. getting hard me try , validate xml key values following

    <signature xmlns="http://www.w3.org/2000/09/xmldsig#">     <signedinfo>       <canonicalizationmethod algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />       <signaturemethod algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />       <reference uri=**some uri value**>         <transforms>           <transform algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />           <transform algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">            </transform>         </transforms>         <digestmethod algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />         <digestvalue>**some digest value**</digestvalue>       </reference>     </signedinfo>     <signaturevalue>**some signature value**</signaturevalue>   <keyinfo xmlns:type="http://www.w3.org/2000/09/xmldsig#rsakeyvalue">       <rsakeyvalue><modulus>**some rsa key value**</modulus>        <exponent>aqab</exponent>     </rsakeyvalue>    </keyinfo >   </signature>

i not able trace out how can values

  1. reference uri
  2. digest value
  3. signature value
  4. rsa modulus value

can 1 tell me how can values of above? , logic behind using these combinations in xml validation?

i using c# checking validations. can check code c# in previous questions

  1. how validate xml following code

thanks in advance.

if want check if values there, use xml manipulation class xdocument.

if want verify signature need understand this:

  1. the issuer generates hash of document puts on (this digestvalue)
  2. the issuer encrypt hash private key , puts on document (this signaturevalue)
  3. the user sends certificate document (this x509certificate field).

so want check if signature valid, need decript signaturevalue public key , compare digestvalue. if both equal, document ok, if not, maybe 2 things ocurred. or document modified during process, or public key not correspondent private key encrypts document.


-

Comments

Post a Comment

Popular posts from this blog

OpenCV OpenCL: Convert Mat to Bitmap in JNI Layer for Android -

there several posts converting mat bitmap using utils.mattobitmap() function. i'm assuming function can called in java layer after importing utils class. i want transfer data memory address pointed uint32_t* bmpcontent; in code below. jniexport void jnicall java_com_nod_nodcv_nodcvactivity_runfilter( jnienv *env, jclass clazz, jobject outbmp, jbytearray indata, jint width, jint height, jint choice, jint filter) { int outsz = width*height; int insz = outsz + outsz/2; androidbitmapinfo bmpinfo; if (androidbitmap_getinfo(env, outbmp, &bmpinfo) < 0) { throwjavaexception(env,"gaussianblur","error retrieving bitmap meta data"); return; } if (bmpinfo.format != android_bitmap_format_rgba_8888) { throwjavaexception(env,"gaussianblur","expecting rgba_8888 format"); return; } uint32_t* bmpcontent; if (androidbitmap_lockpixels(env, outbmp,(void**)&bmpcontent)...
Read more

android - org.xmlpull.v1.XmlPullParserException: expected: START_TAG {http://schemas.xmlsoap.org/soap/envelope/}Envelope -

i trying hit soap api in application login purpose , getting above mentioned error , can 1 tell me going wrong , first time soap apis. here code hit soap :- vector<object> args = new vector<object>(); hashtable<string, object> hashtable = new hashtable<string, object>(); hashtable.put("email", "mss.siddhart28@gmail.com"); hashtable.put("password", "siddharth"); args.add(hashtable); soapserializationenvelope envelope = new soapserializationenvelope( soapenvelope.ver11); envelope.dotnet = true; envelope.xsd = soapserializationenvelope.xsd; envelope.enc = soapserializationenvelope.enc; (new marshalhashtable()).register(envelope); httptransportse androidhttptransport = new httptransportse( "http://tempuri.org/", 15000); androidhttptransport.debug = true; string result = ""; try { soapobject request = new soapobject("http:...
Read more

python - How to remove the Xframe Options header in django? -

i have made page has iframe . inside iframe want show multiple different links article facebook, or news, or youtube video or other possible url. but, due xframe header, unable so. referred following link: https://docs.djangoproject.com/en/1.8/ref/clickjacking/ , django xframeoptionsmiddleware (x-frame-options) - allow iframe client ip but didn't help. my settings.py file's middleware_classes is: middleware_classes = ( 'django.contrib.sessions.middleware.sessionmiddleware', 'django.middleware.common.commonmiddleware', 'django.middleware.csrf.csrfviewmiddleware', 'django.contrib.auth.middleware.authenticationmiddleware', 'django.contrib.auth.middleware.sessionauthenticationmiddleware', 'django.contrib.messages.middleware.messagemiddleware', 'django.middleware.clickjacking.xframeoptionsmiddleware', ) from http://django-secure.readthedocs.org/en/latest/middleware.html , found using ...
Read more