how to verify signed data in .NET 2.0?

Question

5.00/5 (1 vote)

See more:

Hi
My client has signed the xml in Java using private key & IAIK tool. I want to decrypt/verify the data in .NET 2.0. I have public certificate of my client. I have tried various methods but verification fails. Kindly suggest any code to verify/decrypt the data. The signed XML is as follows

XML

<TrnResponse>
 <Transaction>
  <Type>TrnResponse</MessageType>
  <ReferenceNo>123456</ReferenceNo>
  <ClientName>ABCDI</ClientName>
  <TReferenceNo>111111</CTReferenceNo>
  <Mode>05</Mode>
  <Status>SUCCESSFUL</Status>
  <TRXDateTime>06-03-2012 13:16:21</TRXDateTime>
  <TRXID>001111222</TRXID>
  </Transaction>
 <Signature>  <SignatureValue>MIAGCSqGSIb3DQEHAqCAMIIHlwIBATELMAkGBSsOAwIaBQAwCwYJKoZIhvcNAQcB</SignatureValue>
  </Signature>
</TrnResponse>

i am trying following code to verify

C#

XmlDocument Doc = new XmlDocument();
        Doc.PreserveWhitespace = false;
        Doc.Load(@"d:\data.xml");
        SignedXml signedXml = new SignedXml(Doc);
        XmlNodeList nodeList = Doc.GetElementsByTagName("Signature");

        X509Certificate2 cert = GetRecipientCert(); // method returns public certificate
        RSACryptoServiceProvider csp = (RSACryptoServiceProvider)cert.PublicKey.Key;

        string publickey = cert.PublicKey.Key.ToXmlString(false);

        XmlNodeList xn1 = Doc.GetElementsByTagName("Transaction");
        string license_code = xn1.Item(0).OuterXml.ToString();
        ASCIIEncoding ByteConverter = new ASCIIEncoding();
        byte[] verify_this = ByteConverter.GetBytes(license_code);
        string base64_encoded_signature = Doc.GetElementsByTagName("SignatureValue").Item(0).InnerText;
        byte[] signature = Convert.FromBase64String(base64_encoded_signature);
        bool ok = csp.VerifyData(verify_this, new SHA1CryptoServiceProvider(), signature);

Posted 4-Apr-12 2:34am

ajay_sp002

Updated 4-Apr-12 2:44am

Prasad_Kulkarni

v2

Add a Solution

Comments

Bernhard Hiller 4-Apr-12 9:36am

Do you know for sure which pieces of the xml message were used for generating the signature? E.g. with or without spaces, tags, line breaks,...

ajay_sp002 5-Apr-12 6:04am

Hi,

The xml is provided by my client. I think they are using complete transaction tag for generating signature & i.e. without spaces.

walterhevedeich 16-Apr-12 1:59am

Do you know which cryptographic algorithm was used by your client to encrypt the data?

ajay_sp002 17-Apr-12 2:47am

Hi,

They are using SHA1 algorithm for encrypt data.

surekha116 11-Jun-13 9:29am

Hi ajay,

I have the same issue now,

Could you please help me how you solved this issue .

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)