XML validation with XMLDSIG using XadES-BES algorithm

c# .net xml digital-signature xml-validation

14,784

Solution 1

The XML you are showing is not really a XAdES signature, but a XMLDSIG. You can tell that because there is not a QualifyingProperties node (XAdES adds this node, that have to be inside an Object tag, as a child of Signature node).

As Ricardo said before, the project I am working in (XAdES .Net Project) should be able to verify the xml you provide. If not, please, feel free to add an issue at our issue tracker (you may need to register at codeplex, but it is free).

At this point, we are still building the skeleton of our library (what really aims to implement is XAdES in .NET), so you may find bugs or lack of features. If so, again, feel free to add any issue you need.

Also, we developed the library using .NET Framework 3.5 so, if you really can only use 1.1 it won't work :( Security layer after Framework 1.1 changed, so it is not backwards-compatible. I think it will work using 2.0 and above.

I hope it helps.

Regards,

Luis M. Villa

Solution 2

See Microsoft's SignedXml class

14,784

Author by

René

Updated on June 04, 2022

Comments

René almost 2 years

Some information a program is using uses input files in xml format. The files have the following structure.

<?xml version="1.0" encoding="UTF-8"?>
<Envelope xmlns="urn:envelope">
 <MyData Id="MyDataId">
  <!-- some data -->
 </MyData>
 <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
  <SignedInfo>
   <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
   <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig-more#rsa-sha256" />
   <Reference URI="#MyDataId">
    <Transforms>
     <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
    </Transforms>
    <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
    <DigestValue>
     <!-- digest for MyData -->
    </DigestValue>
   </Reference>
   <Reference URI="#KeyInfoId">
    <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
    <DigestValue>
     <!-- digest for KeyInfo -->
    </DigestValue>
   </Reference>
  </SignedInfo>
  <SignatureValue>
   <!-- signature from SignedInfo data -->
  </SignatureValue>
  <KeyInfo id="KeyInfoId">
   <X509Data>
    <X509Certificate>
     <!-- some certificate -->
    </X509Certificate>
   </X509Data>
  </KeyInfo>
 </Signature>
</Envelope>

I found some examples with only one reference tag, but not with muliple or only refereces which where already in the rest of the xml file. I know that the encoding is XADES-BES. Does anyone knows a .NET 1.1 component which is capable of validating this kind of XML files? Thanks in advance.

Regards,

René

Eugene Mayevski 'Callback over 13 years

Version 0.1 started a couple of days ago?
iliketurtles over 4 years

As code plex is dead I found a github repo with the project: github.com/Caliper/Xades.git