RE: Verifying RSA

Wed, 17 Aug 2005 00:27:09 -0700 

Could you post your XML file here for analisys?

Have you tried to verify signature with some other library like Apache
XSEC Java library?

Best regards,
Milan


> -----Original Message-----
> From: Matthias Niggemeier [mailto:[EMAIL PROTECTED] 
> Sent: Wednesday, August 17, 2005 9:19 AM
> To: security-dev@xml.apache.org
> Subject: Verifying RSA
> 
> 
> Hi there,
> I have a problem verifying a signed xml doc. My doc looks like this:
> 
> ... xml snipped ...
> </Product>
> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
> <SignedInfo>
> <CanonicalizationMethod 
> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; 
> /> <SignatureMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> 
> <Reference URI=""> <Transforms> <Transform 
> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signatu
> re" /> </Transforms> <DigestMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> 
> <DigestValue>abcde</DigestValue> </Reference> </SignedInfo> 
> <SignatureValue>abcdefg</SignatureValue>
> </Signature>
> 
> When I try to verify, I get an error
> 
> Reference URI="" failed to verify
> 
> What is wrong? The sender of the xml doc persists that the 
> signature is valid. My code to verify:
> 
> bool LoadValidateRSA(tstring sURI)
> {
>     xercesc::DOMDocument *doc = NULL;   
>     XSECProvider prov;
>     DSIGSignature* sig = NULL;
>     XERCES_CPP_NAMESPACE::DOMBuilder* builder = NULL;
>       WinCAPICryptoKeyRSA* pRSA = NULL;
>       WinCAPICryptoProvider WCProv;
> 
>       builder = 
> GetImplementationLS()->createDOMBuilder(xercesc::DOMImplementa
> tionLS::MODE_SYNCHRONOUS,0);
>       builder->setFeature(xercesc::XMLUni::fgDOMNamespaces, true);
>       doc = builder->parseURI(X(sURI));
> 
>       pRSA = (WinCAPICryptoKeyRSA*)WCProv.keyRSA();
>       sig = prov.newSignatureFromDOM(doc); 
>       char cModulus[] = "sAGXf2IjqajW1F7m"; // snipped
>       char cExponent[] = "ABCD";
>       
>       pRSA->loadPublicExponentBase64BigNums(cExponent, 
> (unsigned int) strlen(cExponent));
>       pRSA->loadPublicModulusBase64BigNums(cModulus, 
> (unsigned int) strlen(cModulus));
>       
>       sig->load();
>       sig->setSigningKey(pRSA);
>       bVerifyOK = sig->verify();
> }
> 
> I looked at the samples, but they didn't help me further than this :-(
> 
> Regards
> 
> Matthias
>

Reply via email to