>The xmlsec output says that the Reference's digest was successfully >verified but after that the RSA signature verification for SignedInfo >element failed. There are only two options: the problem is in the key or >the problem is in the signed data. The 1023 keys size looks strange >and the first thing I would suggest you to try is to delete <KeyValue/> >child of <KeyInfo/> and see if this would make any difference.
I tried that and it fails with:
C:\work\xmlsec>xmlsec --verify --node-xpath //[EMAIL PROTECTED]'DepositorSignature'] --trus
ted-der sigov-ca.crt --print-debug pod1.xml
func=:file=..\src\openssl\x509.c:line=1203:obj=x509:subj=X509IssuerName:error=28
:node node found:node=X509SerialNumber
func=:file=..\src\openssl\x509.c:line=942:obj=x509:subj=X509IssuerSerial:error=1
:xmlsec library function failed:read node failed
func=:file=..\src\openssl\x509.c:line=674:obj=x509:subj=xmlSecOpenSSLX509DataNod
eRead:error=1:xmlsec library function failed:
func=:file=..\src\keyinfo.c:line=114:obj=x509:subj=xmlSecKeyDataXmlRead:error=1:
xmlsec library function failed:node=X509Data
func=:file=..\src\keys.c:line=968:obj=unknown:subj=xmlSecKeyInfoNodeRead:error=1
:xmlsec library function failed:node=KeyInfo
func=:file=..\src\xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key is no
t found:
func=:file=..\src\xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInf
oNode:error=1:xmlsec library function failed:
func=:file=..\src\xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProc
essNode:error=1:xmlsec library function failed:
Error: signature failed
ERROR
SignedInfo References (ok/all): 1/1
Manifests References (ok/all): 0/0
= VERIFICATION CONTEXT
Then I removed X509SerialNumber and X509SubjectName too (looks like a bug searching for X509Certificate) and it succeeds...
So it seems to be the attached public key that is problematic. Am I right?
C:\work\xmlsec>xmlsec --verify --node-xpath //[EMAIL PROTECTED]'DepositorSignature'] --trus
ted-der sigov-ca.crt --print-debug pod1.xml
OK
SignedInfo References (ok/all): 1/1
Manifests References (ok/all): 0/0
= VERIFICATION CONTEXT
== Status: succeeded
== flags: 0x00000000
== flags2: 0x00000000
== Id: "DepositorSignature"
== Key Info Read Ctx:
= KEY INFO READ CONTEXT
== flags: 0x00000000
== flags2: 0x00000000
== enabled key data: all
== RetrievalMethod level (cur/max): 0/1
== TRANSFORMS CTX (status=0)
== flags: 0x00000000
== flags2: 0x00000000
== enabled transforms: all
=== uri: NULL
=== uri xpointer expr: NULL
== EncryptedKey level (cur/max): 0/1
== Key Info Write Ctx:
= KEY INFO WRITE CONTEXT
== flags: 0x00000000
== flags2: 0x00000000
== enabled key data: all
== RetrievalMethod level (cur/max): 0/1
== TRANSFORMS CTX (status=0)
== flags: 0x00000000
== flags2: 0x00000000
== enabled transforms: all
=== uri: NULL
=== uri xpointer expr: NULL
== EncryptedKey level (cur/max): 0/1
== Signature Transform Ctx:
== TRANSFORMS CTX (status=2)
== flags: 0x00000000
== flags2: 0x00000000
== enabled transforms: all
=== uri: NULL
=== uri xpointer expr: NULL
=== Transform: c14n (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315)
=== Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1)
=== Transform: membuf-transform (href=NULL)
== Signature Method:
=== Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1)
== Signature Key:
== KEY
=== method: RSAKeyValue
=== key type: Public
=== key usage: 65535
=== key not valid before: 993184544
=== key not valid after: 1150952744
=== rsa key: size = 1024
=== list size: 1
=== X509 Data:
==== Key Certificate:
==== Subject Name: /C=si/O=state-institutions/OU=web-certificates/OU=Government/
CN=Mateja Mikek/serialNumber=1234623914016
==== Issuer Name: /C=si/O=state-institutions/OU=sigov-ca
==== Issuer Serial: 3A5C7C96
==== Certificate:
==== Subject Name: /C=si/O=state-institutions/OU=web-certificates/OU=Government/
CN=Mateja Mikek/serialNumber=1234623914016
==== Issuer Name: /C=si/O=state-institutions/OU=sigov-ca
==== Issuer Serial: 3A5C7C96
== SignedInfo References List:
=== list size: 1
= REFERENCE VERIFICATION CONTEXT
== Status: succeeded
== URI: ""
== Reference Transform Ctx:
== TRANSFORMS CTX (status=2)
== flags: 0x00000000
== flags2: 0x00000000
== enabled transforms: all
=== uri: NULL
=== uri xpointer expr: NULL
=== Transform: enveloped-signature (href=http://www.w3.org/2000/09/xmldsig#envel
oped-signature)
=== Transform: c14n (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315)
=== Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1)
=== Transform: membuf-transform (href=NULL)
== Digest Method:
=== Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1)
== Manifest References List:
=== list size: 0
>To verify that data are correct, you can use "--store-signature" option >in xmlsec. This would print out the data that xmlsec signs. IF you can >get same output from Ubisignature then you can compare it.
I haven't tried that.
I attached a reply from MS newsgroup if anyone is interested.
Regards, Mark
--- Begin Message ---Hi Mark,The signature is in fact valid. Unfortunately, support for X509 cerficiates in v1.1 and v1.0 of the framework is not very good. The good news is that we've put a lot of effort into X509 for v2.0 of the framework. I've just tried to verify your signature using v2.0, and it does work as expected. There is a technical preview of v2.0 available for MSDN subscribers (check out http://msdn.microsoft.com/vs2005). I would also recommend checking out the Web Service Extensions for v1.1 of the framework. These include better support for certificates. (You may have to use the extensions to get the key from your certificate manually, then pass that key to the signature verification method) -Shawn http://blogs.msdn.com/shawnfa -- This posting is provided "AS IS" with no warranties, and confers no rights. Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated. -------------------- >Date: Wed, 31 Mar 2004 10:28:53 +0200 >From: Marko Macek <[EMAIL PROTECTED]> >User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207) >X-Accept-Language: en-us, en >MIME-Version: 1.0 >Subject: problem verifying XML signature >Content-Type: multipart/mixed; > boundary="------------010309010308020706040304" >Message-ID: <[EMAIL PROTECTED]> >Newsgroups: microsoft.public.dotnet.security >NNTP-Posting-Host: external-7.hermes.si 213.253.102.145 >Lines: 1 >Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl >Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.security:5600 >X-Tomcat-NG: microsoft.public.dotnet.security > >Hello! > >I have a problem verifying a signature (attached xml) made with >Ubisignature. > >I have tried verifying the signature with Microsoft SignedXml class >(framework 1.1) and it dies like this: > >System.Security.Cryptography.CryptographicException: >Cryptographic service provider (CSP) for this implementation generated an >internal error while attempting to verify the signature. at >System.Security.Cryptography.RSACryptoServiceProvider.VerifyHash(Byte[] >rgbHash, String str, Byte[] rgbSignature) at >System.Security.Cryptography.RSAPKCS1SignatureDeformatter.VerifySignature(By >te[] rgbHash, Byte[] rgbSignature) at >System.Security.Cryptography.AsymmetricSignatureDeformatter.VerifySignature( >HashAlgorithm hash, Byte[] rgbSignature) at >System.Security.Cryptography.Xml.SignedXml.CheckSignature(AsymmetricAlgorith >m key) at >System.Security.Cryptography.Xml.SignedXml.CheckSignatureReturningKey(Asymme >tricAlgorithm& signingKey) at > > >I'm also tried to verify it using xmlsec (www.aleksey.com/xmlsec/). > >The of xmlsec output is: > >C:\work\xmlsec>xmlsec --verify --node-xpath >//[EMAIL PROTECTED]'DepositorSignature'] --trusted-der sigov-ca.crt --print-debug >podpis_mm3.xml = VERIFICATION CONTEXT >== Status: invalid >== flags: 0x00000000 >== flags2: 0x00000000 >== Id: "DepositorSignature" >== Key Info Read Ctx: >= KEY INFO READ CONTEXT >== flags: 0x00000000 >== flags2: 0x00000000 >== enabled key data: all >== RetrievalMethod level (cur/max): 0/1 >== TRANSFORMS CTX (status=0) >== flags: 0x00000000 >== flags2: 0x00000000 >== enabled transforms: all >=== uri: NULL >=== uri xpointer expr: NULL >== EncryptedKey level (cur/max): 0/1 >== Key Info Write Ctx: >= KEY INFO WRITE CONTEXT >== flags: 0x00000000 >== flags2: 0x00000000 >== enabled key data: all >== RetrievalMethod level (cur/max): 0/1 >== TRANSFORMS CTX (status=0) >== flags: 0x00000000 >== flags2: 0x00000000 >== enabled transforms: all >=== uri: NULL >=== uri xpointer expr: NULL >== EncryptedKey level (cur/max): 0/1 >== Signature Transform Ctx: >== TRANSFORMS CTX (status=2) >== flags: 0x00000000 >== flags2: 0x00000000 >== enabled transforms: all >=== uri: NULL >=== uri xpointer expr: NULL >=== Transform: c14n (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315) >=== Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1) >=== Transform: membuf-transform (href=NULL) >== Signature Method: >=== Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1) >== Signature Key: >== KEY >=== method: RSAKeyValue >=== key type: Public >=== key usage: 65535 >=== rsa key: size = 1023 >== SignedInfo References List: >=== list size: 1 >= REFERENCE VERIFICATION CONTEXT >== Status: succeeded >== URI: "" >== Reference Transform Ctx: >== TRANSFORMS CTX (status=2) >== flags: 0x00000000 >== flags2: 0x00000000 >== enabled transforms: all >=== uri: NULL >=== uri xpointer expr: NULL >=== Transform: enveloped-signature >(href=http://www.w3.org/2000/09/xmldsig#enveloped-signature) >=== Transform: c14n (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315) >=== Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1) >=== Transform: membuf-transform (href=NULL) >== Digest Method: >=== Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1) >== Manifest References List: >=== list size: 0 >func=:file=..\src\openssl\signatures.c:line=248:obj=rsa-sha1:subj=EVP_VerifyFinal:error=18:data > >do not match:signature do not match >FAIL >SignedInfo References (ok/all): 1/1 >Manifests References (ok/all): 0/0 >Error: failed to verify file "podpis_mm3.xml" >============================================================ > >One thing that I find odd is: > >=== rsa key: size = 1023 > >But Ubisignature and Java (apache) implementations verify the signature >as valid. > >Can anyone help? Is the signature valid or not? Where is the problem? > >The CA certificate is at http://www.sigov-ca.gov.si/sigov-ca.crt > >Thanks, >Mark > > > > > >
--- End Message ---
