HighTechTalks DotNet Forums  

Support for XPath Filter 2.0 Transform? (Xml Digital Signatures)

Go Back HighTechTalks DotNet Forums Dotnet Dotnet Security Support for XPath Filter 2.0 Transform? (Xml Digital Signatures)

Dotnet Security microsoft.public.dotnet.security


Discuss Support for XPath Filter 2.0 Transform? (Xml Digital Signatures) in the Dotnet Security forum.



Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old   
Tim Davis
 
Posts: n/a

Default Support for XPath Filter 2.0 Transform? (Xml Digital Signatures) - 09-18-2007 , 08:05 PM





Hello all,

I am working with Adobe LiveCycle Designer 8.1 to create forms that the user
will sign with their X.509 Certificate and submit electronically to a
generic .NET HTTP handler (ASHX). I have done some work in both creating and
verifying digital signatures, but I have run into an issue that I'm hoping
someone else has seen. Adobe's XML Digital Signatures seem to use the
XML-Signature XPath Filter 2.0
(http://www.w3.org/TR/2002/PR-xmldsig...Overview.html), but
there doesn't seem to be a corresponding .NET Framework class to support
this transform, and the SignedXml.LoadXml() call fails when I try to specify
an XML element containing a Transform with the Algorithm ID
"http://www.w3.org/2002/06/xmldsig-filter2".

Does anyone know where I can get a class that will support this
transformation, such that I can check Adobe-generated XML Digital
Signatures? It's also fine if someone knows a way to instruct Adobe not to
use this Transform when creating the Signature. Least desirable but also a
last-resort option is for someone to provide guidance on "rolling my own"
such Transform.

TIA,

Tim

Here's what I'm getting:

<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="datasignature_1">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#iddb88862c-6627-11dc-8d00-000c6e541685"
Type="http://www.w3.org/2000/09/xmldsig#SignatureProperties">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>CP/cXdv2OcTnq7bKaWOgOSR9N8g=</DigestValue>
</Reference>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2">
<XPath xmlns="http://www.w3.org/2002/06/xmldsig-filter2"
xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
Filter="intersect">here()/ancestor::dsig:Signature[1]/../../form1[1]//. |
here()/ancestor::dsig:Signature[1]/../../form1[1]//@* |
here()/ancestor::dsig:Signature[1]/../../form1[1]//namespace::*</XPath>
</Transform>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>IIiJsLFvk2HvWO+roUQwC0P/ODw=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>
..
..
..



Reply With Quote
Reply

« Previous Thread | Next Thread »



Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.


Contact Us - HighTechTalks DotNet Forums - Archive - Top