Hi!
How can i calculate DigestValue for Reference to signature ( ...
uri="#signatureId" ...)?
I try this code:

xmlElement - signature from xml file;
SignedXml signature = new SignedXml();
signature.LoadXml((XmlElement)xmlElement);
Transform t = new
System.Security.Cryptography.Xml.XmlDsigC14NTransf orm();
XmlDocument doc = new XmlDocument();
doc.PreserveWhitespace = true;
doc.LoadXml(signature.GetXml().OuterXml);
System.IO.Stream s = null;
t.LoadInput(doc);
SHA1 sha1 = SHA1.Create();
byte[] digestValue = t.GetDigestedOutput(sha1);
MessageBox.Show(Convert.ToBase64String(digestValue ));

Calculated digestValue is not the same, which is in reference
digestValue in countersignature after signing.
Can anyone help me calculate this digestValue?
Iguana

On Mar 22, 2:32 pm, "Iguana" <szewcz... (AT) zetokatowice (DOT) pl> wrote:
Hi,
are you verifying signature created with .Net or with some other
framework?
the reason I'm asking is that .Net XmlDsigC14NTransform class is not
conformant.
If signature was created with .Net (same version), then you should not
have any problems, however
if this is other thirdparty library that creates signature, then you
may have problems.
According to spec. all whitespaces, significant or not, must be
preserved during serialization.
All open source or Java implementations of XML signatures follows this
rule and preserve all witespaces.
However .Net XmlDsigC14Transform never preservers insignificant
whitespaces, because no Microsoft
XML API reports insignificant whitespaces to the XML processors.
It is easy to check if you are experiencing this problem. Check if
input contains insignificant
whitespaces, and if it does, then it probably it.

-Valery.

On Mar 27, 12:31 pm, "Valery Pryamikov" <val... (AT) harper (DOT) no> wrote:
Another problem with your code could be the use of OuterXml in case if
it also returns xml header (ie. <?xml version...).
In that case you'll have problems verifying signature created anywhere
- you are trying to verify hash of child node and that can never
contain xml header which is only alllowed to be placed before
rootElement.

-Valery.

Hi!
I have create signatures with csharp (vc 2005) and net 2.0.
I think preserwe white spaces is not a problem in my code - this works
fine (with my code I verify signature have generated in java -
verification works good).
What I do exacly in my code:
read from xml document all tag <Signature ... </Signature> and put
this to new XmlDocument.

// get signature to countersign
XmlNodeList signs =
existingXmlDocument.GetElementsByTagName("Signatur e",
SignedXml.XmlDsigNamespaceUrl);
XmlElement el = signs[0]; // in my test code I have only one signature
to countersign
SignedXml sig = new SignedXml();
sig.LoadXml((XmlElement)el);

XmlDocument doc = new XmlDocument(); //new empty xmlDocument - without
header and any attributes
doc.PreserveWhitespace = true;

// load obj - sognature to countersign to new created XmlDocument
System.Security.Cryptography.Xml.DataObject obj = new
System.Security.Cryptography.Xml.DataObject();

obj.LoadXml(sig.GetXml());
doc.LoadXml(obj.GetXml().OuterXml); // this load to new created
XmlDocument signature xml text

Transform t1 = new
System.Security.Cryptography.Xml.XmlDsigC14NTransf orm(); // my
reference have not transforms - only SignedINfo have connonicalization
transform
t1.LoadInput(doc);
System.IO.Stream s1 = (System.IO.Stream)t1.GetOutput();

// calculate hash after transform
SHA1 sha1 = SHA1.Create();
MessageBox.Show(string.Format("{0}",
Convert.ToBase64String(sha1.ComputeHash(s1))));

This is my first test
After fall, I add new transform:

Transform t2 = (Transform)CryptoConfig.CreateFromName("http://
www.w3.org/2001/10/xml-exc-c14n#WithComments");
t2.LoadInput(t1); // transform on transformed signature
System.IO.Stream s2 = (System.IO.Stream)t2.GetOutput();

MessageBox.Show(string.Format("{0}",
Convert.ToBase64String(sha1.ComputeHash(s2))));

This is what i do.
DigestValue is wrong (in code with two transformation - I have
DigestValue on t1 and t2 the same always!)
I have no more idea... but must calculate this DigestValue before i
call SignedXml.ComputeSignature and show DigestValue to my application
user.
Any other idea?
Iguana

On Mar 27, 12:31 pm, "Iguana" <szewcz... (AT) zetokatowice (DOT) pl> wrote:
As i told you in one of my prev. letters - check what you get from
OuterXml. It will most probably give you xml header as well.

-Valery