SignedXML #2

Hello,
I'm trying to create signed XML document with SignedXml class. As a
SigningKey I'd like to use key pair obtained from user certificate
stored in current user certificate store. I'm using WSE 2 SP 2 to get
certificate, but when I'm invoking ComputeSignature() method of
SignedXML instance I recive the following exception:

"An unhandled exception of type 'System.NotSupportedException'
occurred in microsoft.web.services2.dll

Additional information: DecryptValue"

I'd also like to mention, that when I try to export key's parameters I
recive the following exception:
"An unhandled exception of type 'System.NotSupportedException'
occurred in microsoft.web.services2.dll

Additional information: Export of private parameters is not supported"

User certificate was created with Windows 2003 Enterprice Edition's
CertSrv.
I've tryed to create certificate with and without checked "Mark keys
as exportable" and the result is the same.

What can be wrong?

Here is code listing:

// Create example data to sign.
XmlDocument document = new XmlDocument();
XmlNode  node = document.CreateNodeXmlNodeType.Element, "",
"MyElement", "samples");

node.InnerText = "This is some text";
document.AppendChild(node);

// Get user certificate
X509CertificateStore store = new
X509CertificateStore(X509CertificateStore.StoreProvider.System,
X509CertificateStore.StoreLocation.CurrentUser, 
X509CertificateStore.MyStore);

store.Open();
X509Certificate xCert = store.Certificates[0];
store.Close();

// Create the SignedXml message.
SignedXml signedXml = new SignedXml();
RSA key = xCert.Key;
//RSA key = RSA.Create();
//key.ImportParameters(xCert.Key.ExportParameters(true));
signedXml.SigningKey = key;

// Create a data object to hold the data to sign.
DataObject dataObject = new DataObject();
dataObject.Data = document.ChildNodes;
dataObject.Id = "MyObjectId";

// Add the data object to the signature.
signedXml.AddObject(dataObject);
 
// Create a reference to be able to package everything into the
// message.
Reference reference = new Reference();
reference.Uri = "#MyObjectId";
 
// Add it to the message.
signedXml.AddReference(reference);

// Add a KeyInfo.
KeyInfo keyInfo = new KeyInfo();
keyInfo.AddClause(new RSAKeyValue(key));
signedXml.KeyInfo = keyInfo;

// Compute the signature.
signedXml.ComputeSignature();


Thanks for your replay - Karol.
0
revir (2)
2/10/2005 3:11:16 PM
dotnet.xml 7266 articles. 0 followers. Follow

4 Replies
842 Views

Similar Articles

[PageSpeed] 57

Karol,
I can see either one of the two issues

1. Your private Key is not part of the certificate

2. If you still believe that, the private key is present as part of the 
certificate, try using Microsoft.Web.Services.Security.X509.X509Certificate 
object for retrieving the Certificate from the store by using 
(X509CertificateStore available in the same package).I was able to implement 
it without any problem using this class and was having some issues with the 
WSE2 classes

X509Certificate.Key will give u the private key

Hope it helps
Thanks
Raj



"Karol" wrote:

> Hello,
> I'm trying to create signed XML document with SignedXml class. As a
> SigningKey I'd like to use key pair obtained from user certificate
> stored in current user certificate store. I'm using WSE 2 SP 2 to get
> certificate, but when I'm invoking ComputeSignature() method of
> SignedXML instance I recive the following exception:
> 
> "An unhandled exception of type 'System.NotSupportedException'
> occurred in microsoft.web.services2.dll
> 
> Additional information: DecryptValue"
> 
> I'd also like to mention, that when I try to export key's parameters I
> recive the following exception:
> "An unhandled exception of type 'System.NotSupportedException'
> occurred in microsoft.web.services2.dll
> 
> Additional information: Export of private parameters is not supported"
> 
> User certificate was created with Windows 2003 Enterprice Edition's
> CertSrv.
> I've tryed to create certificate with and without checked "Mark keys
> as exportable" and the result is the same.
> 
> What can be wrong?
> 
> Here is code listing:
> 
> // Create example data to sign.
> XmlDocument document = new XmlDocument();
> XmlNode  node = document.CreateNodeXmlNodeType.Element, "",
> "MyElement", "samples");
> 
> node.InnerText = "This is some text";
> document.AppendChild(node);
> 
> // Get user certificate
> X509CertificateStore store = new
> X509CertificateStore(X509CertificateStore.StoreProvider.System,
> X509CertificateStore.StoreLocation.CurrentUser, 
> X509CertificateStore.MyStore);
> 
> store.Open();
> X509Certificate xCert = store.Certificates[0];
> store.Close();
> 
> // Create the SignedXml message.
> SignedXml signedXml = new SignedXml();
> RSA key = xCert.Key;
> //RSA key = RSA.Create();
> //key.ImportParameters(xCert.Key.ExportParameters(true));
> signedXml.SigningKey = key;
> 
> // Create a data object to hold the data to sign.
> DataObject dataObject = new DataObject();
> dataObject.Data = document.ChildNodes;
> dataObject.Id = "MyObjectId";
> 
> // Add the data object to the signature.
> signedXml.AddObject(dataObject);
>  
> // Create a reference to be able to package everything into the
> // message.
> Reference reference = new Reference();
> reference.Uri = "#MyObjectId";
>  
> // Add it to the message.
> signedXml.AddReference(reference);
> 
> // Add a KeyInfo.
> KeyInfo keyInfo = new KeyInfo();
> keyInfo.AddClause(new RSAKeyValue(key));
> signedXml.KeyInfo = keyInfo;
> 
> // Compute the signature.
> signedXml.ComputeSignature();
> 
> 
> Thanks for your replay - Karol.
> 
0
Raj (124)
2/10/2005 4:05:06 PM
If your using WSE, why are you also using SignedXML?  You could instead just
sign the soap body with your token and WSE handles all that.  Unless I miss
something (which is likely.)

-- 
William Stacey, MVP
http://mvp.support.microsoft.com

"Karol" <revir@tlen.pl> wrote in message
news:c81dd2b5.0502100711.5d40ec5@posting.google.com...
> Hello,
> I'm trying to create signed XML document with SignedXml class. As a
> SigningKey I'd like to use key pair obtained from user certificate
> stored in current user certificate store. I'm using WSE 2 SP 2 to get
> certificate, but when I'm invoking ComputeSignature() method of
> SignedXML instance I recive the following exception:
>
> "An unhandled exception of type 'System.NotSupportedException'
> occurred in microsoft.web.services2.dll
>
> Additional information: DecryptValue"
>
> I'd also like to mention, that when I try to export key's parameters I
> recive the following exception:
> "An unhandled exception of type 'System.NotSupportedException'
> occurred in microsoft.web.services2.dll
>
> Additional information: Export of private parameters is not supported"
>
> User certificate was created with Windows 2003 Enterprice Edition's
> CertSrv.
> I've tryed to create certificate with and without checked "Mark keys
> as exportable" and the result is the same.
>
> What can be wrong?
>
> Here is code listing:
>
> // Create example data to sign.
> XmlDocument document = new XmlDocument();
> XmlNode  node = document.CreateNodeXmlNodeType.Element, "",
> "MyElement", "samples");
>
> node.InnerText = "This is some text";
> document.AppendChild(node);
>
> // Get user certificate
> X509CertificateStore store = new
> X509CertificateStore(X509CertificateStore.StoreProvider.System,
> X509CertificateStore.StoreLocation.CurrentUser,
> X509CertificateStore.MyStore);
>
> store.Open();
> X509Certificate xCert = store.Certificates[0];
> store.Close();
>
> // Create the SignedXml message.
> SignedXml signedXml = new SignedXml();
> RSA key = xCert.Key;
> //RSA key = RSA.Create();
> //key.ImportParameters(xCert.Key.ExportParameters(true));
> signedXml.SigningKey = key;
>
> // Create a data object to hold the data to sign.
> DataObject dataObject = new DataObject();
> dataObject.Data = document.ChildNodes;
> dataObject.Id = "MyObjectId";
>
> // Add the data object to the signature.
> signedXml.AddObject(dataObject);
>
> // Create a reference to be able to package everything into the
> // message.
> Reference reference = new Reference();
> reference.Uri = "#MyObjectId";
>
> // Add it to the message.
> signedXml.AddReference(reference);
>
> // Add a KeyInfo.
> KeyInfo keyInfo = new KeyInfo();
> keyInfo.AddClause(new RSAKeyValue(key));
> signedXml.KeyInfo = keyInfo;
>
> // Compute the signature.
> signedXml.ComputeSignature();
>
>
> Thanks for your replay - Karol.

0
2/10/2005 4:30:46 PM
Raj <Raj@discussions.microsoft.com> wrote in message news:<BA4401AB-8327-4701-B1B3-517A415D6BF7@microsoft.com>...
> Karol,
> I can see either one of the two issues
> 
> 1. Your private Key is not part of the certificate
> 
> 2. If you still believe that, the private key is present as part of the 
> certificate, try using Microsoft.Web.Services.Security.X509.X509Certificate 
> object for retrieving the Certificate from the store by using 
> (X509CertificateStore available in the same package).I was able to implement 
> it without any problem using this class and was having some issues with the 
> WSE2 classes
> 
> X509Certificate.Key will give u the private key

Thanks Raj,
Retriving Certificate and it's Key with WSE 1.0 solved the problem :)

--
Best regards,
Karol
0
revir (2)
2/11/2005 8:59:01 AM
> 
> Thanks Raj,
> Retriving Certificate and it's Key with WSE 1.0 solved the problem
> :)
> 
> --
> Best regards,
> Karol [/B] 

Karol Hi !!

Could you post some sample code of the corrected and working solution
??

I'm dealing wit the same problem at this moment.

Thank you very much.

El Bruno



--
ElBruno
------------------------------------------------------------------------
Posted via http://www.mcse.ms
------------------------------------------------------------------------
View this thread: http://www.mcse.ms/message1415408.html
 
0
5/24/2005 8:18:42 AM
Reply:

Similar Artilces:

Money2003 #2
I have Money 2003 which I have loaded into my new computer with Windows 7. It works but I fear that it might not work with future windows. I wanted to upgrade to a current Money but apparently you are getting out of this product. I love the program but don't want to lose my files. What would you suggest. Stay where you are. Crucially Money 2003 does not 'report home', whereas newer versions must report home - and that is bad news. It will be a long time yet before PCs are made that will not run 32bit programs. Teabag "Tom" <Tom@discussions.microsoft....

when i write in cell 2-2 or 1-2 whatever it is change to date whi.
Whenever i enter 2-1 or 3-1 etc into a cell, Excel automatically changes it to a date, which i don't want to change to date i want it as 2-2 or 2-1wahtever .when i simply want to display 2-1 etc. However if i change the formatting in that cell back to general, it interprets that as a 5 digit number, e.g. 38408. How do i turn this auto-edit feature off? Format the cell as text before you enter the data. Or precede the data with a single quote; it will not show but it will cause the data to be interpreted as text. -- Kind Regards, Niek Otten Microsoft MVP - Excel "haniht&qu...

NSF Charges #2
Hello all, we use multi currency and have customers in the US and Canada. US pays in dollars while Canadians pay in Canadian dollars. Our friends north of the border bounce checks just like Americans, but NSF functionality appears to only do US dollars for the generated debit memo. The worst part is that GP automatically posts that debit memo. So... Is there a way to setup GP so that the currency for an NSF debit memo is based on the customer? Barring that, is there a way to stop GP from posting the debit memo so it can be manually adjusted? I am thinking the answer to both is no, ...

Please help with formula #2
It has been a long time since I've needed to write for help, but I need it now. I had a friend come to me for help with a spreadsheet he's creating for the food service company he works for. While I taught advanced Excel in college, that was four years ago, and I don't recall this particular issue. The first worksheet is a payment summary sheet. Next, there are sheets for (invoices) for each organization the food service company deals with. On each invoice sheet, there are cells which identify information common to each of these company sheets. All of the invoice sheets are t...

Date Conversion Help Wanted #2
Worked like a charm. It is exactley what I wanted. Thanks carlton -- carlton ----------------------------------------------------------------------- carltonb's Profile: http://www.excelforum.com/member.php?action=getinfo&userid=1618 View this thread: http://www.excelforum.com/showthread.php?threadid=27611 On Mon, 8 Nov 2004 18:06:00 -0600, carltonb <carltonb.1ffg6n@excelforum-nospam.com> wrote: > >Worked like a charm. It is exactley what I wanted. > >Thanks >carltonb You're welcome. Thank you for the feedback. --ron ...

PLEASE HELP #2
Can someone please tell me why my images in my publishers files are not showing? It is showing a X in the image box instead of the image. Please help. Please reply to my email address zidnasz@adelphia.net Thank You On the toolbar, view, pictures, tick detailed display -- Mary Sauer MS MVP http://office.microsoft.com/clipart/ http://www.mvps.org/msauer/getting_started.htm news://msnews.microsoft.com "Sandi" <zidnasz@adelphia.net> wrote in message news:022701c3d17b$7cb9f490$a501280a@phx.gbl... > Can someone please tell me why my images in my publishers > files are n...

Macros between 2 MS (or other) Applications
My problem might sound simple enough, but I can't figure out how to d it. Is it possible to have a macro in Excel that goes to anothe application (possible MS Word or a different program), copy informatio that is currently on screen and paste it in the next empty cell i column A? Also, is anyone familiar with a program called Vista? I really need t construct a macro that interacts between Vista and Excel (pulls info of the vista screen and puts it into excel) -- Message posted from http://www.ExcelForum.com Moe - There are a few places you can look for information on automating one ...

Shared 2007 Workbook, 3MB, 15 users, locks up after 2-3 hours of u
I) Scenario: A 3Mb Excel 2007 workbook with a single tab sheet is shared between 10 to 15 users who make changes to unprotected cells only and save regularly after every change is made. Each user makes about 100 to 200 saved changed over an 8 hour shift and a time span of 2-3 weeks. Networked PCs have 2GB RAM with users accessing 3 to 5 other programs besides Excel (Outlook, Acrobat, LPS, Company Intranet site, Internet sites,...) II) Issue/symptoms: a. everything works smoothly for 1 hour or 2, then some users start to get the message that the sheet is locked and they need t...

bitmap problem #2
Hi all, I am new to MFC programming can some body explain how to use a bitmap (.BMP file) in a dialog box as a static control. I got little piece of information from a broken link that, The bitmap is defined in the .RC file as BITMAP_NAME BITMAP DISCARDABLE "filename.bmp" and used in dialog as CONTROL "BITMAP_NAME",IDC_STATIC,"Static",SS_BITMAP,12,11,21,20. Can some body explain steps to add a BMP (to dialog box as static control) to a MFC skeleton Thanks in Advance, SeemaRao. Just attach bitmap hanbdle to Control Variable CStatic::SetBitmap() You can d...

XmlDsigC14NTransform signedXml.ComputeSignature()
1. signedXml.ComputeSignature() outputs a digest value of something. what is it? I mean, how can i get it? I get the canonical form of my xml with XmlDsigC14NTransform then digest it but the digest value is different. 2.signedXml.ComputeSignature() uses XmlDsigC14NTransform. But how? What are the parameters? I also need to obtain canonicalized XML in C14N format, but I haven't discovered how to do it. When I compare the DigestValue gen'd by ComputeSignature and my own DigestValue gen'd using ComputeHash, I get different values, but only when namespaces are involved. "Lemba...

No Attachments #2
How is it that I can receive a contact card that someone forwards me but the fella 2 doors down from me gets the same message, becuase he was CC: on it, but no attachments show-up??? There could be a lot of reasons. Perhaps the sender's e-mail program is set up to send attachments to only those in the To: field, but not the CC: field (note: Outlook can't do this). Or, perhaps the sender is using Outlook and sent the message in Rich Text format, and you're using Outlook which can read Rich Text but your neighbor is using a different program which doesn't recognize Outlook...

rules for 2 accounts #2
We're running Outlook 2002 on Exchange 2003. I need to check both my and webmster's email. Ideally, I want to create 2 server-side filters (so they are filtered when i open outlook): 1. Filter all email if the sender is not on my address book. 2. Filter email if it's BCC'd (since a lot of email comes that way. Then I want the rules to apply both my and webmaster's inboxes, and put the email in their respective Junk mail folders. However, this is what it's doing: Makes the rules client-side, so when I open outlook, my emails are not filtered (incoming email is,...

Recieving Domain.2 sending Domain.1
I have currently set up my Exchange 2003 server for 2 companies receiving 2 domain names everything is working fine except the users of domain name.2 are sending their e-mail out as user@domainname.1 how do I correct this so that they send out user@domainname.2? Thank you for your time On Fri, 29 Jul 2005 06:26:06 -0700, LaOVis <LaOVis@discussions.microsoft.com> wrote: >I have currently set up my Exchange 2003 server for 2 companies receiving 2 >domain names everything is working fine except the users of domain name.2 are >sending their e-mail out as user@domainname.1...

Illegal Operation #2
Everytime I send an email message, I get an illegal operation notice. This also happens when I delete emails. The following are examples of the details of the illegal operations. Does anyone know what I can do to correct this? OUTLOOK executed an invalid instruction in module <unknown> at 0000:00ff705e. Registers: EAX=00000000 CS=017f EIP=00ff705e EFLGS=00010297 EBX=00ff686c SS=0187 ESP=0056f1e0 EBP=0056f21c ECX=00ff686c DS=0187 ESI=0056f210 FS=22e7 EDX=00000000 ES=0187 EDI=00ff705c GS=0000 Bytes at CS:EIP: 8e 30 00 00 00 00 f4 68 ff 00 62 01 00 00 33 00 Stack dump: 00ff705c 00f...

Edit message in MS Outlook #2
Hi Does anyone know anything about this.... User can edit any message in his/her Outlook and then save it without anyone know that the message was changed. Is there any mechanism build in Outlook that I can verify if message was changed in any way? Regards, Miha "Miha" <miha.bernik@email.si> wrote in message news:306FC30B-CA41-4CAB-A2A3-6F11E9E1EA36@microsoft.com... > Hi > > Does anyone know anything about this.... User can edit any message in > his/her Outlook and then save it without anyone know that the message was > changed. Is there any mechanism b...

VS2005... #2
Stupid question maybe - does VS2005 have full mfc capabilities? If I'm comfortable with VC++ 6.0 will there be any changes I have to make in the way I write code (unmanaged that is)? Also, is it possible to use C++ .dll's for web applications? Or anything written in VC++ for that matter? ...

Test Message #2
This is a test message asked for by Microsoft to see if my account is working. Thanks, nick Sorry we can not see it. mt "Nick @ REAL" <NickREAL@discussions.microsoft.com> wrote in message news:AE718712-7481-4764-8241-BD5F7452E14C@microsoft.com... > This is a test message asked for by Microsoft to see if my account is > working. > > Thanks, > nick ...

Shortcuts #2
I have a PC running Windows 98 and Excel 2000. When I am in Excel and use File - Open and opint to a file it opent it as is should. But If I create a shortcut to the file or use Windows explorer to navigate to the file then double click on it, Excel opens, but then gives me an error message saying that it can't find the file and that the path must be wrong. Why is this happening? The file is fine, since I can open it from within Excel. Hi try the following: goto 'Tools-Options-General " and uncheck "Ignore other Applications" Exit Excel and try again If this d...

Help with macro code #2
I have a simple command button macro to hide a work sheet page. Is ther a way to keep the sheet from being hidden if there is a value in boxe e.g �g13,o13,g24,o24� then open a msgbox �sheet in use�. Thanks fo any help with this Private Sub CommandButton5_Click() Application.ScreenUpdating = False Sheets("Sun Misc Log").Visible = False Application.ScreenUpdating = True End Su -- Db171 ----------------------------------------------------------------------- Db1712's Profile: http://www.excelforum.com/member.php?action=getinfo&userid=1591 View this thread: http://www.excelfo...

lost password #2
Is there anyway possible to find my password for Outlook Express account , it's impossible to sign on with it Hi - This is a group to support Outlook from the Office group of programs. Outlook Express is a part of Internet Explorer and is a quite different program, despite its similar name.. You will probably get a faster and more expert answer if you post this to an Outlook Express news group. Try posting in one of these newsgroups: microsoft.public.windows.inetexplorer.ie5.outlookexpress for OE 5.x microsoft.public.windows.inetexplorer.ie55.outlookexpress for OE 5.5x microsoft.publ...

list box, combo box hyperlinks #2
That's alot of code for a hyperlink! I'm assuming that this is for control box listbox linked to cell E1. I keep getting the syntax error I don't think I'm inserting the web address in the right location? Ca you help -- P-C-Surgeo ----------------------------------------------------------------------- P-C-Surgeon's Profile: http://www.excelforum.com/member.php?action=getinfo&userid=1477 View this thread: http://www.excelforum.com/showthread.php?threadid=26473 ...

Printing #2
We use different version of MS Word in our office. We drafted most of our form letters back in 95 and in 98. We have some saved as templates, some are locked and some are set to publish and subscribe. We are having a great deal of trouble printing MS Word documents consistantly. It's like the Printer/Monitor doesn't even know a docs is being sent and it never gets sent forward. ...

2 validators 2 different results
Hi, I have a simple XML document validated with a very complex DTD (it's formed by 7 files). If I validate this document with XML Spy it's well formed and valid. If I validate it with MSDOM or with .NET ValidatingReader I have this error message: "> is an invalid attribute, 223 position1" The XML document I try to validate has 20 lines, so the problem is the DTD. But in which file of the DTD the problem is? I would very much appreciate any help you can give me. Fede ...

IF THEN #2
Hi all, Can an IF statement be written referencing a text value? My situation is this I have created a list with different text values. I would like the statement to check for these values in the list cell THEN once the criteria are met apply the rest of the formula. If somebody knows a different way to do this I will take any suggestions. Thanks, Eric H eric@innerlith.com Wrote: > Hi all, > > Can an IF statement be written referencing a text value? My situation > is this I have created a list with different text values. I woul > like > the statement to check for...

stupid question #2
i have a spreadsheet that the last person working on it put last name and first name in the same cell i would like it to have a last name column and a first name column. is it possible to split the contents with out having to retype it all. P.S. there are over 1000 entries ;O) Select the cells with names in and then:- data|text to columns and use the wizard Mike "Kimberly" wrote: > i have a spreadsheet that the last person working on it put last name and > first name in the same cell i would like it to have a last name column and a > first name column. > is it p...