Verifying Signed Xml Generated From Java In NET

Question

I have the below XML,

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<Response xmlns="http://www.site.ae/g">
  <Message xml:id="message">
    <Header>
      <Service>Read</Service>
      <Action>SomeAction</Action>
    </Header>
    <Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="SomeDataType">
      <Status>Success</Status>
      <Data>
        <Id>123</Id>
      </Data>
    </Body>
  </Message>
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
    <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
      <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
      <Reference URI="#message">
        <Transforms>
          <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
        </Transforms>
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <DigestValue>SomeValue</DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>
      SomeValue
    </SignatureValue>
    <KeyInfo>
      <X509Data>
        <X509Certificate>
          SomeValue
        </X509Certificate>
      </X509Data>
    </KeyInfo>
  </Signature>
</Response>

The above XML genereted from a java application. The java application team provided us 3 certificate to verify the above xml. I have created 3 objects in C#,

var clientCert = new X509Certificate2("clientCert.cer");
var intermediateCert = new X509Certificate2("intermediateCert.cer");
var rootCert = new X509Certificate2("rootCert.cer");

One is root, second one is intermediate and third one is certificate. I have created the below code,

var xmlDoc = new XmlDocument();
xmlDoc.PreserveWhitespace = true;
xmlDoc.Load("above.xml");
bool result = VerifyXml(xmlDoc, clientCert);

    private static Boolean VerifyXml(XmlDocument Doc, X509Certificate2 Key)
    {
        // Create a new SignedXml object and pass it
        // the XML document class.
        var signedXml = new System.Security.Cryptography.Xml.SignedXml(Doc);

        // Find the "Signature" node and create a new XmlNodeList object.
        XmlNodeList nodeList = Doc.GetElementsByTagName("Signature");

        // Throw an exception if no signature was found.
        if (nodeList.Count <= 0)
        {
            throw new CryptographicException("Verification failed: No Signature was found in the document.");
        }

        // Though it is possible to have multiple signatures on 
        // an XML document, this app only supports one signature for
        // the entire XML document.  Throw an exception 
        // if more than one signature was found.
        if (nodeList.Count >= 2)
        {
            throw new CryptographicException("Verification failed: More that one signature was found for the document.");
        }

        // Load the first <signature> node.  
        signedXml.LoadXml((XmlElement)nodeList[0]);

        // Check the signature and return the result.
        return signedXml.CheckSignature(Key, true);
    }

But the above code result is always return false. Is there is something I am missing? Is .NET support verifying the xml generated from java?

Got Answer from Verify SignatureValue And DigestValue Using Sha256 RSA

Can you verify the signature is valid with Java? Is the certificate and it's chain trusted? — Daniel Fisher lennybacon, May 03 '21 at 13:09
@DanielFisherlennybacon I got the answer at https://stackoverflow.com/questions/67357230/verify-signaturevalue-and-digestvalue-using-sha256-rsa Thanks — Imran Qadir Baksh - Baloch, May 03 '21 at 13:25

Verifying Signed Xml Generated From Java In NET

0 Answers0