469,928 Members | 1,862 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,928 developers. It's quick & easy.

Digital Signature

11
We are developing a PKI Web application using Microsoft Visual Studio.Net 2003(ASP.net-C#) integrated with WSE 1.0 and IIS. We use Windows 2003 Server for user management through Active directory and to issue X.509 certificates for the client.

We use ActiveX to get client's certificate details and to create the XML the digital signature using senders private key.

What i want yo know is to sign the document not only using senders private key as well as from receivers public key.Then only specifis receiver can veiw the document.
It is difficult to get the receiver's public key.How can i do it?
i attached some code below.
Hope u'l help me with this.

Thanku you.
Hirannya

to sign the document we use

Microsoft.Web.Services.Security.X509.X509Certifica te Cert=Store.Certificates[0];
RSA key =Cert.Key;
if(SignXmlFile(_Path+@"\"+_TEFNo+".xml", key))
{blnSigned=true;
}

in SignXmlFile method we use ComputeSignature.

// Create a SignedXml object.
System.Security.Cryptography.Xml.SignedXml signedXml = new System.Security.Cryptography.Xml.SignedXml(doc);
// Add the key to the SignedXml document.
signedXml.SigningKey = Key;
// Create and append the data object
System.Security.Cryptography.Xml.DataObject dataObject = new System.Security.Cryptography.Xml.DataObject();
dataObject.Data = doc.ChildNodes;
//dataObject.Data = c.ChildNodes;
dataObject.Id = "SignVerify";
System.Security.Cryptography.Xml.Reference reference = new System.Security.Cryptography.Xml.Reference();
reference.Uri ="";

XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();

reference.AddTransform(env);
signedXml.AddReference(reference);

// Create a new KeyInfo object.
KeyInfo keyInfo = new KeyInfo();
keyInfo.AddClause( new RSAKeyValue(Key) );

signedXml.KeyInfo=keyInfo;
signedXml.AddObject(dataObject);
// Compute the signature.
signedXml.ComputeSignature();
Dec 19 '06 #1
1 1137
(a) It might not be a bad idea to work with WSE as high as 3.0.


(b) Maybe you want to encrypt the xml instead of signing it?
I might be wrong, but I think it works roughly like this:

If you sign with your private key, everyone can use your public key to check that the document comes from you (by verifying the signature).

If you encrypt a document with someone's public key, that person would be "the only one" to be able to read it.


(c) If you want to add some extra information about the key into the signature, you can use the keyInfo.AddClause() method.

You can take a look at my sample code on signing xml with WSE 3.0, too.
Mar 12 '08 #2

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

3 posts views Thread by Kim H Madsen | last post: by
5 posts views Thread by John Campbell | last post: by
reply views Thread by CLarkou | last post: by
1 post views Thread by claudia_usa | last post: by
reply views Thread by Geagleeye | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.