Validate XML Signature

Posted by Rohan Khanna on 30-Nov-2016 07:42

Hi,

I am trying to validate incoming XML signature to check the integrity of the message. Following is the example of XML Signature which contains the information of algorithms in transformation tags, applied to content (before applying Hash method) mentioned in Reference URI tag. After transformation, hashing will be done on the transformed content to create signature value using public key(certificate).

<ds:Signature xmlns:ds="www.w3.org/.../xmldsig

<ds:SignedInfo>

<ds:CanonicalizationMethod Algorithm="www.w3.org/.../xml-exc-c14n

<ds:SignatureMethod Algorithm="www.w3.org/.../xmldsig

<ds:Reference URI="#pfx3f1d777f-1644-ad18-6a15-68af4ed0a9a1">

<ds:Transforms>

<ds:Transform Algorithm="www.w3.org/.../xmldsig

<ds:Transform Algorithm="www.w3.org/.../xml-exc-c14n

</ds:Transforms>

<ds:DigestMethod Algorithm="www.w3.org/.../xmldsig

<ds:DigestValue>DigestValue</ds:DigestValue>

</ds:Reference>

</ds:SignedInfo>

<ds:SignatureValue>SignatureValue</ds:SignatureValue>

<ds:KeyInfo>

<ds:X509Data>

<ds:X509Certificate>Certificate</ds:X509Certificate>

</ds:X509Data>

</ds:KeyInfo>

</ds:Signature>

I am unable to apply algorithms for Canonicalization method and transformation (enveloped-signature, xml-exc-c14n#") on content. Is there any way to apply transformations in OpenEdge?

Or is there any other way available to validate the signature in OpenEdge?

OE version 11.4

Thanks in advance.

Rohan K.

All Replies

Posted by ntwatkins on 30-Nov-2016 16:48

OpenEdge does not, to my knowledge, have any Canonicalization type capabilities baked into the language.  You do not indicate what platform you are running.  If you are running Windows, you may be able to implement this using a .Net class.  If you are running something else, you may be able to do something in a language like Python or Java to do the canonicalization.

Sorry, I know this does not really help you.

Thanks

Nick

This thread is closed