signedXml.CheckSignature always returns false


I am struggling with getting this encryption decryption to work right. I am using this class provided by Wolfwyrd and this instructions.

Below is the code:

RSACryptoServiceProvider rsaKey = EncryptionUtils.GetRSAFromSnkFile(@"c\:a.snk");

XmlDocument xmlDoc = new XmlDocument();
xmlDoc.PreserveWhitespace = true;
xmlDoc.LoadXml("<foo />");

SignXml(xmlDoc, rsaKey); //

bool result = VerifyXml(xmlDoc, rsaKey); //

System.Diagnostics.Debug.Write(result); //false

returns false. Note, I used the same snk file, and its the same encrypted xml document I am trying to verify, why is it returning false? What am I missing?

By : FutureGuy


Thank you both for your reply. I ended up just creating a private/public key pair and using that to sign the document, the public key going with the application. If I had seen this early enough I might have used it, but I am sure someone else will find it useful. Thanks again.

By : FutureGuy

Good spot, left over cruft from the project I pulled it from. Library has been updated.

By : Wolfwyrd

Try changing the implementation of GetRSAFromSnkBytes(byte[]) in Wolfwyrd's code to:

private static RSACryptoServiceProvider GetRSAFromSnkBytes(byte[] snkBytes)
  if (snkBytes == null)
    throw new ArgumentNullException("snkBytes");

  RSAParameters param = GetRSAParameters(snkBytes);

  RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
  return rsa;

I don't really understand why he first generates a key and then imports the snk-key into the container instead of just starting out with an empty key container.

You might also consider just using .NET to generate your key instead of bothering with the snk-format.

If you change the first line in your example to

RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(1024);

your code will also work fine (and you can serialize the resulting key yourself).

This video can help you solving your question :)
By: admin