signedXml.CheckSignature always returns false

Question!

I am struggling with getting this encryption decryption to work right. I am using this class provided by Wolfwyrd and this instructions.

Below is the code:

RSACryptoServiceProvider rsaKey = EncryptionUtils.GetRSAFromSnkFile(@"c\:a.snk");

XmlDocument xmlDoc = new XmlDocument();
xmlDoc.PreserveWhitespace = true;
xmlDoc.LoadXml("<foo />");

SignXml(xmlDoc, rsaKey); //http://msdn.microsoft.com/en-us/library/ms229745.aspx

bool result = VerifyXml(xmlDoc, rsaKey); //http://msdn.microsoft.com/en-us/library/ms229950.aspx

System.Diagnostics.Debug.Write(result); //false

returns false. Note, I used the same snk file, and its the same encrypted xml document I am trying to verify, why is it returning false? What am I missing?

By : FutureGuy


Answers

Thank you both for your reply. I ended up just creating a private/public key pair and using that to sign the document, the public key going with the application. If I had seen this early enough I might have used it, but I am sure someone else will find it useful. Thanks again.

By : FutureGuy


Good spot, left over cruft from the project I pulled it from. Library has been updated.

By : Wolfwyrd


Try changing the implementation of GetRSAFromSnkBytes(byte[]) in Wolfwyrd's code to:

private static RSACryptoServiceProvider GetRSAFromSnkBytes(byte[] snkBytes)
{
  if (snkBytes == null)
    throw new ArgumentNullException("snkBytes");

  RSAParameters param = GetRSAParameters(snkBytes);

  RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
  rsa.ImportParameters(param);
  return rsa;
}

I don't really understand why he first generates a key and then imports the snk-key into the container instead of just starting out with an empty key container.

You might also consider just using .NET to generate your key instead of bothering with the snk-format.

If you change the first line in your example to

RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(1024);

your code will also work fine (and you can serialize the resulting key yourself).



This video can help you solving your question :)
By: admin