XML Signature is not valid – XML SignatureValue differs in C# and Java code

We use a BizTalk solution to sign and send a message headers, the problem is that the signature according to recipient is no valid, this recipient has a JAVA workshop.

The existing code today is written in Java , that works, and we want to migrate it to C# code

Bellow is one of the message headers signed , in JAVA code, and that works, check the DigestValue

Working java created request

Here is the same header signed in C# code that does not work and as you can see same DigestValue but different SignatureValue. The only difference i can see , in the signature that works, is that the certificate has carriage returns every 76 chars.

none working C# created request

Here is the C# code i use to Sign the headers, certificate is globally assigned

The xmlDoc is created with PreserveWhitespace = true;

private void SignXml(XmlDocument xmlDoc, string referenceURI)
    {
        // Check arguments. 
        if (xmlDoc == null)
            throw new ArgumentException("xmlDoc");
        if (certificate == null)
            throw new ArgumentException("Key");

        // Create a SignedXml object.
        SignedXml signedXml = new SignedXml(xmlDoc);

        // Add the key to the SignedXml document.
        signedXml.SigningKey = certificate.PrivateKey;

        signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;//NEW

        // Create a reference to be signed.
        Reference reference = new Reference();
        reference.Uri = String.Format("#{0}", referenceURI);

        // Add an enveloped transformation to the reference.
        XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
        reference.AddTransform(env);

        XmlDsigExcC14NTransform c14trf = new XmlDsigExcC14NTransform(false, "xs");
        //might need some InclusiveNamespaces
        c14trf.Algorithm = SignedXml.XmlDsigExcC14NTransformUrl;
        reference.AddTransform(c14trf);

        // Add the reference to the SignedXml object.
        signedXml.AddReference(reference);

        //AddKeyInfo value, optional in standard
        KeyInfo keyInfo = new KeyInfo();

        KeyInfoX509Data keyinfoData = new KeyInfoX509Data(certificate);

        keyInfo.AddClause(keyinfoData);

        signedXml.KeyInfo = keyInfo;

        // Compute the signature.
        signedXml.ComputeSignature();


        // Get the XML representation of the signature and save 
        // it to an XmlElement object.
        XmlElement xmlDigitalSignature = signedXml.GetXml();

        if (signedXml.CheckSignature(certificate, true) == false)
        {
            throw new ArgumentException("INT0014a Signature is incorrect", "CheckSignature");
        }
        // Append the element to the XML document.
        xmlDoc.DocumentElement.InsertAfter(xmlDoc.ImportNode(xmlDigitalSignature,true), xmlDoc.DocumentElement.FirstChild);

    }

Any help is appreciated

Source: java

Leave a Reply