WSSecurity Sign Soap Header With HSM

You must sign in to post in the forums.
1/14/2015 3:22:24 PM
ersinici
Gravatar
Total Posts 1
View Posts

WSSecurity Sign Soap Header With HSM

Hi;

 

I am using NCryptoki for sigining Soap Message Header. I prepare SOAP header on BeforeSendRequest.

 

I try to sign message with smartCard with same way and succesfully send to message to recipent. But change sign implamentation to hsm then I got "Signature or decryption is invalid" error. 

 

Hsm sign implementation:

 

byte[] hash = cryptoServiceProvider.ComputeHash(System.Text.Encoding.UTF8.GetBytes(signatureElement.OuterXml));
                Org.BouncyCastle.Asn1.X509.DigestInfo di = new Org.BouncyCastle.Asn1.X509.DigestInfo(new Org.BouncyCastle.Asn1.X509.AlgorithmIdentifier("2.16.840.1.101.3.4.2.1"), hash);  //SHA256 algorithm key
                byte[] digest = di.GetEncoded();
                signedXml.Signature.SignatureValue = nCipherSign.sign(digest);

 

signature calculated succesfully but recipent gives error.

 

What is wrong in this implementation?

 

Best Regards

 

3/15/2015 2:11:06 AM
mkysoft
Gravatar
Total Posts 9
View Posts

Re: WSSecurity Sign Soap Header With HSM

I think your signature element has problem. Please check SOAP WSSE examples.

4/1/2015 11:37:10 AM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: WSSecurity Sign Soap Header With HSM

I don't understand what you are referring.

Our libraries NCryptoki, JCryptoki, NDigitSign and JDigitSign have nothing to do with the code you posted.

You posted a code from BouncyCastle. We don't sell BouncyCastle

 

You must sign in to post in the forums.