1

我正在尝试验证签名 SOAP 消息上的签名。(只是为了解决这个问题,我完全无法控制我收到的消息)消息的正文由 Java 设备签名和发送。

SignedXml.CheckSignature 方法失败,但我确定我收到的消息是正确的。

相关位:

        Dim sdoc As New SignedXml(doc)
        Dim nodeList As XmlNodeList = doc.GetElementsByTagName("Signature", "http://www.w3.org/2000/09/xmldsig#")
        sdoc.LoadXml(CType(nodeList.Item(0), XmlElement))
        Dim result As Boolean = sdoc.CheckSignature(cert, False)
        'Also tried sdoc.CheckSignature()

签名:

   <E:Envelope xmlns:E="http://schemas.xmlsoap.org/soap/envelope/">
      <SOAP:Header xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
         <SOAP-SEC:Signature SOAP:mustUnderstand="1" xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12">
            <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
              <SignedInfo>
                <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
                <Reference URI="#Body">
                  <Transforms>
                    <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                  </Transforms>
                  <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
                   <DigestValue>xxxc</DigestValue>
                </Reference>
             </SignedInfo>
      <SignatureValue>xxx</SignatureValue>
            <KeyInfo>
              <X509Data>
                <X509Certificate />
                <X509IssuerSerial>
                  <X509IssuerName>OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign, OU=VeriSign International Server CA - Class 3, OU="VeriSign, Inc.", O=VeriSign Trust Network</X509IssuerName>
                  <X509SerialNumber>xxx</X509SerialNumber>
                </X509IssuerSerial>
             </X509Data>
            </KeyInfo>
          </Signature>
      </SOAP-SEC:Signature>
    </SOAP:Header>
    <E:Body id="Body">
4

0 回答 0