Hi,
I have been trying to work out how to create the following xml structure via the SignedXml class provided by the framework. The issue that I have is that the certificate type is an ECDSA one and from my research it is not widely supported like RSA and DSA is.
I have attempted to use the ECDsaCng class as the key algorithm via my own implementations of SignatureDescription, AsymmetricSignatureFormatter and AsymmetricSignatureDeformatter and I can sign and verify my own Xml. However when the xml is sent to a third party (who uses Java) it does not verify on their side (using the public key).
The below XML is inserted immediately after the body tag.
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# "/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>tOyRD3mq3MFXHUWDfgRVHzqN0Dt5kOzE1rxuJ7FYAjI=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>hfluuINc7W/+8fklmrXKoW+M9JM4RR1YdnGp15Y8CXd7hXY717srDT6lAkNWSIWY8d5UFVHx9jd4HeTJ3GLzxQ==</SignatureValue>
<KeyInfo>
<X509Data>
<X509IssuerSerial>
<X509IssuerName>CN=XXXXXX, OU=XXXX XXXX, O=XXXX XXXX, C=UK</X509IssuerName>
<X509SerialNumber>123123123</X509SerialNumber>
</X509IssuerSerial>
</X509Data>
</KeyInfo>
</Signature>
I'm willing to post all of my code somewhere for Microsoft to look at, just don't know where.
Can a signature by created as above with ECDSA?
Regards,
Hyder