WSSecurity Sign Soap Header With HSM

1/14/2015 3:22:24 PM
Total Posts 1

WSSecurity Sign Soap Header With HSM



I am using NCryptoki for sigining Soap Message Header. I prepare SOAP header on BeforeSendRequest.


I try to sign message with smartCard with same way and succesfully send to message to recipent. But change sign implamentation to hsm then I got "Signature or decryption is invalid" error. 


Hsm sign implementation:


byte[] hash = cryptoServiceProvider.ComputeHash(System.Text.Encoding.UTF8.GetBytes(signatureElement.OuterXml));
                Org.BouncyCastle.Asn1.X509.DigestInfo di = new Org.BouncyCastle.Asn1.X509.DigestInfo(new Org.BouncyCastle.Asn1.X509.AlgorithmIdentifier("2.16.840."), hash);  //SHA256 algorithm key
                byte[] digest = di.GetEncoded();
                signedXml.Signature.SignatureValue = nCipherSign.sign(digest);


signature calculated succesfully but recipent gives error.


What is wrong in this implementation?


Best Regards


3/15/2015 2:11:06 AM
Total Posts 9

Re: WSSecurity Sign Soap Header With HSM

I think your signature element has problem. Please check SOAP WSSE examples.

4/1/2015 11:37:10 AM
Total Posts 300
Ugo Chirico

Re: WSSecurity Sign Soap Header With HSM

I don't understand what you are referring.

Our libraries NCryptoki, JCryptoki, NDigitSign and JDigitSign have nothing to do with the code you posted.

You posted a code from BouncyCastle. We don't sell BouncyCastle