>From: "Scott" <sbusse144@yahoo.com>
>Subject: Signing a manifest without using XMLSign
>Date: Tue, 3 Aug 2004 13:22:31 -0700
>Lines: 4
>Organization: DCD
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Newsreader: Microsoft Outlook Express 6.00.2800.1409
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
>Message-ID: <eEPpbeZeEHA.3792@TK2MSFTNGP09.phx.gbl>
>Newsgroups: microsoft.public.dotnet.security
>NNTP-Posting-Host: mail.virtualconstruction.net 66.63.143.230
>Path: cpmsftngxa10.phx.gbl!TK2MSFTFEED01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
>Xref: cpmsftngxa10.phx.gbl microsoft.public.dotnet.security:7029
>X-Tomcat-NG: microsoft.public.dotnet.security
>
>Anyone have an idea how to sign a manifest.xml file with an X.509
>certificate without having to use that buggy XMLSign utility?
>
>
>

""Shawn Farkas"" <shawnfa@online.microsoft.com> wrote in message
news:NCkNtZzeEHA.1576@cpmsftngxa06.phx.gbl...
> If you want to do it from code, you could use the

> added to this class until Whidbey though, so you'll need to grab the beta
of .NET 2.0 to make it work. For further details check out:
>
> http://blogs.msdn.com/shawnfa/archive/2004/01/22/61779.aspx
>
> -Shawn
> http://blogs.msdn.com/shawnfa
>
> --
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
> originated.
> --------------------
> >From: "Scott" <sbusse144@yahoo.com>
> >Subject: Signing a manifest without using XMLSign
> >Date: Tue, 3 Aug 2004 13:22:31 -0700
> >Lines: 4
> >Organization: DCD
> >X-Priority: 3
> >X-MSMail-Priority: Normal
> >X-Newsreader: Microsoft Outlook Express 6.00.2800.1409
> >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
> >Message-ID: <eEPpbeZeEHA.3792@TK2MSFTNGP09.phx.gbl>
> >Newsgroups: microsoft.public.dotnet.security
> >NNTP-Posting-Host: mail.virtualconstruction.net 66.63.143.230
> >Path:

> >Xref: cpmsftngxa10.phx.gbl microsoft.public.dotnet.security:7029
> >X-Tomcat-NG: microsoft.public.dotnet.security
> >
> >Anyone have an idea how to sign a manifest.xml file with an X.509
> >certificate without having to use that buggy XMLSign utility?
> >
> >
> >
>
>

"Paul" <nospam@msnews.microsoft.com> wrote in message
news:uh8Kzm9eEHA.3944@tk2msftngp13.phx.gbl...
> Scott,
>
> You can use the X509CertificateStore object from WSE 1.0
> (Microsoft.Web.Services.Security.X509) to open the desired cert store and
> extract your cert. Then assign the cert key to an RSA object from
> System.Security.Cryptography.
>
> Dim sCertSubject As String
> Dim oStore As X509CertificateStore
> Dim oCert As Microsoft.Web.Services.Security.X509.X509Certificate =
Nothing
> Dim oCerts As X509CertificateCollection
> Dim oKey As RSA
> Dim xmlManifest As XmlDocument
> Dim signedXml As SignedXml
> Dim refManifest As Reference
>
> sCertSubject = "some subject string"
>
> ' get the key from the cert store
> oStore =
> X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore)
> oStore.OpenRead()
>
> ' find the subject
> oCerts = oStore.FindCertificateBySubjectName(sCertSubject)
>
> ' make sure you found the cert you were looking for...
> If oCerts.Count > 0 Then ' Obtain the first matching certificate.
> oCert = CType(oCerts(0),
> Microsoft.Web.Services.Security.X509.X509Certificate)
> Else ' No certificates matched the search criteria.
> ' throw an exception, etc...
> End If
>
> ' close the X.509 certificate store.
> oStore.Close()
>
> ' create the RSA object and assign the cert key
> oKey = oCert.Key
>
> Now use the SignedXML object to create your signature...
>
> ' load the XML into a DOM
> xmlManifest = New XmlDocument
> xmlManifest.Load("manifest.xml")
>
> ' create the SignedXml object and assign the key
> signedXml = New SignedXml(xmlManifest)
> signedXml.SigningKey = oKey
>
> ' add Reference, transformation, envelope, etc. to the signed XML node
per
> your requirements...
> refManifest = New Reference
> refManifest.Uri = ""
> Dim env As New XmlDsigEnvelopedSignatureTransform
> refManifest.AddTransform(env)
> Dim trans As New XmlDsigC14NTransform
> refManifest.AddTransform(trans)
> signedXml.AddReference(refManifest)
>
> ' add KeyInfo object per your requirements...
> Dim keyInfo As New KeyInfo
> keyInfo.AddClause(New RSAKeyValue(oKey))
> signedXml.KeyInfo = keyInfo
>
> ' calculate signature
> signedXml.ComputeSignature()
>
> ' get signature from SignedXml object
> Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
>
> ' add the signature element to the orginal manifest xml using
AppendChild,
> InsertAfter, etc...
>
>
> HTH,
>
> - Paul
>
>
> "Scott" <sbusse144@yahoo.com> wrote in message
> news:eEPpbeZeEHA.3792@TK2MSFTNGP09.phx.gbl...
> > Anyone have an idea how to sign a manifest.xml file with an X.509
> > certificate without having to use that buggy XMLSign utility?
> >
> >
>
>

"Scott" <sbusse144@yahoo.com> wrote in message
news:eEPpbeZeEHA.3792@TK2MSFTNGP09.phx.gbl...
> Anyone have an idea how to sign a manifest.xml file with an X.509
> certificate without having to use that buggy XMLSign utility?
>
>

>From: "Scott" <sbusse144@yahoo.com>
>References: <eEPpbeZeEHA.3792@TK2MSFTNGP09.phx.gbl> <NCkNtZzeEHA.1576@cpmsftngxa06.phx.gbl>
>Subject: Re: Signing a manifest without using XMLSign
>Date: Fri, 6 Aug 2004 08:34:21 -0700
>Lines: 54
>Organization: DCD
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Newsreader: Microsoft Outlook Express 6.00.2800.1409
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
>Message-ID: <urV2Zr8eEHA.2908@TK2MSFTNGP10.phx.gbl>
>Newsgroups: microsoft.public.dotnet.security
>NNTP-Posting-Host: mail.virtualconstruction.net 66.63.143.230
>Path: cpmsftngxa06.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
>Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.security:7073
>X-Tomcat-NG: microsoft.public.dotnet.security
>
>Hmmm... Just received beta .NET 2.0 - have not installed yet.
>
>This would then require the end user to also have .NET Framework 2.0
>installed?
>
>
>""Shawn Farkas"" <shawnfa@online.microsoft.com> wrote in message
>news:NCkNtZzeEHA.1576@cpmsftngxa06.phx.gbl...
>> If you want to do it from code, you could use the
>System.Security.Cryptography.Xml.SignedXml class to accomplish this. X509
>support wasn't
>> added to this class until Whidbey though, so you'll need to grab the beta
>of .NET 2.0 to make it work. For further details check out:
>>
>> http://blogs.msdn.com/shawnfa/archive/2004/01/22/61779.aspx
>>
>> -Shawn
>> http://blogs.msdn.com/shawnfa
>>
>> --
>>
>> This posting is provided "AS IS" with no warranties, and confers no
>rights.
>> Note: For the benefit of the community-at-large, all responses to this
>message are best directed to the newsgroup/thread from which they
>> originated.
>> --------------------
>> >From: "Scott" <sbusse144@yahoo.com>
>> >Subject: Signing a manifest without using XMLSign
>> >Date: Tue, 3 Aug 2004 13:22:31 -0700
>> >Lines: 4
>> >Organization: DCD
>> >X-Priority: 3
>> >X-MSMail-Priority: Normal
>> >X-Newsreader: Microsoft Outlook Express 6.00.2800.1409
>> >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
>> >Message-ID: <eEPpbeZeEHA.3792@TK2MSFTNGP09.phx.gbl>
>> >Newsgroups: microsoft.public.dotnet.security
>> >NNTP-Posting-Host: mail.virtualconstruction.net 66.63.143.230
>> >Path:
>cpmsftngxa10.phx.gbl!TK2MSFTFEED01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09
>.phx.gbl
>> >Xref: cpmsftngxa10.phx.gbl microsoft.public.dotnet.security:7029
>> >X-Tomcat-NG: microsoft.public.dotnet.security
>> >
>> >Anyone have an idea how to sign a manifest.xml file with an X.509
>> >certificate without having to use that buggy XMLSign utility?
>> >
>> >
>> >
>>
>>
>
>
>

"Paul" <nospam@msnews.microsoft.com> wrote in message
news:O8iazUtfEHA.3556@TK2MSFTNGP12.phx.gbl...
> More info...
>
> Here is my Imports list:
>
> Imports Microsoft.Web.Services.Security.X509
> Imports System.Security.Cryptography
> Imports System.Security.Cryptography.Xml
>
> HTH
>
> - Paul
>
>
> "Scott" <sbusse144@yahoo.com> wrote in message
> news:%23pnQaZ%23eEHA.2824@TK2MSFTNGP10.phx.gbl...
> > Paul,
> >
> > Is this also for NET 2.0?
> >
> > What I have is this:
> > Reference to System.Security & Microsoft.Web.Services2
> > Imports...
> >
> > Imports System.Security.Cryptography.X509Certificates
> >
> > Dim sCertSubject As String
> >
> > Dim oStore As X509CertificateStore
> >
> > Dim oCert As Microsoft.Web.Services.Security.X509.X509Certificate =
> Nothing
> >
> > Dim oCerts As X509CertificateCollection
> >
> > Dim oKey As RSA
> >
> > Dim xmlManifest As XmlDocument
> >
> > Dim signedXml As SignedXml
> >
> > Dim refManifest As Reference
> >
> > But all of the Dim'ed objects are not valid namespaces (in NET 1.1)
> >
> > "Paul" <nospam@msnews.microsoft.com> wrote in message
> > news:uh8Kzm9eEHA.3944@tk2msftngp13.phx.gbl...
> > > Scott,
> > >
> > > You can use the X509CertificateStore object from WSE 1.0
> > > (Microsoft.Web.Services.Security.X509) to open the desired cert store
> and
> > > extract your cert. Then assign the cert key to an RSA object from
> > > System.Security.Cryptography.
> > >
> > > Dim sCertSubject As String
> > > Dim oStore As X509CertificateStore
> > > Dim oCert As Microsoft.Web.Services.Security.X509.X509Certificate =
> > Nothing
> > > Dim oCerts As X509CertificateCollection
> > > Dim oKey As RSA
> > > Dim xmlManifest As XmlDocument
> > > Dim signedXml As SignedXml
> > > Dim refManifest As Reference
> > >
> > > sCertSubject = "some subject string"
> > >
> > > ' get the key from the cert store
> > > oStore =
> > > X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore)
> > > oStore.OpenRead()
> > >
> > > ' find the subject
> > > oCerts = oStore.FindCertificateBySubjectName(sCertSubject)
> > >
> > > ' make sure you found the cert you were looking for...
> > > If oCerts.Count > 0 Then ' Obtain the first matching certificate.
> > > oCert = CType(oCerts(0),
> > > Microsoft.Web.Services.Security.X509.X509Certificate)
> > > Else ' No certificates matched the search criteria.
> > > ' throw an exception, etc...
> > > End If
> > >
> > > ' close the X.509 certificate store.
> > > oStore.Close()
> > >
> > > ' create the RSA object and assign the cert key
> > > oKey = oCert.Key
> > >
> > > Now use the SignedXML object to create your signature...
> > >
> > > ' load the XML into a DOM
> > > xmlManifest = New XmlDocument
> > > xmlManifest.Load("manifest.xml")
> > >
> > > ' create the SignedXml object and assign the key
> > > signedXml = New SignedXml(xmlManifest)
> > > signedXml.SigningKey = oKey
> > >
> > > ' add Reference, transformation, envelope, etc. to the signed XML
node
> > per
> > > your requirements...
> > > refManifest = New Reference
> > > refManifest.Uri = ""
> > > Dim env As New XmlDsigEnvelopedSignatureTransform
> > > refManifest.AddTransform(env)
> > > Dim trans As New XmlDsigC14NTransform
> > > refManifest.AddTransform(trans)
> > > signedXml.AddReference(refManifest)
> > >
> > > ' add KeyInfo object per your requirements...
> > > Dim keyInfo As New KeyInfo
> > > keyInfo.AddClause(New RSAKeyValue(oKey))
> > > signedXml.KeyInfo = keyInfo
> > >
> > > ' calculate signature
> > > signedXml.ComputeSignature()
> > >
> > > ' get signature from SignedXml object
> > > Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
> > >
> > > ' add the signature element to the orginal manifest xml using
> > AppendChild,
> > > InsertAfter, etc...
> > >
> > >
> > > HTH,
> > >
> > > - Paul
> > >
> > >
> > > "Scott" <sbusse144@yahoo.com> wrote in message
> > > news:eEPpbeZeEHA.3792@TK2MSFTNGP09.phx.gbl...
> > > > Anyone have an idea how to sign a manifest.xml file with an X.509
> > > > certificate without having to use that buggy XMLSign utility?
> > > >
> > > >
> > >
> > >
> >
> >
>
>

> Is this also for NET 2.0?

> Reference to System.Security & Microsoft.Web.Services2

> But all of the Dim'ed objects are not valid namespaces (in NET 1.1)

"Scott" <sbusse144@yahoo.com> wrote in message
news:%23pnQaZ%23eEHA.2824@TK2MSFTNGP10.phx.gbl...
> Paul,
>
> Is this also for NET 2.0?
>
> What I have is this:
> Reference to System.Security & Microsoft.Web.Services2
> Imports...
>
> Imports System.Security.Cryptography.X509Certificates
>
> Dim sCertSubject As String
>
> Dim oStore As X509CertificateStore
>
> Dim oCert As Microsoft.Web.Services.Security.X509.X509Certificate =
Nothing
>
> Dim oCerts As X509CertificateCollection
>
> Dim oKey As RSA
>
> Dim xmlManifest As XmlDocument
>
> Dim signedXml As SignedXml
>
> Dim refManifest As Reference
>
> But all of the Dim'ed objects are not valid namespaces (in NET 1.1)
>
> "Paul" <nospam@msnews.microsoft.com> wrote in message
> news:uh8Kzm9eEHA.3944@tk2msftngp13.phx.gbl...
> > Scott,
> >
> > You can use the X509CertificateStore object from WSE 1.0
> > (Microsoft.Web.Services.Security.X509) to open the desired cert store
and
> > extract your cert. Then assign the cert key to an RSA object from
> > System.Security.Cryptography.
> >
> > Dim sCertSubject As String
> > Dim oStore As X509CertificateStore
> > Dim oCert As Microsoft.Web.Services.Security.X509.X509Certificate =
> Nothing
> > Dim oCerts As X509CertificateCollection
> > Dim oKey As RSA
> > Dim xmlManifest As XmlDocument
> > Dim signedXml As SignedXml
> > Dim refManifest As Reference
> >
> > sCertSubject = "some subject string"
> >
> > ' get the key from the cert store
> > oStore =
> > X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore)
> > oStore.OpenRead()
> >
> > ' find the subject
> > oCerts = oStore.FindCertificateBySubjectName(sCertSubject)
> >
> > ' make sure you found the cert you were looking for...
> > If oCerts.Count > 0 Then ' Obtain the first matching certificate.
> > oCert = CType(oCerts(0),
> > Microsoft.Web.Services.Security.X509.X509Certificate)
> > Else ' No certificates matched the search criteria.
> > ' throw an exception, etc...
> > End If
> >
> > ' close the X.509 certificate store.
> > oStore.Close()
> >
> > ' create the RSA object and assign the cert key
> > oKey = oCert.Key
> >
> > Now use the SignedXML object to create your signature...
> >
> > ' load the XML into a DOM
> > xmlManifest = New XmlDocument
> > xmlManifest.Load("manifest.xml")
> >
> > ' create the SignedXml object and assign the key
> > signedXml = New SignedXml(xmlManifest)
> > signedXml.SigningKey = oKey
> >
> > ' add Reference, transformation, envelope, etc. to the signed XML node
> per
> > your requirements...
> > refManifest = New Reference
> > refManifest.Uri = ""
> > Dim env As New XmlDsigEnvelopedSignatureTransform
> > refManifest.AddTransform(env)
> > Dim trans As New XmlDsigC14NTransform
> > refManifest.AddTransform(trans)
> > signedXml.AddReference(refManifest)
> >
> > ' add KeyInfo object per your requirements...
> > Dim keyInfo As New KeyInfo
> > keyInfo.AddClause(New RSAKeyValue(oKey))
> > signedXml.KeyInfo = keyInfo
> >
> > ' calculate signature
> > signedXml.ComputeSignature()
> >
> > ' get signature from SignedXml object
> > Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
> >
> > ' add the signature element to the orginal manifest xml using
> AppendChild,
> > InsertAfter, etc...
> >
> >
> > HTH,
> >
> > - Paul
> >
> >
> > "Scott" <sbusse144@yahoo.com> wrote in message
> > news:eEPpbeZeEHA.3792@TK2MSFTNGP09.phx.gbl...
> > > Anyone have an idea how to sign a manifest.xml file with an X.509
> > > certificate without having to use that buggy XMLSign utility?
> > >
> > >
> >
> >
>
>

"Scott" <sbusse144@yahoo.com> wrote in message
news:%23pnQaZ%23eEHA.2824@TK2MSFTNGP10.phx.gbl...
> Paul,
>
> Is this also for NET 2.0?
>
> What I have is this:
> Reference to System.Security & Microsoft.Web.Services2
> Imports...
>
> Imports System.Security.Cryptography.X509Certificates
>
> Dim sCertSubject As String
>
> Dim oStore As X509CertificateStore
>
> Dim oCert As Microsoft.Web.Services.Security.X509.X509Certificate =
Nothing
>
> Dim oCerts As X509CertificateCollection
>
> Dim oKey As RSA
>
> Dim xmlManifest As XmlDocument
>
> Dim signedXml As SignedXml
>
> Dim refManifest As Reference
>
> But all of the Dim'ed objects are not valid namespaces (in NET 1.1)
>
> "Paul" <nospam@msnews.microsoft.com> wrote in message
> news:uh8Kzm9eEHA.3944@tk2msftngp13.phx.gbl...
> > Scott,
> >
> > You can use the X509CertificateStore object from WSE 1.0
> > (Microsoft.Web.Services.Security.X509) to open the desired cert store
and
> > extract your cert. Then assign the cert key to an RSA object from
> > System.Security.Cryptography.
> >
> > Dim sCertSubject As String
> > Dim oStore As X509CertificateStore
> > Dim oCert As Microsoft.Web.Services.Security.X509.X509Certificate =
> Nothing
> > Dim oCerts As X509CertificateCollection
> > Dim oKey As RSA
> > Dim xmlManifest As XmlDocument
> > Dim signedXml As SignedXml
> > Dim refManifest As Reference
> >
> > sCertSubject = "some subject string"
> >
> > ' get the key from the cert store
> > oStore =
> > X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore)
> > oStore.OpenRead()
> >
> > ' find the subject
> > oCerts = oStore.FindCertificateBySubjectName(sCertSubject)
> >
> > ' make sure you found the cert you were looking for...
> > If oCerts.Count > 0 Then ' Obtain the first matching certificate.
> > oCert = CType(oCerts(0),
> > Microsoft.Web.Services.Security.X509.X509Certificate)
> > Else ' No certificates matched the search criteria.
> > ' throw an exception, etc...
> > End If
> >
> > ' close the X.509 certificate store.
> > oStore.Close()
> >
> > ' create the RSA object and assign the cert key
> > oKey = oCert.Key
> >
> > Now use the SignedXML object to create your signature...
> >
> > ' load the XML into a DOM
> > xmlManifest = New XmlDocument
> > xmlManifest.Load("manifest.xml")
> >
> > ' create the SignedXml object and assign the key
> > signedXml = New SignedXml(xmlManifest)
> > signedXml.SigningKey = oKey
> >
> > ' add Reference, transformation, envelope, etc. to the signed XML node
> per
> > your requirements...
> > refManifest = New Reference
> > refManifest.Uri = ""
> > Dim env As New XmlDsigEnvelopedSignatureTransform
> > refManifest.AddTransform(env)
> > Dim trans As New XmlDsigC14NTransform
> > refManifest.AddTransform(trans)
> > signedXml.AddReference(refManifest)
> >
> > ' add KeyInfo object per your requirements...
> > Dim keyInfo As New KeyInfo
> > keyInfo.AddClause(New RSAKeyValue(oKey))
> > signedXml.KeyInfo = keyInfo
> >
> > ' calculate signature
> > signedXml.ComputeSignature()
> >
> > ' get signature from SignedXml object
> > Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
> >
> > ' add the signature element to the orginal manifest xml using
> AppendChild,
> > InsertAfter, etc...
> >
> >
> > HTH,
> >
> > - Paul
> >
> >
> > "Scott" <sbusse144@yahoo.com> wrote in message
> > news:eEPpbeZeEHA.3792@TK2MSFTNGP09.phx.gbl...
> > > Anyone have an idea how to sign a manifest.xml file with an X.509
> > > certificate without having to use that buggy XMLSign utility?
> > >
> > >
> >
> >
>
>

"Paul" <nospam@msnews.microsoft.com> wrote in message
news:uqreJ2ufEHA.3944@tk2msftngp13.phx.gbl...
> That's standard .NET XML stuff...
>
> Just make sure you're referencing System.XML and import System.XML.
>
> Sorry, I trimmed that one (import) off my list of imports when I
cut/pasted
> them into my last message. The complete list is much longer, but mostly
> specific to my app...
>
> - Paul
>
>
> "Scott" <sbusse144@yahoo.com> wrote in message
> news:%23%23gSRsufEHA.3632@TK2MSFTNGP11.phx.gbl...
> > Paul,
> >
> > Thanks! Much less "complaints"
> >
> > Now only complaining about
> > Dim xmlManifest As XmlDocument
> >
> > type XmlDocument is not defined
> >
> >
> >
> > Scott
> >
> > scottbusse@wcpci.com
> >
> >
> >
> > "Paul" <nospam@msnews.microsoft.com> wrote in message
> > news:O8iazUtfEHA.3556@TK2MSFTNGP12.phx.gbl...
> > > More info...
> > >
> > > Here is my Imports list:
> > >
> > > Imports Microsoft.Web.Services.Security.X509
> > > Imports System.Security.Cryptography
> > > Imports System.Security.Cryptography.Xml
> > >
> > > HTH
> > >
> > > - Paul
> > >
> > >
> > > "Scott" <sbusse144@yahoo.com> wrote in message
> > > news:%23pnQaZ%23eEHA.2824@TK2MSFTNGP10.phx.gbl...
> > > > Paul,
> > > >
> > > > Is this also for NET 2.0?
> > > >
> > > > What I have is this:
> > > > Reference to System.Security & Microsoft.Web.Services2
> > > > Imports...
> > > >
> > > > Imports System.Security.Cryptography.X509Certificates
> > > >
> > > > Dim sCertSubject As String
> > > >
> > > > Dim oStore As X509CertificateStore
> > > >
> > > > Dim oCert As Microsoft.Web.Services.Security.X509.X509Certificate =
> > > Nothing
> > > >
> > > > Dim oCerts As X509CertificateCollection
> > > >
> > > > Dim oKey As RSA
> > > >
> > > > Dim xmlManifest As XmlDocument
> > > >
> > > > Dim signedXml As SignedXml
> > > >
> > > > Dim refManifest As Reference
> > > >
> > > > But all of the Dim'ed objects are not valid namespaces (in NET 1.1)
> > > >
> > > > "Paul" <nospam@msnews.microsoft.com> wrote in message
> > > > news:uh8Kzm9eEHA.3944@tk2msftngp13.phx.gbl...
> > > > > Scott,
> > > > >
> > > > > You can use the X509CertificateStore object from WSE 1.0
> > > > > (Microsoft.Web.Services.Security.X509) to open the desired cert
> store
> > > and
> > > > > extract your cert. Then assign the cert key to an RSA object from
> > > > > System.Security.Cryptography.
> > > > >
> > > > > Dim sCertSubject As String
> > > > > Dim oStore As X509CertificateStore
> > > > > Dim oCert As Microsoft.Web.Services.Security.X509.X509Certificate
=
> > > > Nothing
> > > > > Dim oCerts As X509CertificateCollection
> > > > > Dim oKey As RSA
> > > > > Dim xmlManifest As XmlDocument
> > > > > Dim signedXml As SignedXml
> > > > > Dim refManifest As Reference
> > > > >
> > > > > sCertSubject = "some subject string"
> > > > >
> > > > > ' get the key from the cert store
> > > > > oStore =
> > > > >
X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore)
> > > > > oStore.OpenRead()
> > > > >
> > > > > ' find the subject
> > > > > oCerts = oStore.FindCertificateBySubjectName(sCertSubject)
> > > > >
> > > > > ' make sure you found the cert you were looking for...
> > > > > If oCerts.Count > 0 Then ' Obtain the first matching
certificate.
> > > > > oCert = CType(oCerts(0),
> > > > > Microsoft.Web.Services.Security.X509.X509Certificate)
> > > > > Else ' No certificates matched the search criteria.
> > > > > ' throw an exception, etc...
> > > > > End If
> > > > >
> > > > > ' close the X.509 certificate store.
> > > > > oStore.Close()
> > > > >
> > > > > ' create the RSA object and assign the cert key
> > > > > oKey = oCert.Key
> > > > >
> > > > > Now use the SignedXML object to create your signature...
> > > > >
> > > > > ' load the XML into a DOM
> > > > > xmlManifest = New XmlDocument
> > > > > xmlManifest.Load("manifest.xml")
> > > > >
> > > > > ' create the SignedXml object and assign the key
> > > > > signedXml = New SignedXml(xmlManifest)
> > > > > signedXml.SigningKey = oKey
> > > > >
> > > > > ' add Reference, transformation, envelope, etc. to the signed XML
> > node
> > > > per
> > > > > your requirements...
> > > > > refManifest = New Reference
> > > > > refManifest.Uri = ""
> > > > > Dim env As New XmlDsigEnvelopedSignatureTransform
> > > > > refManifest.AddTransform(env)
> > > > > Dim trans As New XmlDsigC14NTransform
> > > > > refManifest.AddTransform(trans)
> > > > > signedXml.AddReference(refManifest)
> > > > >
> > > > > ' add KeyInfo object per your requirements...
> > > > > Dim keyInfo As New KeyInfo
> > > > > keyInfo.AddClause(New RSAKeyValue(oKey))
> > > > > signedXml.KeyInfo = keyInfo
> > > > >
> > > > > ' calculate signature
> > > > > signedXml.ComputeSignature()
> > > > >
> > > > > ' get signature from SignedXml object
> > > > > Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
> > > > >
> > > > > ' add the signature element to the orginal manifest xml using
> > > > AppendChild,
> > > > > InsertAfter, etc...
> > > > >
> > > > >
> > > > > HTH,
> > > > >
> > > > > - Paul
> > > > >
> > > > >
> > > > > "Scott" <sbusse144@yahoo.com> wrote in message
> > > > > news:eEPpbeZeEHA.3792@TK2MSFTNGP09.phx.gbl...
> > > > > > Anyone have an idea how to sign a manifest.xml file with an
X.509
> > > > > > certificate without having to use that buggy XMLSign utility?
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>

"Scott" <sbusse144@yahoo.com> wrote in message
news:%23%23gSRsufEHA.3632@TK2MSFTNGP11.phx.gbl...
> Paul,
>
> Thanks! Much less "complaints"
>
> Now only complaining about
> Dim xmlManifest As XmlDocument
>
> type XmlDocument is not defined
>
>
>
> Scott
>
> scottbusse@wcpci.com
>
>
>
> "Paul" <nospam@msnews.microsoft.com> wrote in message
> news:O8iazUtfEHA.3556@TK2MSFTNGP12.phx.gbl...
> > More info...
> >
> > Here is my Imports list:
> >
> > Imports Microsoft.Web.Services.Security.X509
> > Imports System.Security.Cryptography
> > Imports System.Security.Cryptography.Xml
> >
> > HTH
> >
> > - Paul
> >
> >
> > "Scott" <sbusse144@yahoo.com> wrote in message
> > news:%23pnQaZ%23eEHA.2824@TK2MSFTNGP10.phx.gbl...
> > > Paul,
> > >
> > > Is this also for NET 2.0?
> > >
> > > What I have is this:
> > > Reference to System.Security & Microsoft.Web.Services2
> > > Imports...
> > >
> > > Imports System.Security.Cryptography.X509Certificates
> > >
> > > Dim sCertSubject As String
> > >
> > > Dim oStore As X509CertificateStore
> > >
> > > Dim oCert As Microsoft.Web.Services.Security.X509.X509Certificate =
> > Nothing
> > >
> > > Dim oCerts As X509CertificateCollection
> > >
> > > Dim oKey As RSA
> > >
> > > Dim xmlManifest As XmlDocument
> > >
> > > Dim signedXml As SignedXml
> > >
> > > Dim refManifest As Reference
> > >
> > > But all of the Dim'ed objects are not valid namespaces (in NET 1.1)
> > >
> > > "Paul" <nospam@msnews.microsoft.com> wrote in message
> > > news:uh8Kzm9eEHA.3944@tk2msftngp13.phx.gbl...
> > > > Scott,
> > > >
> > > > You can use the X509CertificateStore object from WSE 1.0
> > > > (Microsoft.Web.Services.Security.X509) to open the desired cert
store
> > and
> > > > extract your cert. Then assign the cert key to an RSA object from
> > > > System.Security.Cryptography.
> > > >
> > > > Dim sCertSubject As String
> > > > Dim oStore As X509CertificateStore
> > > > Dim oCert As Microsoft.Web.Services.Security.X509.X509Certificate =
> > > Nothing
> > > > Dim oCerts As X509CertificateCollection
> > > > Dim oKey As RSA
> > > > Dim xmlManifest As XmlDocument
> > > > Dim signedXml As SignedXml
> > > > Dim refManifest As Reference
> > > >
> > > > sCertSubject = "some subject string"
> > > >
> > > > ' get the key from the cert store
> > > > oStore =
> > > > X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore)
> > > > oStore.OpenRead()
> > > >
> > > > ' find the subject
> > > > oCerts = oStore.FindCertificateBySubjectName(sCertSubject)
> > > >
> > > > ' make sure you found the cert you were looking for...
> > > > If oCerts.Count > 0 Then ' Obtain the first matching certificate.
> > > > oCert = CType(oCerts(0),
> > > > Microsoft.Web.Services.Security.X509.X509Certificate)
> > > > Else ' No certificates matched the search criteria.
> > > > ' throw an exception, etc...
> > > > End If
> > > >
> > > > ' close the X.509 certificate store.
> > > > oStore.Close()
> > > >
> > > > ' create the RSA object and assign the cert key
> > > > oKey = oCert.Key
> > > >
> > > > Now use the SignedXML object to create your signature...
> > > >
> > > > ' load the XML into a DOM
> > > > xmlManifest = New XmlDocument
> > > > xmlManifest.Load("manifest.xml")
> > > >
> > > > ' create the SignedXml object and assign the key
> > > > signedXml = New SignedXml(xmlManifest)
> > > > signedXml.SigningKey = oKey
> > > >
> > > > ' add Reference, transformation, envelope, etc. to the signed XML
> node
> > > per
> > > > your requirements...
> > > > refManifest = New Reference
> > > > refManifest.Uri = ""
> > > > Dim env As New XmlDsigEnvelopedSignatureTransform
> > > > refManifest.AddTransform(env)
> > > > Dim trans As New XmlDsigC14NTransform
> > > > refManifest.AddTransform(trans)
> > > > signedXml.AddReference(refManifest)
> > > >
> > > > ' add KeyInfo object per your requirements...
> > > > Dim keyInfo As New KeyInfo
> > > > keyInfo.AddClause(New RSAKeyValue(oKey))
> > > > signedXml.KeyInfo = keyInfo
> > > >
> > > > ' calculate signature
> > > > signedXml.ComputeSignature()
> > > >
> > > > ' get signature from SignedXml object
> > > > Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
> > > >
> > > > ' add the signature element to the orginal manifest xml using
> > > AppendChild,
> > > > InsertAfter, etc...
> > > >
> > > >
> > > > HTH,
> > > >
> > > > - Paul
> > > >
> > > >
> > > > "Scott" <sbusse144@yahoo.com> wrote in message
> > > > news:eEPpbeZeEHA.3792@TK2MSFTNGP09.phx.gbl...
> > > > > Anyone have an idea how to sign a manifest.xml file with an X.509
> > > > > certificate without having to use that buggy XMLSign utility?
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>