Set the SignedInfo id attribute

Hot Topic

Service Configuration Editor and custom bindings
CultureUI question
Jan CTP Microsoft.VisualStudio.Shell.WindowPane.OnCreate()
Extending Built In Packages?
Installing VS 2003 SP 1 without vs_setup.msi? How?
Resources bug?
Visual Studio 2005 error - The given path's format is not supported
How can I bind, in XAML, properties of several items in the collection, to an arbitrary data source?
Possible to get samples with new DSL included text-templates?
ASP.NET and Word

Visual Studio

VSS6.0c vs VSS2005 different behaviour?!?!?
Changing the main language
Set the Page "Window Height and Width" to Maximize
Is there any EDM xml reference document?
Getting a HWND for a Popup
Visual Studio 2005 Professional SP1 fails to install
Possibly a stupid question
MSBuild targets with relative paths and Visual Studio problem
Word is still running after you stop debugging it in Visual Studio 2005
Alternative locations for Project Templates

Set the SignedInfo id attribute

Hello,

I am building a Client-side web service that must output the following SOAP Header.

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">

<soap:Header>

<wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext">

<wsse:BinarySecurityToken valueType="wsse:X509v3" encodingType="wsse:Base64Binary" id="X509Token">

MIIEZzCcA9cgwaABQfd86afd2g...

</wsse:BinarySecurityToken>

<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

<ds:SignedInfo>

<ds:CanonicalizationMethod>

Algorithm="http://www.w3.org/2001/10/xml-enc-c14n#"/>

</ds:CanonicalizationMethod>

<ds:SignatureMethod Algorithm=" http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>

<ds:Reference URI="#MsgBody">

<ds:Transforms>

<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>

</ds:Transforms>

<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>

<ds:DigestValue>DJbchm5gk...</ds:DigestValue>

</ds:Reference>

</ds:SignedInfo>

<ds:SignatureValue>LyLsF0pi4wPu...</ds:SignatureValue>

<ds:KeyInfo>

<wsse:SecurityTokenReference>

<wsse:Reference URI="#X509Token"/>

</wsse:SecurityTokenReference>

</ds:KeyInfo>

</ds:Signature>

</wsse:Security>

</soap:Header>

<soap:Body id="MsgBody">

......

Its basically a signed SOAP XMLDSIG message.

We have been told that the message Body id attribute has to be "MsgBody" which corresponds to the Reference URI attribute in the SignedInfo Section.

Can someone tell me how to change this Reference and Body attributes.

Regards,

Edmund.

Answer this question

Set the SignedInfo id attribute

  • Ion101

    I think I'll try and avoid that.

    Thanks for the tips.

    Edmund.

  • LukeR_

    Your only other option might be to create the message signature yourself, before sending. But that is equally annoying. It can be done, that is the important thing...so it all depends how badly you want to make this change. Simply editing the ID ref is not an option in anything I have seen.

  • barnettr

    I feel compelled to ask. Why are you required to name the body element with a specific ID name This seems to go against the composability model of a SOAP message, where the ID is simply used as a reference for signatures, etc. The fact that it is a <body> element should be sufficient for any SOAP node to process. THe signature need only match the correct ID to be validated.

  • Rajeshsv

    Hello Michele,

    I agree what you say is correct but this is a Government Spec. (do they have to make sense ) it states;

    "References: There must be a Reference element (Envelope/Header/Security/Signature/SignedInfo/Reference) corresponding to the signed Body element within the message. This should have an Id attribute with a value of ‘MsgBody’. The Reference should have a single transform - Exclusive Canonicalization (see the URI above). The Digest Algorithm should be SHA1 - http://www.w3.org/2000/09/xmldsig#sha1"

    But thanks for the eloquent argument, I will use it if I cannot find an answer.

    Thanks,

    Edmund

  • Cavin

    Yuck.

    Well, in that case, you probably have to hook the outgoing and response messages and edit the reference ID directly. I don't know of an easy way to do that. Likely a IClientMessageInspector or IDispatchMessageInspector implementation could do it.



  • Set the SignedInfo id attribute
Answer this question