Verifying XML Signature in Powershell with PEM Certificate -

-

i trying create powershell script consume data in xml document. however, prior doing work need verify xml hasn't been tampered verifying signature.

i have copy of public key cert used sign xml in pem format, can not figure out how powershell use cert.

the closes have come getting work following code...

$path = "data.xml" $xmldata = new-object xml.xmldocument $xmldata.preservewhitespace = $true $xmldata.load($path)  add-type -assemblyname system.security $signedxml = new-object system.security.cryptography.xml.signedxml -argumentlist $xmldata  $xmlnodelist = $xmldata.entitiesdescriptor.signature  $xmlnodelist  $signedxml.loadxml($xmlnodelist)  $certpath = "cert.pem" $check = $signedxml.checksignature($certpath, $true)

however, when runs following exception...

exception calling "checksignature" "2" argument(s): "signaturedescription not created signature algorithm supplied." @ line:34 char:1 + $check = $signedxml.checksignature($certpath, $true) + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + categoryinfo : notspecified: (:) [], methodinvocationexception + fullyqualifiederrorid : cryptographicexception

any appreciated. thanks!

after intense additional searching found out signedxml not support http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 algorithm , had added hand. had add follow code before creating signedxml object...

add-type @'         public class rsapkcs1sha256signaturedescription : system.security.cryptography.signaturedescription             {                 public rsapkcs1sha256signaturedescription()                 {                     base.keyalgorithm = "system.security.cryptography.rsacryptoserviceprovider";                     base.digestalgorithm = "system.security.cryptography.sha256managed";                     base.formatteralgorithm = "system.security.cryptography.rsapkcs1signatureformatter";                     base.deformatteralgorithm = "system.security.cryptography.rsapkcs1signaturedeformatter";                 }                  public override system.security.cryptography.asymmetricsignaturedeformatter createdeformatter(system.security.cryptography.asymmetricalgorithm key)                 {                     system.security.cryptography.asymmetricsignaturedeformatter asymmetricsignaturedeformatter = (system.security.cryptography.asymmetricsignaturedeformatter)                         system.security.cryptography.cryptoconfig.createfromname(base.deformatteralgorithm);                     asymmetricsignaturedeformatter.setkey(key);                     asymmetricsignaturedeformatter.sethashalgorithm("sha256");                     return asymmetricsignaturedeformatter;                 }             } '@     $rsapkcs1sha256signaturedescription = new-object rsapkcs1sha256signaturedescription     [system.security.cryptography.cryptoconfig]::addalgorithm($rsapkcs1sha256signaturedescription.gettype(), "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256")

this solution adapted c# example of same issue found @ http://geekswithblogs.net/mkoerner/archive/2013/07/12/saml2-federationmetadata-validation.aspx.


Comments

Post a Comment

Popular posts from this blog

javascript - oscilloscope of speaker input stops rendering after a few seconds -

-
the following script reads audio user's microphone , renders oscilloscope on html canvas. the source taken example of mozilla developer network: visualizations web audio api and here fiddle: http://jsfiddle.net/b7j8pktp/ mozgetusermedia (note: code has no fork mechanism different browsers: works firefox) it works fine few seconds , stops rendering. whereas works totally stable: http://mdn.github.io/voice-change-o-matic/ the problem can reduced following code. microphone activation icon (next the address bar in firefox) disappears after 5 seconds: navigator.mozgetusermedia({audio: true}, function() {}, function() {} ); ( http://jsfiddle.net/b7j8pktp/2/ ) this known bug in firefox. take stream getusermedia call , hook window so: navigator.mozgetusermedia({audio: true}, function(stream) { window.stream = stream; // rest of code }, function err() { // handle error }); hopefully can fixed soon. problem we're f
Read more

javascript - gulp-nodemon - nodejs restart after file change - Error: listen EADDRINUSE events.js:85 -

-
i'm running nodejs 0.12.3 - gulp 3.10.8 , gulp-nodemon 2.0.3. gulpfile.js : gulp.task('serve', ['build'], function() { gulp.start('fb-flo'); nodemon({ script: paths.server, env: { 'node_env': 'development' }, // env: { 'node_env': 'production' }, execmap: { 'js': 'node_modules/babel/bin/babel-node --stage 1' //es7 cote server }, delay: '0ms', watch: ['src/shared/', 'src/server/'], ignore: ['src/shared/components'], tasks: function (changedfiles) { var tasks = []; changedfiles.foreach(function (file) { if (path.extname(file) === '.jsx' && !~tasks.indexof('bundlejs')) tasks.push('bundlejs'); if (path.extname(file) === '.less' && !~tasks.indexof('compileless')) tasks.push('compileless'); }); return tasks; }
Read more

Fatal Python error: Py_Initialize: unable to load the file system codec. ImportError: No module named 'encodings' -

-
i trying make simple python program opening list of webpages user manually download reports site. don't have previous experience preparing exe files.. , i'm in learning process python coding. of done on windows 7 x64 this python code: #!c:/python34/python.exe -u splinter import * import time import os import csv #---------------------------------- raporty = [] open('../raporty.csv', newline='') csvfile: contents = csv.reader(csvfile, delimiter=' ', quotechar='|') row in contents: r = ', '.join(row) r = r.replace(',','') raporty.append(r) #--not implemented yet zmienne = [] open('../zmienne.csv', newline='') csvfile: contents = csv.reader(csvfile, delimiter=' ', quotechar='|') row in contents: r = ', '.join(row) r = r.replace(',','') zmienne.append(r) print("start") browser = browser(
Read more