[Mono-bugs] [Bug 52084][Maj] New - SignedXml.CheckSignature() throws 'System.Security.Cryptography.CryptographicUnexpectedOperationException: missing key'
bugzilla-daemon@bugzilla.ximian.com
bugzilla-daemon@bugzilla.ximian.com
Thu, 11 Dec 2003 19:11:00 -0500 (EST)
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by mlasky@novell.com.
http://bugzilla.ximian.com/show_bug.cgi?id=52084
--- shadow/52084 2003-12-11 19:11:00.000000000 -0500
+++ shadow/52084.tmp.22332 2003-12-11 19:11:00.000000000 -0500
@@ -0,0 +1,167 @@
+Bug#: 52084
+Product: Mono/Class Libraries
+Version: unspecified
+OS: Suse 8.2
+OS Details:
+Status: NEW
+Resolution:
+Severity:
+Priority: Major
+Component: System
+AssignedTo: mono-bugs@ximian.com
+ReportedBy: mlasky@novell.com
+QAContact: mono-bugs@ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: SignedXml.CheckSignature() throws 'System.Security.Cryptography.CryptographicUnexpectedOperationException: missing key'
+
+Please fill in this template when reporting a bug, unless you know what you
+are doing.
+Description of Problem:
+SignedXml.CheckSignature() throws an exception when validating XML document
+signature.
+
+
+Steps to reproduce the problem:
+1. Compile the following code using the following syntax: 'mcs Test.cs -r
+/usr/lib/System.Security.dll'
+
+using System;
+using System.Security.Cryptography;
+using System.Security.Cryptography.Xml;
+using System.Text;
+using System.Xml;
+
+class Test
+{
+ private const string signature = "MyObjectId";
+ private const string objectListTag = "ObjectListTag";
+
+ [STAThread]
+ static void Main()
+ {
+ XmlDocument doc = new XmlDocument();
+ doc.AppendChild( doc.CreateElement( objectListTag ) );
+
+ Test test = new Test();
+ XmlDocument verifiedDoc = test.GetValidatedXmlDocument(
+test.SignXmlDocument( doc ) );
+ }
+
+ private XmlDocument GetValidatedXmlDocument( XmlDocument signedDoc )
+ {
+ try
+ {
+ // Create a SignedXml.
+ SignedXml signedXml = new SignedXml();
+
+ // Get the signature for this xml document. Loads
+the "Signature" element.
+ signedXml.LoadXml( signedDoc.DocumentElement );
+
+ // Return whether the document is valid.
+ if ( !signedXml.CheckSignature() )
+ {
+ throw new ApplicationException( "Xml
+document has an invalid signature" );
+ }
+
+ // Create a new document so that the returned
+document can be modified if necessary.
+ XmlDocument newDoc = new XmlDocument();
+ newDoc.LoadXml( signedXml.GetIdElement( signedDoc,
+signature ).InnerXml );
+ return newDoc;
+ }
+ catch ( CryptographicException e )
+ {
+ throw new ApplicationException( "Xml document is
+not valid", e );
+ }
+ }
+
+ private XmlDocument SignXmlDocument( XmlDocument doc )
+ {
+ try
+ {
+ // Create the SignedXml object and pass it the XML
+document.
+ SignedXml signedXml = new SignedXml( doc );
+ RSA key = RSA.Create();
+ signedXml.SigningKey = key;
+
+ // Create a data object to hold the data to sign.
+ DataObject dataObject = new DataObject();
+ dataObject.Data = doc.GetElementsByTagName(
+objectListTag );
+ dataObject.Id = signature;
+
+ // Add the data object to the signature.
+ signedXml.AddObject(dataObject);
+
+ // Create a reference to be able to package
+everything into the message.
+ Reference reference = new Reference();
+ reference.Uri = "#" + signature;
+
+ // Add the reference to the message.
+ signedXml.AddReference( reference );
+
+ // Add a KeyInfo object.
+ KeyInfo keyInfo = new KeyInfo();
+ keyInfo.AddClause( new RSAKeyValue( key ) );
+ signedXml.KeyInfo = keyInfo;
+
+ // Compute the signature.
+ signedXml.ComputeSignature();
+
+ // Save the signature in a new xml document.
+ XmlDocument signedDoc = new XmlDocument();
+ signedDoc.AppendChild( signedDoc.ImportNode(
+signedXml.GetXml(), true ) );
+ return signedDoc;
+ }
+ catch( CryptographicException e )
+ {
+ throw new ApplicationException( "Failed to sign xml
+document", e );
+ }
+ }
+}
+
+2. Run mono Test.exe
+3. Throws an exception every time.
+
+
+Actual Results:
+Unhandled Exception: System.ApplicationException: Xml document is not valid
+--->
+System.Security.Cryptography.CryptographicUnexpectedOperationException:
+missing key
+in <0x00038>
+System.Security.Cryptography.RSAPKCS1SignatureDeformatter:VerifySignature
+(byte[],byte[])
+in <0x0017c> System.Security.Cryptography.Xml.SignedXml:CheckSignature
+(System.Security.Cryptography.AsymmetricAlgorithm)
+in <0x00037> System.Security.Cryptography.Xml.SignedXml:CheckSignature ()
+in <0x00076> .Test:GetValidatedXmlDocument (System.Xml.XmlDocument)
+--- End of inner exception stack trace ---
+
+
+in <0x0015c> .Test:GetValidatedXmlDocument (System.Xml.XmlDocument)
+in <0x00099> .Test:Main ()
+
+
+Expected Results:
+Expect the signature to be verified.
+
+
+How often does this happen?
+Every time.
+
+
+Additional Information:
+1. Running on mono 0.29.0.0.
+2. This code executes successfully on the Windows .NET platform.
+3. Please help!