Thomas Rollet
Thomas Rollet

Reputation: 1569

Signature XML verification failed C#

I need to implements EBICS protocol and sign the HPB XML request.

My signature is correctly generated in my XML file but when the server verify it, i get the following return and I don't understand why :

Authentication Signature Invalid

Can you help me to solve my problem ?

This is my code to generate my signature :

Method : SignXml()

public static void SignXml()
        CryptoConfig.AddAlgorithm(typeof(RsaPkCs1Sha256SignatureDescription), "");
        XmlDocument xmlDoc = new XmlDocument();
        xmlDoc.PreserveWhitespace = false;
        RSACryptoServiceProvider Key = new RSACryptoServiceProvider();
        X509Certificate2 Cert = new X509Certificate2("cert.pfx", "password", X509KeyStorageFlags.Exportable);
        // Create a SignedXml object.
        PrefixedSignedXML signedXml = new PrefixedSignedXML(xmlDoc);
        // Add the key to the SignedXml document.
        signedXml.SigningKey = Key;
        signedXml.SignedInfo.SignatureMethod = "";
        // Create a reference to be signed.
        Reference reference = new Reference();
        reference.Uri = "#xpointer(//*[@authenticate='true'])";
        reference.DigestMethod = "";
        // Add an enveloped transformation to the reference.
        XmlDsigExcC14NTransform env = new XmlDsigExcC14NTransform();
        env.Algorithm = "";
        // Add the reference to the SignedXml object.
        // Compute the signature.
        // Get the XML representation of the signature and save
        // it to an XmlElement object.
        XmlElement xmlDigitalSignature = signedXml.GetXml("ds");
        // Append the element to the XML document.
        xmlDoc.DocumentElement.AppendChild(xmlDoc.ImportNode(xmlDigitalSignature, true));

Class PrefixedSignedXml

public class PrefixedSignedXML : SignedXml
    XmlDocument xmlDocumentToSign;
    public PrefixedSignedXML(XmlDocument document)
        : base(document)
        xmlDocumentToSign = document;

    public PrefixedSignedXML(XmlElement element)
        : base(element)
    { }

    public PrefixedSignedXML()
        : base()
    { }

    public void ComputeSignature(string prefix)
        AsymmetricAlgorithm signingKey = this.SigningKey;
        if (signingKey == null)
            throw new CryptographicException("Cryptography_Xml_LoadKeyFailed");
        SignatureDescription description = CryptoConfig.CreateFromName(this.SignedInfo.SignatureMethod)as SignatureDescription;
        if (description == null)
            throw new CryptographicException("Cryptography_Xml_SignatureDescriptionNotCreated");
        HashAlgorithm hash = description.CreateDigest();
        if (hash == null)
            throw new CryptographicException("Cryptography_Xml_CreateHashAlgorithmFailed");
        this.GetC14NDigest(hash, prefix);
        this.m_signature.SignatureValue = description.CreateFormatter(signingKey).CreateSignature(hash);

    public XmlElement GetXml(string prefix)
        XmlElement e = this.GetXml();
        SetPrefix(prefix, e);
        return e;

    private void BuildDigestedReferences()
        Type t = typeof(SignedXml);
        MethodInfo m = t.GetMethod("BuildDigestedReferences", BindingFlags.NonPublic | BindingFlags.Instance);
        m.Invoke(this, new object[] { });

    private byte[] GetC14NDigest(HashAlgorithm hash, string prefix)
        XmlDocument document = new XmlDocument();
        document.PreserveWhitespace = false;//Aucune influence sur la signature
        XmlElement e = this.SignedInfo.GetXml();
        document.AppendChild(document.ImportNode(e, true));
        Transform canonicalizationMethodObject = this.SignedInfo.CanonicalizationMethodObject;
        SetPrefix(prefix, document.DocumentElement); 
        return canonicalizationMethodObject.GetDigestedOutput(hash);

    private void SetPrefix(String prefix, XmlNode node)
        foreach (XmlNode n in node.ChildNodes)
            SetPrefix(prefix, n);
        node.Prefix = prefix;

    public override XmlElement GetIdElement(XmlDocument document, string idValue)
        XmlElement matchingElement = null;
            matchingElement = base.GetIdElement(document, idValue);
        catch (Exception idElementException)

        if (matchingElement == null)
            // at this point, idValue = xpointer(//*[@authenticate='true'])
            string customXPath = idValue.TrimEnd(')');
            customXPath = customXPath.Substring(customXPath.IndexOf('(') + 1);
            matchingElement = xmlDocumentToSign.SelectSingleNode(customXPath) as XmlElement;
        return matchingElement;

Class RsaPkCs1Sha256SignatureDescription

public class RsaPkCs1Sha256SignatureDescription : SignatureDescription
    public static void Register()
    public RsaPkCs1Sha256SignatureDescription()
        KeyAlgorithm = "System.Security.Cryptography.RSACryptoServiceProvider";
        DigestAlgorithm = "System.Security.Cryptography.SHA256Managed";
        FormatterAlgorithm = "System.Security.Cryptography.RSAPKCS1SignatureFormatter";
        DeformatterAlgorithm = "System.Security.Cryptography.RSAPKCS1SignatureDeformatter";

    public override AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key)
        var asymmetricSignatureDeformatter = (AsymmetricSignatureDeformatter)CryptoConfig.CreateFromName(DeformatterAlgorithm);
        return asymmetricSignatureDeformatter;

    public override AsymmetricSignatureFormatter CreateFormatter(AsymmetricAlgorithm key)
        var asymmetricSignatureFormatter =
        return asymmetricSignatureFormatter;

Final signature result

    <?xml version="1.0" encoding="UTF-8"?>
<ebicsNoPubKeyDigestsRequest xmlns="" xmlns:ds="" xmlns:xsi="" xsi:schemaLocation="" Version="H003" Revision="1">
  <header authenticate="true">
    <mutable />
      <ds:CanonicalizationMethod Algorithm="" />
      <ds:SignatureMethod Algorithm="" />
      <ds:Reference URI="#xpointer(//*[@authenticate='true'])">
          <ds:Transform Algorithm="" />
        <ds:DigestMethod Algorithm="" />
  <body />

I'm really try everything and I don't understand why it not work :(

Thank you in advance !


Upvotes: 2

Views: 1514

Answers (0)

Related Questions