How to verify an XML digital signature in Cocoa?

Posted by Geoff Smith on Stack Overflow See other posts from Stack Overflow or by Geoff Smith
Published on 2010-05-29T23:45:16Z Indexed on 2010/05/29 23:52 UTC
Read the original article Hit count: 424

Filed under:

cocoa

|

openssl

|

xmlsec

I have a C# application that uses XML digital signatures to sign license files. I've used the standard Microsoft approach described here.

I'm porting the application to the MAC and need to verify the signature. My general question is how best to do this?

This is what I've done:

I've used macport to install Aleksey's xmlsec1 library.
Used the Chilkat library to convert my XML public key to a PEM file

Chilkat.PublicKey pubKey = new Chilkat.PublicKey(); pubKey.LoadXml(publicKeyXml); pubKey.SaveOpenSslPemFile("publicKey.pem");
Compiled and ran the alekseys sample program. See (http://www.aleksey.com/xmlsec/api/xmlsec-verify-with-key.html) to verify an XML dsig.

Result: my license files fail to validate. The call to xmlSecDSigCtxVerify fails with status=unknown. Now for my specific question: What can I do next?

Geoff

© Stack Overflow or respective owner

Related posts about cocoa

MVC - Cocoa interface - Cocoa Design pattern book

as seen on Stack Overflow - Search for 'Stack Overflow'
So I started reading this book: http://www.amazon.com/Cocoa-Design-Patterns-Erik-Buck/dp/0321535022 On chapter 2 it explains about the MVC design pattern and gives and example which I need some clarification to. The simple example shows a view with the following fields: hourlyRate, WorkHours, Standarthours… >>> More
Drag String data from My Cocoa App to Third-Party Cocoa App

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello, I want to drag a row from my tableview and drop it into any other NSTextField in Mac OS X 10.6, and have a string of text be dropped. Drag and drop already works within my app (between a NSTableView and an NSBrowser), but I have had no success putting any data on the pasteboard that can… >>> More
Cocoa equivalent of the Carbon method getPtrSize

as seen on Stack Overflow - Search for 'Stack Overflow'
I need to translate the a carbon method into cocoa into and I am having trouble finding any documentation about what the carbon method getPtrSize really does. From the code I am translating it seems that it returns the byte representation of an image but that doesn't really match up with the name… >>> More
String formatting in cocoa

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi I am trying to send some text in an email from my cocoa app (by using Mail.app). Initially I tried using HTML to send properly formatted text. But the mailto: URL does not support html tags (even after setting headers) So I decided to use formatted string (left-aligning of string) This is what… >>> More
Anyone know the state of cocoa#?

as seen on Stack Overflow - Search for 'Stack Overflow'
Having just updated Mono to 2.6.3 (on OS X), I noticed in the installer that cocoa# 0.9.5 is also installed. However using MonoDevelop there are no cocoa# project templates by default, and I was wondering if anyone knew more about creating cocoa# apps. If you goto the cocoa# page on the Mono site… >>> More

Related posts about openssl

Redhat | Openssl installation error

as seen on Server Fault - Search for 'Server Fault'
make -f objs/Makefile make[1]: Entering directory `/root/fuse-ssh/nginx-0.7.65' cd /usr/bin/openssl \ && make clean \ && ./config --prefix=/usr/bin/openssl/.openssl no-shared no-threads \ && make \ && make install /bin/sh: line 0: cd:… >>> More
Redhat | Openssl installation error

as seen on Stack Overflow - Search for 'Stack Overflow'
make -f objs/Makefile make[1]: Entering directory `/root/fuse-ssh/nginx-0.7.65' cd /usr/bin/openssl \ && make clean \ && ./config --prefix=/usr/bin/openssl/.openssl no-shared no-threads \ && make \ && make install /bin/sh: line 0: cd:… >>> More
Upgrade OpenSSL 0.9.8k to OpenSSL 1.0.1c on Ubuntu 10.04

as seen on Server Fault - Search for 'Server Fault'
We're currently using Ubuntu 10.04 and based on the PCI Compliance results, we're told to upgrade our OpenSSL. I attempted to do this using this reference: http://sandilands.info/sgordon/upgrade-latest-version-openssl-on-ubuntu and http://www.lunarforums.com/dedicated_web_hosting_at_lunarpages/upgrading_openssl-t35015… >>> More
Installing OpenSSL that supports SNI along with previous version of OpenSSL

as seen on Server Fault - Search for 'Server Fault'
So I learned that to host multiple HTTPS websites on the same IP address you need an OpenSSL version that supports SNI (0.9.8f and higher). My RHEL5 box currently has 0.9.8e and Apache version httpd-2.2.26-2.el5. According to a same question here it's not a good idea to replace the original version… >>> More
Solaris X86 AESNI OpenSSL Engine

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Solaris X86 AESNI OpenSSL Engine Cryptography is a major component of secure e-commerce. Since cryptography is compute intensive and adds a significant load to applications, such as SSL web servers (https), crypto performance is an important factor. Providing accelerated crypto hardware greatly… >>> More