Problemas con XML signature

Pepe
07 de Diciembre del 2005
Tengo un problema al firmar un XML tipo Detached, resulta que genero la firma pero despues a la hora de verificarla siempre me da que no es valida, el codigo esta en c# y es el siguiente:

using System;
using System.IO;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Security.Cryptography.X509Certificates;
using System.Xml;
using System.Text;


public class GenerateXMLSecurity
{
String filename = "mireply.xml";
String elemento = "DATOS";
String result = "mireplyResult.xml";

static void Main(String[] args)
{


String filename = "mireply.xml";
String elemento = "DATOS";
String result = "mireplyResult.xml";

//Crea un objeto documento XML
XmlDocument document = new XmlDocument();
document.PreserveWhitespace = true;
document.Load(new XmlTextReader(filename));


// crea un objeto para manejar la etiqueta #signature.
SignedXml signedXml = new SignedXml(document);

//crea una referencia hacia el certificado fisico
X509Certificate Cert = X509Certificate.CreateFromCertFile("testCert.cer");

//referencia hacia el elemento que se va firmar.
Reference miref = new Reference();
miref.Uri = "#" + elemento;
signedXml.AddReference(miref);

RSA key = RSA.Create();
signedXml.SigningKey = key;



//crea la etiqueda #keyInfo con informacion de la clave publica

KeyInfo ki = new KeyInfo();
ki.AddClause(new KeyInfoX509Data(Cert));
signedXml.KeyInfo = ki;

signedXml.ComputeSignature();

XmlElement xmlDigitalSignature = signedXml.GetXml();

document.DocumentElement.AppendChild(xmlDigitalSignature);

document.Save(new XmlTextWriter(result, new UTF8Encoding(false)));

Console.WriteLine(xmlDigitalSignature.OuterXml);


}
}



y la firma que genera es es:

<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#DATOS">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>4rgxLlcXhrdub2nT69U85ulB+Fk=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>I9JHvThPvzWLcncIQM7zlT133SoEaiRsKP2/nHt36mG8V0W2iYUdF4BJxLulgS8wHlFnDdLcnZwIRTdt2LgUeaSymoQZZofYfObwb8G5wFlqC0CWPLwdrI8QlUPmUfjtVk0r0SDqxE4VmVBSdUwAU25j2th8CEzYdT8ya9OOOHc=</SignatureValue>
<KeyInfo>
<X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Certificate>MIIEUzCCA/2gAwIBAgIKDGKcXAAAAAAAJDANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQGEwJFUzESMBAGA1UECBMJQSBDT1JVTkhBMREwDwYDVQQHEwhTQU5USUFHTzEPMA0GA1UEChMGQ0lYVEVDMQ8wDQYDVQQLEwZDSVhURUMxFDASBgNVBAMTC0NBLVNJU1RFTUFTMB4XDTA0MTAwNTEyMjY1MVoXDTA1MTAwNTEyMzY1MVowcjELMAkGA1UEBhMCRVMxEjAQBgNVBAgTCUEgQ09SVU5IQTERMA8GA1UEBxMIU0FOVElBR08xDzANBgNVBAoTBkNJWFRFQzEPMA0GA1UECxMGQ0lYVEVDMRowGAYDVQQDExFjaXh0ZWNkZXNhcnJvbGxvMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyUDGw/5wAiLx0KVzA9/IQQSSa5w24S0aS+x46f5yCce43qfDd58VvkxR1rjddKxT4WY2a2mLZXeCDF8zbibj6Yblic0N8F8w3jOIKuI57Wl6mj9a20+hohpge6hl68jOPk4okdlRsL7ksjKa9LMIgbEmOuxaj12wcu4fbU6tRJ8CAwEAAaOCAjUwggIxMA4GA1UdDwEB/wQEAwIE8DATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUpFg6Hz5AFAQSTkVQwgnraOIL8EowgaUGA1UdIwSBnTCBmoAU0j/7HLf+gYxw5QYUtKlRQuAakgKhcKRuMGwxCzAJBgNVBAYTAkVTMRIwEAYDVQQIEwlBIENPUlVOSEExETAPBgNVBAcTCFNBTlRJQUdPMQ8wDQYDVQQKEwZDSVhURUMxDzANBgNVBAsTBkNJWFRFQzEUMBIGA1UEAxMLQ0EtU0lTVEVNQVOCEFKwjGvH5wSATTS9e0tySmowgYMGA1UdHwR8MHowOqA4oDaGNGh0dHA6Ly9zZXJ2LXNpczEuY2l4dGVjLmwvQ2VydEVucm9sbC9DQS1TSVNURU1BUy5jcmwwPKA6oDiGNmZpbGU6Ly9cXHNlcnYtc2lzMS5jaXh0ZWMubFxDZXJ0RW5yb2xsXENBLVNJU1RFTUFTLmNybDCBvAYIKwYBBQUHAQEEga8wgawwUwYIKwYBBQUHMAKGR2h0dHA6Ly9zZXJ2LXNpczEuY2l4dGVjLmwvQ2VydEVucm9sbC9zZXJ2LXNpczEuY2l4dGVjLmxfQ0EtU0lTVEVNQVMuY3J0MFUGCCsGAQUFBzAChklmaWxlOi8vXFxzZXJ2LXNpczEuY2l4dGVjLmxcQ2VydEVucm9sbFxzZXJ2LXNpczEuY2l4dGVjLmxfQ0EtU0lTVEVNQVMuY3J0MA0GCSqGSIb3DQEBBQUAA0EAY52IGCLW4cqMhvb/SQ28F0LZRZd8mbrOi3bL8+CnGkRDPFAAhzNI5S5vOSVZv9Q7Pn62gSZyuCYBfXYWIX/OGg==</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>

no se si es problema del algoritmo de encriptación o que puede ser, os agradeceria q me hecharais un cable es urgente, gracias.

Gabriel
07 de Diciembre del 2005
Yo utiliso el WSE 2.0 para firmar, pero me está saliendo el error: DecryptValue :(... y nosé como solucionarlo:

SignedXml sig = new SignedXml(doc);
sig.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigCanonicalizationUrl;
Reference rr = new Reference();
rr.Uri = \"\";

System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform trns = new System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform();

rr.AddTransform(trns);
sig.AddReference(rr);

KeyInfo keyinf = new KeyInfo();
keyinf.AddClause(new RSAKeyValue(clave));
keyinf.AddClause(new KeyInfoX509Data(certificado));

sig.KeyInfo = keyinf;
sig.SigningKey = clave;
sig.ComputeSignature();

XmlElement xmlDigitalSignature = sig.GetXml();