.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Verification of signature "revocation server was offline"

Posted By:      Posted Date: September 02, 2010    Points: 0   Category :.NET Framework
Hi, I have to verify a (detached) signature from a third party. I am using System.Security.Cryptography.Pkcs.SignedCMS (VS2008) to validate the Signature. The verification of the data works fine. But when I try to verify the used certificates I always get that the intermediate certificate is not valid. The ChainStatus returns RevocationStatusUnknown (UnknownError) and OfflineRevocation (UnknownError) even if I set the RevocationMode to NoCheck on the chain. Dim byteData() As Byte = IO.File.ReadAllBytes(DataFile.FullName) Dim byteSignature() As Byte = IO.File.ReadAllBytes(SignatureFile.FullName) Dim ciData As New Pkcs.ContentInfo(New Oid("data"), byteData) Dim Verifier As New Pkcs.SignedCms(ciData, True) Try Verifier.Decode(byteSignature) Verifier.CheckSignature(True) Catch crex As CryptographicException ' Signature is not valid Catch ex As Exception ' Verification failed End Try For Each SignatureCertificate As X509Certificates.X509Certificate2 In Verifier.Certificates Dim certChain As New X509Certificates.X509Chain(True) certChain.Build(SignatureCertificate) ' Build the certificate chain from the signers certificate certChain.ChainPolicy.RevocationMode = X509Certificates.X509RevocationMode.NoCheck For Each certElement As X509Certificates.X509ChainElement In certChain.ChainElements If Not certElement.Certificate.Verify() Then ' Cert

View Complete Post

More Related Resource Links

Digital Signatures: Application Guidelines on Digital Signature Practices for Common Criteria Securi


This article is an overview of digital signature practices and user considerations necessary to write applications in compliance with ISO/IEC 15408 Common Criteria security. Signing categories are described, including those that are a potential risk to the implied trust association that goes with a digital signature.

Jack Davis

MSDN Magazine November 2009

Infopath cannot load this form. Either the signature is corrupted, or the certificatie used to sign



I have a whole bunch of forms contains errors like whenever you try to open it up.

Infopath cannot load this form.  Either the signature is corrupted, or the certificatie used to sign this form is expired or revoked.

The forms were orginally created with digital signature with it.  But we were in the middle of transition from one company to another company.  The digital signature was no longer valid.  Actually, the certificate should have been expired by now.  I removed all the signatures for all of the forms.  So they can continue using the forms to fill in the information.  The problem right now, is trying to open the old forms with digital signature on it.   Not only the company has changed.  We also moved sharepoint from the old server to the new server.

Any idea to resolve th

Digital Signatures Verification Error


Hey all;


Not 100% sure this is a sharepoint problem, but maybe someone can help.  I am installing a digital signature block that is being made available on a browser form.  The sig is working, but I can not get a valid signature on the form.  I am told there is a Digital Signatures Verification Error. 


Reading other posts tells me that I have to have my signature cert in the trusted Root authority of the sharepoint server.  Here is the rub..


When I use certificate manager, I s

SQL Server JDBC: java.lang.SecurityException: Invalid signature file digest?

Hi I am following these instructions for using SQL Server JDBC driver and using sqljdbc4.jar file: http://msdn.microsoft.com/en-us/library/ms378526.aspx When registering the driver to instruct JDBC Driver Manager which driver to load: Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver"); It throws and exception: java.lang.SecurityException: Invalid signature file digest for Manifest main attributes What does this mean and how do I resolve it? NOTE: I followed a similar posting, but it did not resolve it: com.microsoft.sqlserver.jdbc.SQLServerException.class throws java.lang.SecurityException: http://social.msdn.microsoft.com/Forums/en-US/sqldataaccess/thread/ab35688e-ca33-423e-a9bd-54e30fcb5091/ Thanks Jeff in Seattle

XML Signature xsd and Validation Error: Wildcard '##any' allows element causes the content model t

Hello,I'm trying to generate WCF client from Customer's WCF Service which has XML Signature options enabled.When trying to generate client proxy using svcutil I get following errors: Microsoft (R) Service Model Metadata Tool [Microsoft (R) Windows (R) Communication Foundation, Version 3.0.4506.2152] Copyright (c) Microsoft Corporation. All rights reserved. Attempting to download metadata from 'http://donex:51343/WebServices /Service.svc' using WS-Metadata Exchange or DISCO. Error: There was a validation error on a schema generated during export: Source: Line: 1 Column: 13464 Validation Error: Wildcard '##any' allows element 'http://www.w3.org/2000/09/ xmldsig#:HMACOutputLength', and causes the content model to become ambiguous. A content model must be formed such that during validation of an element informati on item sequence, the particle contained directly, indirectly or implicitly ther ein with which to attempt to validate each item in the sequence in turn can be u niquely determined without examining the content or attributes of that item, and without any information about the items in the remainder of the sequence. Error: There was a validation error on a schema generated during export: Source: Line: 1 Column: 14410 Validation Error: Wildcard '##any' allows element 'http://www.w3.org/2000/09/ xmldsig#:XPath', and cau

Why does WCF add two Signature elements in the SOAP header when using a TransportSecurityBindingEle

I try to call a web service that implements the following standards from a WCF client:   WS-I Basic Security Profile Version 1.0 Web Services Security X.509 Certificate Token Profile, OASIS Standard X.509 used for digitally signing digests of uploaded files and web service requests SOAP 1.1/1.2. HTTPS 1.1 I use the a CustomBinding created in the following maner: HttpsTransportBindingElement httpsTransport = new HttpsTransportBindingElement(); httpsTransport.ProxyAddress = new Uri("http://myproxy:8080"); httpsTransport.UseDefaultWebProxy = false; // the message security binding element will be configured to require // a client certificate used to sign the message TransportSecurityBindingElement messageSecurity = SecurityBindingElement.CreateCertificateOverTransportBindingElement(); // Create supporting token parameters for the client X509 certificate. X509SecurityTokenParameters clientX509SupportingTokenParameters = new X509SecurityTokenParameters(); // Specify that the supporting token is passed in message send by the client to the service clientX509SupportingTokenParameters.InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient; // Turn off derived keys clientX509SupportingTokenParameters.RequireDerivedKeys = false; // Augment the binding element to require the client's X509 certificate as an endorsing token i

Signature Capture App

Hi, I have a project at work that I would like to build using asp.net mobile controls. However I have one problem. Part of the mobile app requires that a signature is captured. Can anyone suggest a awy of doing this? The only way I can think of is to use GDI, but that would require use of the .net compact framework. Even using GDI, there is still the problem of getting that back to the server. Any suggestion would be very welcome, Mark

SharePoint read/recognize a Digital Signature in Word (XML Content Control Mapping)?

I am using Content Control Mapping to pull certain fields from a Word Document and include it as columns when a document is uploaded into a Document Library. We're using MOSS 2007 and Word 2007. It is required that the user digitally signs the document before uploading.  Is there a way to get the signature to appear as a column in a similar fashion?  I'm new to this mapping business, and Google hasn't been much help. I realize I could use the Collect Signatures workflow, but that seems cumbersome to 1) have the user submit it, 2) have an admin open each document and start the workflow and 3) have the user THEN sign the document.  That's more steps than simply manually opening and verifying digital signatures. I figure I'm missing something obvious here.  Any help or ideas would be appreciated.

imagebutton, sub signature, by ref

Hi Below is my codeThe first 3 lines are run in the DataList1_ItemDataBound event and they call the sub below, of which there is the opening line.My question is if I change the signature from System.Web.UI.WebControls.Image toSystem.Web.UI.WebControls.ImageButton this still works and vice versa so it'll work in the found control is either a imagebutton or image.1. Can anyone explain why it does work fine either way?2. The ByVal ImgProfile As System.Web.UI.WebControls.Image, should this be ByRef, aren't controls passed by reference rather than value?Or I am getting this mixed up. The reason why I say this is I can modify the image control that's passed in and if it was passed by value then I shouldn't be able to modify the control, or should I?Dim Image1 As ImageImage1 = CType(e.Item.FindControl("ImageButton1"), Image)DisplayImage(UserID, Image1)Protected Sub DisplayImage(ByVal pUserID As String, ByVal pImgProfile As System.Web.UI.WebControls.Image)thanks.

.NET Framework 4 installs, but .NET4 Applications won't run and verification fails

I have the same problem described in following thread: http://social.msdn.microsoft.com/Forums/en/netfxsetup/thread/d8601382-83a4-4039-a71b-3b68dcdc6e26 I'm running Windows 7 x64 Ultimate I installed the .NET Framework 4 Client Profile and even tried installing the FULL/Extended edition the install appears to go in just fine, no errors or anything. Once I try to run a program it fails to work, I tried to verify my .NET4 installation using this tool... http://blogs.msdn.com/b/astebner/archive/2008/10/13/8999004.aspx It ALWAYS fails the verification no matter how many times I uninstall/clean up and reinstall... Here is a snippet from the verifier log... .....[07/22/10,17:35:35] Section [Registry - .NET Framework 4 Full (Wow6432Node)] - stop parsing entries [07/22/10,17:35:35] Processing custom action 'Custom Action - .NET Framework 4.0 test application' [07/22/10,17:35:35] ExecutablePath = 'Netfx40TestApplication.exe' [07/22/10,17:35:35] FriendlyName = '.NET Framework 4 test application' [07/22/10,17:35:35] TimeoutSeconds = '300' [07/22/10,17:35:35] WaitOnExit = 'true' [07/22/10,17:35:35] Silent = 'true' [07/22/10,17:35:35] Launching process 'Netfx40TestApplication.exe' now [07/22/10,17:35:35] Process successfully launched. Waiting 300 seconds for it to complete. [07/22/10,17:35:35] ****ERROR**** Process 'Netfx40TestApplication.exe' exited with return

SSIS 2005 - Send Mail Task - signature appended to email is garbled - unicode problem?

Hi, I'm pretty new to SSIS so go easy on me. I have a Send Mail Task to notify if a file cannot be imported - the mailbody is created on the previous step by a VB.NET script task to include the name of the file and the path it's been archived to. The problem I'm having is that while the body of the email I've created is displaying fine, our company's Exchange server appends a signature to all emails, and this is coming up as undisplayable characters, presumably due to some kind of unicode encoding problem. I've tried casting the email body in an expression to DT_STR (doesn't work as DT_STR "cannot be converted to a supported type" which seems a bit odd but never mind), DT_WSTR (garbled signature), DT_TEXT/DT_NTEXT (strange error on this one - "Attempted to read or write protected memory") none of those ideas worked, and I'm a bit stumped now. Can anyone help? I'm using SSIS 2005 with SP3

Security Context Token verification failed. (The security protocol cannot verify the incoming messag

Hello, I would like implement Message Lever security with username/password authentication on HTTP. My environment looks something like this.  Server Side - Message lever security is configured on service.           <security mode="Message">             <message clientCredentialType="UserName" negotiateServiceCredential="True"/>           </security> - CA and self signed certificates are created on server and configured. ServiceCredentials are looks like this <serviceCredentials> <serviceCertificate findValue="CertForIdm" storeLocation="LocalMachine" storeName="My" x509FindType="FindByIssuerName" /> <userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="IfMembershipProvider" /> </serviceCredentials> Client Side (References are generated by VS) - Binding configuration                 <binding name="WSHttpBinding_IWaypoint2" closeTimeout="00:11:00"                     openTimeout="00:11:00" receiveTimeout="00:10:00" sendTimeout="00:11:00"  &nb

How can i route to different actions having same signature if i don't want to pass action name in U

I am having one controller Test having following actions (1)public ActionResult ABC (string parameter1, string parameter2)       (2)public ActionResult XYZ (string parameter1, string parameter2,string parameter3, string parameter4)       i have added following html.routelinks  <%= Html.RouteLink("ABC","ABC", new { parameter1 = 100, parameter2 = 200 } )%><br /> <%= Html.RouteLink("XYZ", "XYZ", new { parameter1 = 1000 , parameter2 = 2000 }) %> last two parameters in XYZ action are optionals so i have not passed them in Html.routelink  routes.MapRoute("ABC", "Test/{parameter1}/{parameter2}", new { controller = "Test", action = "ABC", parameter1= 0,parameter2=0 }); routes.MapRoute("XYZ", "Test/{parameter1}/{parameter2}/{parameter3}/{parameter4}", new { controller = "Test", action = "XYZ", parameter1=0,parameter2=0 ,parameter3=UrlParameter.Optional,parameter4=UrlParameter.Optional}); In above senario in both cases same route "ABC" is called eventhough i have clicked on second Html.routelink.can anyone solve this issue ? how can i route according to route name instead of number of parameters?

.NET Framework 4 installs, but .NET4 Applications won't run and verification fails

I seem to have the same problem as these good people, http://social.msdn.microsoft.com/Forums/en/netfxsetup/thread/58ff584d-e849-49e7-8c17-563296602017 http://social.msdn.microsoft.com/Forums/en/netfxsetup/thread/d8601382-83a4-4039-a71b-3b68dcdc6e26 .NET 4 installs (reporting no overt errors).. but will fail verification with this message. .NET 4 applications fail to run. [07/22/10,17:35:35] Launching process 'Netfx40TestApplication.exe' now [07/22/10,17:35:35] Process successfully launched. Waiting 300 seconds for it to complete. [07/22/10,17:35:35] ****ERROR**** Process 'Netfx40TestApplication.exe' exited with return code -2146232576 [07/22/10,17:35:35] ****ERROR**** Verification failed for product .NET Framework 4 Full I do get this event log error when installing .net 4.0 full version , but not the client. Of course neither one works. ErrorCode 2149842967   ErrorString    CommandLine wusa.exe "G:\e1781735b278c4779d6d\Windows6.1-KB958488-v6001-x64.msu" /quiet /norestart  Steps already taken to troubleshoot this include fully uninstalling .NET 4.0 and reinstalling (both client and full); reinstalling .NET 4.0 over itself with a repair install; installing .NET 4.0 full over a client install; I've also run full disk scans etc., and my system is fully up to date with Windows Updates. Any one know what that error code means? Maybe it can he

WCF Exception "Message security verification failed" only with header!

Hi, I've got a WCF service doing Username authentication. I authenticate with AD and authorize using AzMan on AD. I'm hosting the service in IIS 6 and its running in an app pool that runs in a domain account that has read rights on the AD. I have a custom header that goes both ways. Everything works well until I assign the custom header to return. If I never assign the custom header to return everything is ok but if I do assign the custom header to return I get the error:- Message security verification failed.Duplicate attribute found. Both 'u:Id' and 'u:Id' are from the namespace 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'. Line 1, position 520. I've got service level message tracing and I can see the secure conversation stuff happening and the messages going across the interface.   If anyone has any ideas I'd be most appreciative.   Thanks,   Andy

Problem signature with Other Framework


My Application build in .net framework 3.5.


when I am trying to run it into a server 2008 system,  The following error comes



  Stopped working

Problem signature:
  Problem Event Name: CLR20r3
  Problem Signature 01: MyApp.exe
  Problem Signature 02:
  Problem Signature 03: 4c6fc832
  Problem Signature 04: FusionRetail
  Problem Signature 05:
  Problem Signature 06: 4c6fc832
  Problem Signature 07: 7f
  Problem Signature 08: c6
  Problem Signature 09: System.InvalidOperationException
  OS Version: 6.0.6002.
  Locale ID: 1033

Read our privacy statement:
  http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409 [^]


I uninstall the existing framework and then again install framework 3.5. but the problem still remaining.

What's the acrual problem ?

Trying to download evaluation copy of Sharepoint but get redirected to email address verification pa


I am trying to download an evaluation copy of Sharepoint but get redirected to a page that says "Verify Ownership of your E-mail Address."  Specifically:

1. I log into Windows Live.

2. I go to http://technet.microsoft.com/en-us/evalcenter/ee388573.aspx

3. I make a selection in "Select a version to download", such as "SharePoint server for internet sites, Standard".

4.  I click on the "Get Started Now" button

At this point a redirect takes me to the page with heading "Verify Ownership of your E-mail Address." But I have already verified this, otherwise I couldn't log in to Windows Live, right?

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend