XML Signing using PKCSInterop( .net) for Aadhaar authentication

[Mac]

Hi,

I am using PKCS11 and bouncy castle libraries to achieve XML signing. Bouncy castle and PKCS11 with Luna HSM don’t provide any API for signing and verifying xml specifically. It can perform data signing.

 I am converting my xml to byte[] and then preparing signature value from session.sign method using PKCS Interop. 

                       XmlDocument doc = new XmlDocument();

                        // Load the passed XML file using its name.

                        doc.Load(new XmlTextReader(FileName));

                        byte[] xmlData = Encoding.UTF8.GetBytes(doc.InnerXml);

                        byte[] signedXmlData = session.Sign(mech, privateKey, xmlData);

I am thinking of preparing each element of below Signature element manually. Do you think it is right way to proceed? If no, could you point me towards right direction?

<Signature ID?> 
     <SignedInfo>
       <CanonicalizationMethod/>
       <SignatureMethod/>
       (<Reference URI? >
         (<Transforms>)?
         <DigestMethod>
         <DigestValue>
       </Reference>)+
     </SignedInfo>
     <SignatureValue> 
    (<KeyInfo>)?
    (<Object ID?>)*

</Signature>

My requirement also asks for exporting public key or certificate in KeyInfo node of signature element to verify the signature. . I am only able to access private and public key handles. I am not sure that we will be able to export them or not. 

Could anyone help a way out to achieve the above requirement?

Thanks and Regards

Mac

[gholo...@gmail.com]

I reply this question in Stackoverflow : https://stackoverflow.com/questions/46440422/how-can-i-convert-the-private-key-stored-in-hsm-to-signedxml-signingkey-in-c-sha/46789582#46789582