Hey Friends,
I have an xml given by our partner trying to integrating with us and i have
their certificate with public key installed in both personal and trusted
people folders.
when i am using the following code to check the signature of message signed
by my certificate i am able to verify the signature but when i am trying to
check the signature of the message of our partner using the same following
code i am not able to verify the message. the message sent by our partner is
right below the code.I would even be intrested in giving the public
certificate of the partner if anyone intrested in helping me out in finding
the bug.
I would be thankful if someone can reply to me what am i missing here.
XmlDocument aobDocument = new XmlDocument();

aobDocument.PreserveWhitespace = true;

aobDocument.Load(System.Web.HttpContext.Current.Server.MapPath("ReadSample/SampleMessengerCD.xml"));

X509Certificate2 FoundCert = RetrieveCertificate();//This method gets me the
certificate of the partner we are integrating with i have checked the method
and retrieves the proper certificate from the certificate store.

SignedXML SignedXML = new
SignedXML(aobDocument);//((XmlDocument)(soapEnv)));

XmlNode dsig = aobDocument.GetElementsByTagName("Signature",

SignedXml.XmlDsigNamespaceUrl)[0];

SignedXML.LoadXml((XmlElement)dsig);

if (SignedXML.CheckSignature(FoundCert, false))   //FoundCert is the
certificate of the partner thatz being retirieved from the store.

{

// Signature verified.

return true;

}

else

{

//Signature verification failed.

return false;

}

 <?xml version="1.0" encoding="UTF-8" ?>
- <B:Envelope xmlns:B="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:A="http://www.routeone.com/namespace.messaging.diag#"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <SOAP:Header
xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12"
xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
- <SOAP-SEC:Signature SOAP:mustUnderstand="1">
- <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"
xmlns:C="http://www.routeone.com/namespace.messaging.CreditApplication#"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext">
- <SignedInfo>
 <CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
 <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
- <Reference URI="#Body">
- <Transforms>
 <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
 </Transforms>
 <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
 <DigestValue>niQfM6RR1CP+V1Puf9FlaXRNcFQ=</DigestValue>
 </Reference>
 </SignedInfo>
 <SignatureValue>Ii68Od4N0zOe+UwJyBDe1aQlC1YbteOk4YNjyOal9m6f7KbO4SqPdaX4CJZIIt1Z5f7iOgzhK6nuCi08RPyqXPvdeuivNNOq6/4a7iJZxQD2PMAFBVAVwAuLmIRAh0u6MkzA/u0069JvP90mOpYtG1euXf5oSKI+XCmdSKIBjv5FNmg9XTaruy2cg3Iz+KOUInMPnG7AJcmJRnaLLr/5za6Bu1CgpeS0/aBVhf2xpF7/A9qa/sjiQR2dfwPM+InawXV94SD8HEd6QFzfE5WxrWLkVXOBeiCyNvYXX9CTcmPQFUnvVxA1+L9TMx4reb835ZT0Hi2aP2hu7PQiWAaFdw==</SignatureValue>
- <KeyInfo>
- <X509Data>
 <X509Certificate />
- <X509IssuerSerial>
 <X509IssuerName>OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97
VeriSign, OU=VeriSign International Server CA - Class 3, OU="VeriSign,
Inc.", O=VeriSign Trust Network</X509IssuerName>
 <X509SerialNumber>160283950701092051351433675048676869301</X509SerialNumber>
 </X509IssuerSerial>
 </X509Data>
 </KeyInfo>
 </Signature>
 </SOAP-SEC:Signature>
 </SOAP:Header>
- <B:Body id="Body"
xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12"
xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
- <A:Diagnostic>
- <A:DiagnosticMessage>
 <A:RequestMessage>100027</A:RequestMessage>
 </A:DiagnosticMessage>
 <A:SourceIdentifier>RouteOne</A:SourceIdentifier>
 </A:Diagnostic>
 </B:Body>
 </B:Envelope>