XML DSIG: Enveloping signature transform in .NET

Question

I'm using the XmlDsigEnvelopedSignatureTransform to digitally sign an XML file using an RSA private key.

However, what I really want is to sign the xml using an "enveloping" signature. Does .NET have native support for that?

By the way, here's my code:

public static void SignXml(XmlDocument xmlDoc, RSA key)
{
    // Check arguments.
    if (xmlDoc == null)
        throw new ArgumentException("xmlDoc");
    if (key == null)
        throw new ArgumentException("Key");

    SignedXml xml = new SignedXml(xmlDoc);            
    xml.SigningKey = key;

    Reference reference = new Reference();
    reference.Uri = "";

    XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(true);                        

    reference.AddTransform(env);

    xml.AddReference(reference);

    xml.ComputeSignature();

    XmlElement element = xml.GetXml();

    MessageBox.Show(element.OuterXml);

    xmlDoc.DocumentElement.AppendChild(xmlDoc.ImportNode(element, true));

}

Rasmus Faber · Accepted Answer · 2012-02-13 10:07:32Z

4

If your signature is not a sub-element of the signed data you do not need the Enveloped Signature Transform.

So just skip the XmlDsigEnvelopedSignatureTransform and perform the signature as you would otherwise:

public XmlElement SignXml(XmlDocument xmlDoc, RSA key)
{
  SignedXml xml = new SignedXml();            
  xml.SigningKey = key;

  // Add the data to be signed as a sub-element of the Signature-element:
  DataObject dataObject = new DataObject();
  dataObject.Data = xmlDoc.ChildNodes;
  dataObject.Id = "doc";
  xml.AddObject(dataObject);

  // Add a reference to the signed data:
  Reference reference = new Reference();
  reference.Uri = "#doc";
  xml.AddReference(reference);  

  // Perform the signature. No transforms are needed.
  xml.ComputeSignature();

  return xml.GetXml();
}

edited Feb 13, 2012 at 10:07

answered Feb 9, 2012 at 19:25

Rasmus Faber

49.9k25 gold badges149 silver badges193 bronze badges

Sign up to request clarification or add additional context in comments.

1 Comment

Ian Over a year ago

How can I do this? I've pasted my code above. Can you show me how to do this?

Collectives™ on Stack Overflow

XML DSIG: Enveloping signature transform in .NET

1 Answer 1

1 Comment

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

1 Answer 1

1 Comment

Your Answer

Sign up or log in

Post as a guest

Linked

Related