locked
Change Canonicalization method for X509 signature RRS feed

  • Question

  • User-2096461057 posted

    Hello,

    I need to sign a document by using a X509 certificate private key. I would like to have the canonicalization algorithm in the SignedInfo to be:

    <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>

    However when I sign the document, the canonicalization algorithm is 

    <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>

    In the signed document everything is as it is supposed to be (I am comparing with another correctly signed document), even the transformation algorithms, however I do not find a way to force the code to use a different canonicalization algorithm. At the beginning the System.Security was pointing to 2.0 framework, then I changed to 4.5 but no success. Following there is the code I use.  Anybody knows how to do it?

    X509Certificate2 cert2 = GetCertificateHelper(_thumbprint);
    
    SignedXml sig = new SignedXml(doc);
         
    sig.SigningKey = cert2.PrivateKey;
          
    Reference reference = new Reference();
    
    reference.Uri = String.Empty;
    reference.Uri = "#" + referenceValue; //The id of the document
    
    XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
    XmlDsigExcC14NTransform env2 = new XmlDsigExcC14NTransform();
     
    reference.AddTransform(env);
    reference.AddTransform(env2);
    
    sig.AddReference(reference);
    
    KeyInfo keyInfo = new KeyInfo();
    KeyInfoX509Data keyData = new KeyInfoX509Data(cert2);
    
    keyInfo.AddClause(keyData);
                
    sig.KeyInfo = keyInfo;
    
    sig.ComputeSignature();
    
    XmlElement xmlDigitalSignature = sig.GetXml();

    Wednesday, September 3, 2014 5:57 AM

Answers