none
XML signature with namespace in signed object RRS feed

  • Question

  • Hi all,

    I have the following code for signing a xml with x509 key:

                XmlDocument x_doc = new XmlDocument();
                x_doc.Load(args[0]);
    
                KeyInfo keyInfo = new KeyInfo();
                X509Certificate2 x509Cert = new X509Certificate2(args[1], args[2]);
                KeyInfoX509Data keyData = new KeyInfoX509Data(x509Cert);
                X509IssuerSerial x509Serial;
                x509Serial.IssuerName = x509Cert.IssuerName.Name;
                x509Serial.SerialNumber = x509Cert.SerialNumber;
                keyData.AddIssuerSerial(x509Serial.IssuerName, x509Serial.SerialNumber);
                keyData.AddSubjectName(x509Cert.SubjectName.Name);
                keyInfo.AddClause(keyData);
    
                DataObject x_obj = new DataObject();
                x_obj.Data = x_doc.GetElementsByTagName("MyMessage");
                x_obj.Id = "Res0";
    
                Reference x_ref = new Reference();
                x_ref.Uri = "#Res0";            
    
                SignedXml x_signed_xml = new SignedXml();            
                
                x_signed_xml.AddReference(x_ref);
                x_signed_xml.AddObject(x_obj);
                x_signed_xml.KeyInfo = keyInfo;
                x_signed_xml.SigningKey = x509Cert.PrivateKey;
    
                x_signed_xml.ComputeSignature();
    

    It generate the result:

    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
    <SignedInfo>
    <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
    <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
    <Reference URI="#Res0">
    <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
    <DigestValue>jKH2x08NT8DPpQKOK2SHGrUD5K0=</DigestValue>
    </Reference>
    </SignedInfo>
    <SignatureValue>WKcIclWLZvFbijGWDk/.....XV1Qr4W7eR8lnyeZD/rycngYu30s5ErzgezGv1pDeFglbwQ=</SignatureValue>
    <KeyInfo>
    <X509Data>
    <X509IssuerSerial>
    <X509IssuerName>CN=xxxxxxx, OU=xxxxx, O=xxxxxxx, C=xx</X509IssuerName>
    <X509SerialNumber>123456789</X509SerialNumber>
    </X509IssuerSerial>
    <X509SubjectName>CN=xxxxx, OU=123456789, O=xxxxxxx, C=xx</X509SubjectName>
    <X509Certificate>MIIDsDCCApigAwIB....AgIEdzWlKjANBgkqhkiG9wGUCUCH4U</X509Certificate>
    </X509Data>
    </KeyInfo>
    <Object Id="Res0">
    <MyMessage ...... >

    But I want the signed object to contain a namespace like this:

    <dsig:Object xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="Res0" xmlns="">

    How can I do this? 

    Thank you very much!

    Thursday, May 3, 2012 9:00 AM

Answers

All replies