Signing an xml document using c# I continuously have signature verification issues because of the special characters, in concrete this one 'º' commonly used for addresses in Spain.
The encoding for this xml file is "ISO-8859-1", however if I use UTF-8 it works fine.
The method I use for signing is this one:
public static string SignXml(XmlDocument Document, X509Certificate2 cert)
{
SignedXml signedXml = new SignedXml(Document);
signedXml.SigningKey = cert.PrivateKey;
// Create a reference to be signed.
Reference reference = new Reference();
reference.Uri = "";
// Add an enveloped transformation to the reference.
XmlDsigEnvelopedSignatureTransform env =
new XmlDsigEnvelopedSignatureTransform(true);
reference.AddTransform(env);
XmlDsigC14NTransform c14t = new XmlDsigC14NTransform();
reference.AddTransform(c14t);
KeyInfo keyInfo = new KeyInfo();
KeyInfoX509Data keyInfoData = new KeyInfoX509Data(cert);
keyInfo.AddClause(keyInfoData);
signedXml.KeyInfo = keyInfo;
// Add the reference to the SignedXml object.
signedXml.AddReference(reference);
// Compute the signature.
signedXml.ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement xmlDigitalSignature = signedXml.GetXml();
Document.DocumentElement.AppendChild(
Document.ImportNode(xmlDigitalSignature, true));
return Document.OuterXml;
}
Taken from: http://www.wiktorzychla.com/2012/12/interoperable-xml-digital-signatures-c_20.html
And this is how I call it:
static void Main(string[] args)
{
string path = ".\\DATOS\\Ejemplo.xml";
string signedDocString = null;
XmlDocument entrada = new XmlDocument();
entrada.Load(path);
X509Certificate2 myCert = null;
X509Store store = new X509Store(StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
var certificates = store.Certificates;
foreach (var certificate in certificates)
{
if (certificate.Subject.Contains("XXXX"))
{
Console.WriteLine(certificate.Subject);
myCert = certificate;
break;
}
}
if (myCert != null)
{
signedDocString = SignXml(entrada, myCert);
}
if (VerifyXml(signedDocString))
{
Console.WriteLine("VALIDO");
}
else
{
Console.WriteLine("NO VALIDO");
}
Console.ReadLine();
}
The xml document must use the encoding ISO-8859-1, this is not optional. And I cannot suppress the special characters.
Any suggestion about how to handle this?
my fault.
In the verification method I was using utf8:
public bool VerifyXml( string SignedXmlDocumentString )
{
byte[] stringData = Encoding.UTF8.GetBytes( SignedXmlDocumentString );
using ( MemoryStream ms = new MemoryStream( stringData ) )
return VerifyXmlFromStream( ms );
}
In that step I was altering the encoding and so the document content wasn't the same as the original one. Quite newbie error.
The solution:
public static bool VerifyXml(XmlDocument SignedXmlDocument)
{
byte[] stringData = Encoding.Default.GetBytes(SignedXmlDocument.OuterXml);
using (MemoryStream ms = new MemoryStream(stringData))
return VerifyXmlFromStream(ms);
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.