How to hash XML file to sha256 then encoded base64 in C#

Question

I have this xml file content:

<xades:SignedProperties xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" Id="xadesSignedProperties">
                                    <xades:SignedSignatureProperties>
                                        <xades:SigningTime>2022-05-31T20:38:47Z</xades:SigningTime>
                                        <xades:SigningCertificate>
                                            <xades:Cert>
                                                <xades:CertDigest>
                                                    <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                                                    <ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">NjlhOTVmYzIzN2I0MjcxNGRjNDQ1N2EzM2I5NGNjNDUyZmQ5ZjExMDUwNGM2ODNjNDAxMTQ0ZDk1NDQ4OTRmYg==</ds:DigestValue>
                                                </xades:CertDigest>
                                                <xades:IssuerSerial>
                                                    <ds:X509IssuerName xmlns:ds="http://www.w3.org/2000/09/xmldsig#">CN=TSZEINVOICE-SubCA-1, DC=extgazt, DC=gov, DC=local</ds:X509IssuerName>
                                                    <ds:X509SerialNumber xmlns:ds="http://www.w3.org/2000/09/xmldsig#">2475382876776561391517206651645660279462721580</ds:X509SerialNumber>
                                                </xades:IssuerSerial>
                                            </xades:Cert>
                                        </xades:SigningCertificate>
                                    </xades:SignedSignatureProperties>
                                </xades:SignedProperties>

and I am trying to hash sha256 it and encoded base65 but it gives me different value from online tools:

C# code:

using System;
using System.IO;
using System.Xml;
using System.Text;
using System.Security.Cryptography;

        string hashxades = @"D:\xades.xml";

        try
        {
                StringBuilder Sb = new StringBuilder();
                using (SHA256 hash = SHA256Managed.Create())
                {
                    Encoding encode = Encoding.UTF8;
                    Byte[] result = hash.ComputeHash(encode.GetBytes(hashxades));
                    foreach (Byte bytes in result)
                        Sb.Append(bytes.ToString("x2"));
                }

                string stringHex = Sb.ToString();
                string value = Convert.ToBase64String(Encoding.UTF8.GetBytes(stringHex));
            Console.WriteLine(value);

        }
        catch (Exception e)
            {
            }

the value from code:

MjkyOWE0NjAzZWFlNDZhOTUzYTJhODhiZDg5NGRhZWFhNTIzZmYwNjMzOTVmMDRkYmIyYzcxYjFhODBhNWU0Mg==

the correct value from online is:

ODEyNjQ1OWE2MDE0NDI1MmE1ODc0NWI2YmZmNTE2NWM5NDQ2NzNjMjM2MGFiZGI2ZWI3NjQzY2ZmZjJhNzRhZA==

Answer 1

You are not base64-encoding the actual byte data of the SHA256 hash.

You are base64-encoding the byte values of the characters in the string containing the hexadecimal representation of the SHA256 hash.

Not sure why you you did it that way, but in all likelihood the solution should be rather simple: Just skip all the stuff you do with converting the SHA256 hash byte data to a hex string and just base64-encode the byte array with the SHA256 hash byte data directly.

Additionally, using encode.GetBytes(hashxades) as source data to be hashed is pointless. Your code is hashing the UTF-8 text string " D:\xades.xml ". Your code is not hashing the content of the xades.xml file. It is just hashing the character values that make up the UTF-8 text " D:\xades.xml ". If you want to hash the file content, you have to read the file content into a byte array (for example by using System.IO.File.ReadAllBytes) and hash that byte array.