Given the following, how do I get the plain xml without the security
elements (i.e. the original xml before the security was added) in the
VerifyXML() method. TIA.
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Xml;
using System.IO;
namespace SocketServers.NetFile
{
/// <summary>
/// Summary description for SecXML.
/// </summary>
public class SecXML
{
private RSA key;
public SecXML()
{
}
public string CreateXML(string xmlString)
{
XmlDocument doc = new XmlDocument();
//doc.PreserveWhitespace = true;
doc.LoadXml(xmlString);
SignedXml sig = new SignedXml(doc);
key = new RSACryptoServiceProvider();
//string privateKey = key.ToXmlString(true);
//string publicKey = key.ToXmlString(false);
//Console.WriteLine("Private Key:" + privateKey);
//Console.WriteLine("Public Key:" + publicKey);
//After this, save the public and private keys using a StreamWriter, and
re-use them in code like so:
//RSACryptoServiceProvider csp = new RSACryptoServiceProvider();
//csp.FromXmlString(xmlkey); // where xmlKey is the saved private or
public key xml from the step above
sig.SigningKey = key;
Reference reff = new Reference("");
reff.AddTransform(new XmlDsigEnvelopedSignatureTransform());
sig.AddReference(reff);
sig.ComputeSignature();
doc.DocumentElement.AppendChild(sig.GetXml());
StringWriter sw = new StringWriter();
doc.Save(sw);
return sw.ToString();
}
public bool VerifyXML(string xml)
{
XmlDocument doc = new XmlDocument();
//doc.PreserveWhitespace = true;
doc.LoadXml(xml);
XmlNamespaceManager nsm = new XmlNamespaceManager(new NameTable());
nsm.AddNamespace("dsig", SignedXml.XmlDsigNamespaceUrl);
XmlElement sigElement =
(XmlElement)doc.SelectSingleNode("//dsig:Signature", nsm);
SignedXml sig = new SignedXml(doc);
sig.LoadXml(sigElement);
Console.WriteLine("Outer:\n"+doc.OuterXml);
if ( sig.CheckSignature(key))
return true;
return false;
}
}
}
--
William Stacey, MVP