"Nikhil" <Ni****@discussions.microsoft.com> wrote in message news:B1**********************************@microsof t.com...
When I try to used the CheckSignature Method of SignedXML I get the following
error.
"Unknown transform has been encountered. at
System.Security.Cryptography.Xml.Reference.LoadXml (XmlElement value)\r\n at
System.Security.Cryptography.Xml.SignedInfo.LoadXm l(XmlElement value)\r\n
: : I need some more information regarding what needs to change out there.
Undoubtedly, you have one or more <ds:Reference> elements containing a
<ds:Transform> with an invalid Algorithm. For example, there are places in
your <ds:SignatureInfo> like,
<ds:Reference>
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
<!-- . . . -->
Where the URI (and this could be as simple as SHA1, or SHA{keyLength} so
sometimes you may see SHA512, etc.) specified for Algorithm is not being
recognized.
See the following URL for a list of the well-known XML Digital Signature
algorithm URIs that can appear as the value of the Algorithm attribute,
http://www.w3.org/TR/xmldsig-core/#sec-AlgID
You can fix this by using one of the well-known algorithm URIs, double-check
that there are no typos or trailing backslashes on that Algorithm ID value.
I read that it has to do wiht the machine config file,
You can add or override the classes that provide the hash functions specifying
class names in the <cryptographicSettings> section of machine.config,
http://msdn.microsoft.com/library/en...ingsschema.asp
but you must deploy the implementation on all machines that need to handle
(verify or produce) these signatures using your custom Algorithm.
It's more likely the answer to your problem is the former (typo, malformed
algorithm identifier), rather than something that would require you to modify
the machine.config.
Derek Harmon
