Gubi Gubi

Gubi Gubi

  • NA
  • 1
  • 0

Generation of XML Signature using XPATH transform using c#

Feb 14 2006 12:57 AM
Actually am trying to sign an xml using XPATH transform in C# language. The xml am trying to sign is as follows.

<?xml version="1.0" encoding="utf-8" ?>
- <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <S:Header>
- <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext">
- <wsse:UsernameToken Id="secinfo" version="1">
<wsse:UserInfo>XXXXXX</wsse:UserInfo>
</wsse:UsernameToken>
</wsse:Security>
</S:Header>
- <S:Body>
</S:Body>
</S:Envelope>

I want my xml signature to be with in <S:Header> tag but my output is as follows

<?xml version="1.0" encoding="utf-8" ?>
- <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <S:Header>
- <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext">
- <wsse:UsernameToken Id="secinfo" version="1">
<wsse:UserInfo>XXXXX</wsse:UserInfo>
</wsse:UsernameToken>
</wsse:Security>
</S:Header>
- <S:Body>
</S:Body>
- <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
- <Reference URI="">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<XPath>//*[@Id='secinfo']/UserInfo/*</XPath>
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>2jmj7l5rSw0yVb/vlWAYkK/YBwk=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>Fk+gJC7/tQzZlyMfvRuh/OOs9jORmSXU5WaZyrAfHoRkAqyXJgZn8BdtF1OzGuqvIstM4WOb9QJ861NFjPKBUDTXSVb9yawlINi2+LLDy6hWTK9HP4EPLrqgNWmYkb5b7dv09Aj7rxOvgICzsuhQteUoaYHG82RRfz6DNLZ9qZo=</SignatureValue>
- <KeyInfo>
<KeyName>Pershing</KeyName>
</KeyInfo>
</Signature>
</S:Envelope>

My code is as follows ...


/***************************************************/
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Xml;

namespace TestApp
{
/// <summary>
/// Summary description for Class1.
/// </summary>
class Class1
{
/// <summary>
/// The main entry point for the application.
/// </summary>
[STAThread]
static void Main(string[] args)
{
//
// TODO: Add code to start application here
//

//System.IO.StreamReader sr = new System.IO.StreamReader("c:/data/Esf_Setup/SAML/data.txt");
//string str = sr.ReadToEnd();
//byte[] decodedBytes = Convert.FromBase64String(str);

//string decodedStr = System.Text.UTF8Encoding.UTF8.GetString(decodedBytes);
//System.Console.WriteLine("String Decoded with UTF8 encoding scheme");

System.Console.WriteLine("HELLO");
//System.IO.StreamReader sr = new System.IO.StreamReader("C:/Data/key/saml/xmloutput/Bluefrog/RequestwithAstn.xml");
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.Load("C:/Data/SampleDoc.xml");
//xmlDoc.Load("C:/Data/SampleDoc.xml");
//string str = sr.ReadToEnd();
//System.Console.WriteLine(str);
// Get the key pair from the key store.
CspParameters parms = new CspParameters(1); // PROV_RSA_FULL
parms.Flags = CspProviderFlags.UseMachineKeyStore; // Use Machine store
parms.KeyContainerName = "CodeProject"; // "CodeProject" container
parms.KeyNumber = 2; // AT_SIGNATURE
RSACryptoServiceProvider csp = new RSACryptoServiceProvider(parms);

SignedXml sxml = new SignedXml(xmlDoc);

sxml.SigningKey = csp;
// Set the canonicalization method for the document.
sxml.SignedInfo.CanonicalizationMethod =
SignedXml.XmlDsigCanonicalizationUrl; // No comments.

// Create an empty reference (not enveloped) for the XPath
// transformation.
Reference r = new Reference("");

// Create the XPath transform and add it to the reference list.
r.AddTransform(CreateXPathTransform("//*[@Id='secinfo']/UserInfo/*"));

// Add the reference to the SignedXml object.
sxml.AddReference(r);

// Compute the signature.
sxml.ComputeSignature();

// Creating KeyInfo class
KeyInfo keyInfo = new KeyInfo();
// Creating KeyInfoName class
KeyInfoName keyNme = new KeyInfoName();
keyNme.Value = "Pershing";

keyInfo.AddClause(keyNme);

sxml.KeyInfo = keyInfo;

// Get the signature XML and add it to the document element.
XmlElement sig = sxml.GetXml();
xmlDoc.DocumentElement.AppendChild(sig);

// Write-out formatted signed XML to console (allow for redirection).
System.IO.StreamWriter file = new System.IO.StreamWriter("c:/data/Esf_Setup/testXpath.xml");
XmlTextWriter writer = new XmlTextWriter(file);

writer.Formatting = Formatting.Indented;

string xmlString = null;
try
{
xmlDoc.WriteTo(writer);
xmlString = xmlDoc.ToString();

}
finally
{
writer.Flush();
writer.Close();
}







}

/// <summary>
/// Create an XPath transform
/// </summary>
/// <param name='xpath'>XPath expression for the transform</param>
/// <returns>XPath transform that filters according to the given XPath expression</returns>
private static XmlDsigXPathTransform CreateXPathTransform(string xpath)
{
// create the XML that represents the transform
XmlDocument doc = new XmlDocument();
XmlElement xpathElem = doc.CreateElement("XPath");
xpathElem.InnerText = xpath;

XmlDsigXPathTransform xform = new XmlDsigXPathTransform();
xform.LoadInnerXml(xpathElem.SelectNodes("."));

return xform;
}

}
}

/***************************************************/

Can anyone of you, pls help me out in getting my signature within Header element