Don't know whether this MSDN Magazine article is of any help http://msdn.microsoft.com/en-us/magazine/cc185723.aspx
Andy > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Sebastien Pouliot > Sent: 29 May 2008 12:56 > To: Mathias Tausig > Cc: [email protected] > Subject: Re: [Mono-list] SignedXML: Where does the digest come from > > Hello Mathias, > > On Thu, 2008-05-29 at 11:16 +0200, Mathias Tausig wrote: > > Hy! > > > > I am creating a signed xml document using: > > > > XmlDocument objdoc=new XmlDocument(); > > objdoc.Load("test.xhtml"); > > DataObject dObj=new DataObject(); > > dObj.Id="xmldsig-dataobj"; > > dObj.Data=objdoc.ChildNodes; > > Reference dRef=new Reference("#xmldsig-dataobj"); SignedXml > xmlsig=new > > SignedXml(); xmlsig.AddObject(dObj); xmlsig.AddReference(dRef); RSA > > rsa=new RSASignatureCard(SigCard); KeyInfo keyinfo=new KeyInfo(); > > keyinfo.AddClause(new RSAKeyValue(rsa)); xmlsig.KeyInfo=keyinfo; > > xmlsig.SigningKey=rsa; xmlsig.ComputeSignature(); > > > > (RSASignatureCard is a self-written class derived from RSA > which uses > > a > > smartcard) > > Pretty cool :-) The model always allowed this (expect that fx > 1.x made it harder with some bugs) but still it's pretty rare > to find someone using it. > > > This works fine, the signature can be calculated and is > also verified > > correctly. > > But if I look at the data that has actually been signed > > via rsa.EncryptValue(xmlsig.Signature.SignatureValue); > > the digest that can be found there is different from the > one residing > > in > > > > sigref=xmlsig.Signature.SignedInfo.References[0] as Reference; > > sigref.DigestValue; > > > Weird, isn't it? > > It's been years since I looked into xmldsig (and I've been > trying, hard, to reclaim those neurons for other duties ;-) > but IIRC each reference is digested then the "header", > including all the references digest, is digested too. Only > the later, not part of the XML itself, is signed. > > Of course the perfect answer is in the specification itself... > > Sebastien > > > > > > cheers > > Mathias > > > > _______________________________________________ > > Mono-list maillist - [email protected] > > http://lists.ximian.com/mailman/listinfo/mono-list > > _______________________________________________ > Mono-list maillist - [email protected] > http://lists.ximian.com/mailman/listinfo/mono-list _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
