.NET Signed XML Prefix

.net xml xml-signature
mjmcinto picture mjmcinto · Dec 19, 2008 · Viewed 8.6k times · Source

Is there a way to set the prefix on the Signature of a Signed XML Document (SignedXml class in .Net)?

So instead of:

<Signature xmlns="http://www.w3.org/2000/09/xmldsig#>
...
</Signature>

I could have the following:

<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#>
...
</ds:Signature>

Answer

Sassberto picture Sassberto · Apr 3, 2009

It can't be done. If you modify the XML after it has been signed it may not be able to be verified, which was the case in the example above. IMO this is a flaw in MSFT's digital signature implementation that you will have to live with.

A lot of people will say that there is no reason to do this, and they are technically correct. But when you are dealing with a huge vendor (i.e. a state government or bank), good luck getting them to change it on their end. Most reference implementations include it.

UPDATE: The signature signs everything in the SignedInfo element, so if you go updating that element after the fact, then the Signature is no longer valid. You have "tampered" with the message.

Related questions

How to get X509Certificate from certificate store and generate xml signature data?

How can I get X509Certificate from certificate store and then generate XML SignatureData in .net C#?

Read More
Read XML Attribute using XmlDocument

How can I read an XML attribute using C#'s XmlDocument? I have an XML file which looks somewhat like this: <?xml version="1.0" encoding="utf-8" ?> <MyConfiguration xmlns="http://tempuri.org/myOwnSchema.xsd" SuperNumber="1" SuperString="whipcream"> <…

Read More
How to read attribute value from XmlNode in C#?

Suppose I have a XmlNode and I want to get the value of an attribute named "Name". How can I do that? XmlTextReader reader = new XmlTextReader(path); XmlDocument doc = new XmlDocument(); XmlNode node = doc.ReadNode(reader); foreach (XmlNode chldNode in …

Read More