C# Signing XML document with X509Chain

Question

I have one question regarding signing XmlDocumentwith a chain of certificates.My current try is to load the root, intermediate and the signing certificates separately, and add them to the KeyInfoX509Data of the KeyInfo class.

var keyInfo = new KeyInfo();
var keyInfoData = new KeyInfoX509Data(_certificateManager.Certificate);
keyInfoData.AddCertificate(_certificateManager.Intermediate);
keyInfoData.AddCertificate(_certificateManager.Root);
keyInfo.AddClause(keyInfoData);

Something like this. Then I assign the SignedXml KeyInfo property with the keyInfo variable. Then i call the .ComputeSignature() method. My question is - is this the right way to sign the xml message, or recently I found out the class X509Chain, and I have to use in in some way, because I want to sign the xml with the whole chain.

Thanks in advance,

Julian

See if my solution at following posting helps : https://stackoverflow.com/questions/46722997/saml-assertion-in-a-xml-using-c-sharp/46724392 — jdweng, Dec 03 '18 at 12:31

score 1 · Accepted Answer · answered Dec 03 '18 at 13:29

1

Here is what helped me!

signedXml.KeyInfo.AddClause(
new KeyInfoX509Data(certificate, X509IncludeOption.WholeChain));

Hope that helps other with the same problem!

answered Dec 03 '18 at 13:29

Julian

375
1
8
23

C# Signing XML document with X509Chain

1 Answers1