Does SignedXml.CheckSignatureReturningKey support XML that contains 
 characters

Michael Smuin 0 Reputation points
2023-07-21T17:56:13.83+00:00

We are attempting to validate XML signed in an external system. There are characters in the XML which are automatically getting set to carriage returns. Because they are automatically converted, the DigestValue in the XML and that which is computed do not match. Has anybody had problems validating XML in this situation? If so, what solution were you able to find?

.NET
.NET
Microsoft Technologies based on the .NET software framework.
4,088 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Jose Zero 576 Reputation points
    2023-08-02T00:09:30.2033333+00:00

    Perhaps you missing XMLDocument.PreserveWhiteSpace property when load xml. Such white space can make your Signature check invalid.
    https://learn.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.preservewhitespace?view=net-7.0


  2. Jose Zero 576 Reputation points
    2023-08-02T15:38:52.79+00:00

    My experience with Signed XML is based on .Net Framework.
    Since PreserveWhiteSpace was already considered, and assuming you are checking Signature against proper XML Node (here I mean OuterXML), check on XML what SignatureMethod Algorithm method was used.

    Starting .Net Framework 4.7.1 Default Algorithm has changed from SHA1 to SHA256, because SHA1 is no longer considered secure. I´m assuming same applies to .Net Core due to security concerns.
    Check this link https://github.com/microsoft/dotnet/blob/main/Documentation/compatibility/Change-SignedXML-and-SignedCMS-default-algorithms-to-SHA256.md

    In past with .Net Framework 4.6, when SHA1 was default, I face with some XML Signed using SHA256, at that time had to add support for SHA256 (I think is not your case).

    Some days ago with .Net Framework 4.8, I faced the opposite, XML Signed using SHA1, in this case Recommended Action on link above solved my issue

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.