2 // SignedXmlTest.cs - NUnit Test Cases for SignedXml
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2004-2005, 2008 Novell, Inc (http://www.novell.com)
12 using System.Globalization;
14 using System.Security.Cryptography;
15 using System.Security.Cryptography.X509Certificates;
16 using System.Security.Cryptography.Xml;
20 using NUnit.Framework;
22 namespace MonoTests.System.Security.Cryptography.Xml {
24 public class SignedXmlEx : SignedXml {
26 // required to test protected GetPublicKey in SignedXml
27 public AsymmetricAlgorithm PublicGetPublicKey ()
29 return base.GetPublicKey ();
34 public class SignedXmlTest {
36 private const string signature = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>CTnnhjxUQHJmD+t1MjVXrOW+MCA=</DigestValue></Reference></SignedInfo><SignatureValue>dbFt6Zw3vR+Xh7LbM/vuifyFA7gPh/NlDM2Glz/SJBsveISieuTBpZlk/zavAeuXR/Nu0Ztt4OP4tCOg09a2RNlrTP0dhkeEfL1jTzpnVaLHuQbCiwOWCgbRif7Xt7N12FuiHYb3BltP/YyXS4E12NxlGlqnDiFA1v/mkK5+C1o=</SignatureValue><KeyInfo><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><RSAKeyValue><Modulus>hEfTJNa2idz2u+fSYDDG4Lx/xuk4aBbvOPVNqgc1l9Y8t7Pt+ZyF+kkF3uUl8Y0700BFGAsprnhwrWENK+PGdtvM5796ZKxCCa0ooKkofiT4355HqK26hpV8dvj38vq/rkJe1jHZgkTKa+c/0vjcYZOI/RT/IZv9JfXxVWLuLxk=</Modulus><Exponent>EQ==</Exponent></RSAKeyValue></KeyValue></KeyInfo><Object Id=\"MyObjectId\" xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><ObjectListTag xmlns=\"\" /></Object></Signature>";
39 public void StaticValues ()
41 Assert.AreEqual ("http://www.w3.org/TR/2001/REC-xml-c14n-20010315", SignedXml.XmlDsigCanonicalizationUrl, "XmlDsigCanonicalizationUrl");
42 Assert.AreEqual ("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments", SignedXml.XmlDsigCanonicalizationWithCommentsUrl, "XmlDsigCanonicalizationWithCommentsUrl");
43 Assert.AreEqual ("http://www.w3.org/2000/09/xmldsig#dsa-sha1", SignedXml.XmlDsigDSAUrl, "XmlDsigDSAUrl");
44 Assert.AreEqual ("http://www.w3.org/2000/09/xmldsig#hmac-sha1", SignedXml.XmlDsigHMACSHA1Url, "XmlDsigHMACSHA1Url");
45 Assert.AreEqual ("http://www.w3.org/2000/09/xmldsig#minimal", SignedXml.XmlDsigMinimalCanonicalizationUrl, "XmlDsigMinimalCanonicalizationUrl");
46 Assert.AreEqual ("http://www.w3.org/2000/09/xmldsig#", SignedXml.XmlDsigNamespaceUrl, "XmlDsigNamespaceUrl");
47 Assert.AreEqual ("http://www.w3.org/2000/09/xmldsig#rsa-sha1", SignedXml.XmlDsigRSASHA1Url, "XmlDsigRSASHA1Url");
48 Assert.AreEqual ("http://www.w3.org/2000/09/xmldsig#sha1", SignedXml.XmlDsigSHA1Url, "XmlDsigSHA1Url");
52 public void Constructor_Empty ()
54 XmlDocument doc = new XmlDocument ();
55 doc.LoadXml (signature);
56 XmlNodeList xnl = doc.GetElementsByTagName ("Signature", SignedXml.XmlDsigNamespaceUrl);
57 XmlElement xel = (XmlElement) xnl [0];
59 SignedXml sx = new SignedXml (doc);
61 Assert.IsTrue (sx.CheckSignature (), "CheckSignature");
65 public void Constructor_XmlDocument ()
67 XmlDocument doc = new XmlDocument ();
68 doc.LoadXml (signature);
69 XmlNodeList xnl = doc.GetElementsByTagName ("Signature", SignedXml.XmlDsigNamespaceUrl);
70 XmlElement xel = (XmlElement) xnl [0];
72 SignedXml sx = new SignedXml (doc);
73 sx.LoadXml (doc.DocumentElement);
74 Assert.IsTrue (sx.CheckSignature (), "CheckSignature");
79 [Ignore ("2.0 throws a NullReferenceException - reported as FDBK25892")]
80 // http://lab.msdn.microsoft.com/ProductFeedback/viewfeedback.aspx?feedbackid=02dd9730-d1ad-4170-8c82-36858c55fbe2
82 [ExpectedException (typeof (ArgumentNullException))]
83 public void Constructor_XmlDocument_Null ()
85 XmlDocument doc = null;
86 SignedXml sx = new SignedXml (doc);
90 public void Constructor_XmlElement ()
92 XmlDocument doc = new XmlDocument ();
93 doc.LoadXml (signature);
94 XmlNodeList xnl = doc.GetElementsByTagName ("Signature", SignedXml.XmlDsigNamespaceUrl);
95 XmlElement xel = (XmlElement) xnl [0];
97 SignedXml sx = new SignedXml (doc.DocumentElement);
99 Assert.IsTrue (sx.CheckSignature (), "CheckSignature");
104 [ExpectedException (typeof (CryptographicException))]
106 public void Constructor_XmlElement_WithoutLoadXml ()
108 XmlDocument doc = new XmlDocument ();
109 doc.LoadXml (signature);
110 XmlNodeList xnl = doc.GetElementsByTagName ("Signature", SignedXml.XmlDsigNamespaceUrl);
111 XmlElement xel = (XmlElement) xnl [0];
113 SignedXml sx = new SignedXml (doc.DocumentElement);
114 Assert.IsTrue (!sx.CheckSignature (), "!CheckSignature");
115 // SignedXml (XmlElement) != SignedXml () + LoadXml (XmlElement)
119 [ExpectedException (typeof (ArgumentNullException))]
120 public void Constructor_XmlElement_Null ()
122 XmlElement xel = null;
123 SignedXml sx = new SignedXml (xel);
126 // sample from MSDN (url)
127 public SignedXml MSDNSample ()
129 // Create example data to sign.
130 XmlDocument document = new XmlDocument ();
131 XmlNode node = document.CreateNode (XmlNodeType.Element, "", "MyElement", "samples");
132 node.InnerText = "This is some text";
133 document.AppendChild (node);
135 // Create the SignedXml message.
136 SignedXml signedXml = new SignedXml ();
138 // Create a data object to hold the data to sign.
139 DataObject dataObject = new DataObject ();
140 dataObject.Data = document.ChildNodes;
141 dataObject.Id = "MyObjectId";
143 // Add the data object to the signature.
144 signedXml.AddObject (dataObject);
146 // Create a reference to be able to package everything into the
148 Reference reference = new Reference ();
149 reference.Uri = "#MyObjectId";
151 // Add it to the message.
152 signedXml.AddReference (reference);
158 [ExpectedException (typeof (CryptographicException))]
159 public void SignatureMethodMismatch ()
161 SignedXml signedXml = MSDNSample ();
163 RSA key = RSA.Create ();
164 signedXml.SigningKey = key;
165 signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigHMACSHA1Url;
168 KeyInfo keyInfo = new KeyInfo ();
169 keyInfo.AddClause (new RSAKeyValue (key));
170 signedXml.KeyInfo = keyInfo;
172 Assert.IsNotNull (signedXml.SignatureMethod, "SignatureMethod");
173 // Compute the signature - causes unsupported algorithm by the key.
174 signedXml.ComputeSignature ();
178 public void AsymmetricRSASignature ()
180 SignedXml signedXml = MSDNSample ();
182 RSA key = RSA.Create ();
183 signedXml.SigningKey = key;
186 KeyInfo keyInfo = new KeyInfo ();
187 keyInfo.AddClause (new RSAKeyValue (key));
188 signedXml.KeyInfo = keyInfo;
190 Assert.AreEqual (1, signedXml.KeyInfo.Count, "KeyInfo");
191 Assert.IsNull (signedXml.SignatureLength, "SignatureLength");
192 Assert.IsNull (signedXml.SignatureMethod, "SignatureMethod");
193 Assert.IsNull (signedXml.SignatureValue, "SignatureValue");
194 Assert.IsNull (signedXml.SigningKeyName, "SigningKeyName");
196 // Compute the signature.
197 signedXml.ComputeSignature ();
199 Assert.IsNull (signedXml.SigningKeyName, "SigningKeyName");
200 Assert.AreEqual (SignedXml.XmlDsigRSASHA1Url, signedXml.SignatureMethod, "SignatureMethod");
201 Assert.AreEqual (128, signedXml.SignatureValue.Length, "SignatureValue");
202 Assert.IsNull (signedXml.SigningKeyName, "SigningKeyName");
204 // Get the XML representation of the signature.
205 XmlElement xmlSignature = signedXml.GetXml ();
207 // LAMESPEC: we must reload the signature or it won't work
208 // MS framework throw a "malformed element"
209 SignedXml vrfy = new SignedXml ();
210 vrfy.LoadXml (xmlSignature);
212 // assert that we can verify our own signature
213 Assert.IsTrue (vrfy.CheckSignature (), "RSA-Compute/Verify");
217 public void AsymmetricDSASignature ()
219 SignedXml signedXml = MSDNSample ();
221 DSA key = DSA.Create ();
222 signedXml.SigningKey = key;
225 KeyInfo keyInfo = new KeyInfo ();
226 keyInfo.AddClause (new DSAKeyValue (key));
227 signedXml.KeyInfo = keyInfo;
229 Assert.AreEqual (1, signedXml.KeyInfo.Count, "KeyInfo");
230 Assert.IsNull (signedXml.SignatureLength, "SignatureLength");
231 Assert.IsNull (signedXml.SignatureMethod, "SignatureMethod");
232 Assert.IsNull (signedXml.SignatureValue, "SignatureValue");
233 Assert.IsNull (signedXml.SigningKeyName, "SigningKeyName");
235 // Compute the signature.
236 signedXml.ComputeSignature ();
238 Assert.IsNull (signedXml.SignatureLength, "SignatureLength");
239 Assert.AreEqual (SignedXml.XmlDsigDSAUrl, signedXml.SignatureMethod, "SignatureMethod");
240 Assert.AreEqual (40, signedXml.SignatureValue.Length, "SignatureValue");
241 Assert.IsNull (signedXml.SigningKeyName, "SigningKeyName");
243 // Get the XML representation of the signature.
244 XmlElement xmlSignature = signedXml.GetXml ();
246 // LAMESPEC: we must reload the signature or it won't work
247 // MS framework throw a "malformed element"
248 SignedXml vrfy = new SignedXml ();
249 vrfy.LoadXml (xmlSignature);
251 // assert that we can verify our own signature
252 Assert.IsTrue (vrfy.CheckSignature (), "DSA-Compute/Verify");
256 public void SymmetricHMACSHA1Signature ()
258 SignedXml signedXml = MSDNSample ();
260 // Compute the signature.
261 byte[] secretkey = Encoding.Default.GetBytes ("password");
262 HMACSHA1 hmac = new HMACSHA1 (secretkey);
264 Assert.AreEqual (0, signedXml.KeyInfo.Count, "KeyInfo");
266 Assert.IsNull (signedXml.KeyInfo, "KeyInfo");
268 Assert.IsNull (signedXml.SignatureLength, "SignatureLength");
269 Assert.IsNull (signedXml.SignatureMethod, "SignatureMethod");
270 Assert.IsNull (signedXml.SignatureValue, "SignatureValue");
271 Assert.IsNull (signedXml.SigningKeyName, "SigningKeyName");
273 signedXml.ComputeSignature (hmac);
276 Assert.AreEqual (0, signedXml.KeyInfo.Count, "KeyInfo");
278 Assert.IsNull (signedXml.KeyInfo, "KeyInfo");
280 Assert.IsNull (signedXml.SignatureLength, "SignatureLength");
281 Assert.AreEqual (SignedXml.XmlDsigHMACSHA1Url, signedXml.SignatureMethod, "SignatureMethod");
282 Assert.AreEqual (20, signedXml.SignatureValue.Length, "SignatureValue");
283 Assert.IsNull (signedXml.SigningKeyName, "SigningKeyName");
285 // Get the XML representation of the signature.
286 XmlElement xmlSignature = signedXml.GetXml ();
288 // LAMESPEC: we must reload the signature or it won't work
289 // MS framework throw a "malformed element"
290 SignedXml vrfy = new SignedXml ();
291 vrfy.LoadXml (xmlSignature);
293 // assert that we can verify our own signature
294 Assert.IsTrue (vrfy.CheckSignature (hmac), "HMACSHA1-Compute/Verify");
298 [ExpectedException (typeof (CryptographicException))]
299 public void SymmetricMACTripleDESSignature ()
301 SignedXml signedXml = MSDNSample ();
302 // Compute the signature.
303 byte[] secretkey = Encoding.Default.GetBytes ("password");
304 MACTripleDES hmac = new MACTripleDES (secretkey);
305 signedXml.ComputeSignature (hmac);
308 // Using empty constructor
309 // LAMESPEC: The two other constructors don't seems to apply in verifying signatures
311 public void AsymmetricRSAVerify ()
313 string value = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>/Vvq6sXEVbtZC8GwNtLQnGOy/VI=</DigestValue></Reference></SignedInfo><SignatureValue>A6XuE8Cy9iOffRXaW9b0+dUcMUJQnlmwLsiqtQnADbCtZXnXAaeJ6nGnQ4Mm0IGi0AJc7/2CoJReXl7iW4hltmFguG1e3nl0VxCyCTHKGOCo1u8R3K+B1rTaenFbSxs42EM7/D9KETsPlzfYfis36yM3PqatiCUOsoMsAiMGzlc=</SignatureValue><KeyInfo><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><RSAKeyValue><Modulus>tI8QYIpbG/m6JLyvP+S3X8mzcaAIayxomyTimSh9UCpEucRnGvLw0P73uStNpiF7wltTZA1HEsv+Ha39dY/0j/Wiy3RAodGDRNuKQao1wu34aNybZ673brbsbHFUfw/o7nlKD2xO84fbajBZmKtBBDy63NHt+QL+grSrREPfCTM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo><Object Id=\"MyObjectId\"><MyElement xmlns=\"samples\">This is some text</MyElement></Object></Signature>";
314 XmlDocument doc = new XmlDocument ();
317 SignedXml v1 = new SignedXml ();
318 v1.LoadXml (doc.DocumentElement);
319 Assert.IsTrue (v1.CheckSignature (), "RSA-CheckSignature()");
321 SignedXml v2 = new SignedXml ();
322 v2.LoadXml (doc.DocumentElement);
323 AsymmetricAlgorithm key = null;
324 bool vrfy = v2.CheckSignatureReturningKey (out key);
325 Assert.IsTrue (vrfy, "RSA-CheckSignatureReturningKey()");
327 SignedXml v3 = new SignedXml ();
328 v3.LoadXml (doc.DocumentElement);
329 Assert.IsTrue (v3.CheckSignature (key), "RSA-CheckSignature(key)");
332 // Using empty constructor
333 // LAMESPEC: The two other constructors don't seems to apply in verifying signatures
335 public void AsymmetricDSAVerify ()
337 string value = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#dsa-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>/Vvq6sXEVbtZC8GwNtLQnGOy/VI=</DigestValue></Reference></SignedInfo><SignatureValue>BYz/qRGjGsN1yMFPxWa3awUZm1y4I/IxOQroMxkOteRGgk1HIwhRYw==</SignatureValue><KeyInfo><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><DSAKeyValue><P>iglVaZ+LsSL8Y0aDXmFMBwva3xHqIypr3l/LtqBH9ziV2Sh1M4JVasAiKqytWIWt/s/Uk8Ckf2tO2Ww1vsNi1NL+Kg9T7FE52sn380/rF0miwGkZeidzm74OWhykb3J+wCTXaIwOzAWI1yN7FoeoN7wzF12jjlSXAXeqPMlViqk=</P><Q>u4sowiJMHilNRojtdmIuQY2YnB8=</Q><G>SdnN7d+wn1n+HH4Hr8MIryIRYgcXdbZ5TH7jAnuWc1koqRc1AZfcYAZ6RDf+orx6Lzn055FTFiN+1NHQfGUtXJCWW0zz0FVV1NJux7WRj8vGTldjJ5ef0oCenkpwDjcIxWsZgVobve4GPoyN1sAc1scnkJB59oupibklmF4y72A=</G><Y>XejzS8Z51yfl0zbYnxSYYbHqreSLjNCoGPB/KjM1TOyV5sMjz0StKtGrFWryTWc7EgvFY7kUth4e04VKf9HbK8z/FifHTXj8+Tszbjzw8GfInnBwLN+vJgbpnjtypmiI5Bm2nLiRbfkdAHP+OrKtr/EauM9GQfYuaxm3/Vj8B84=</Y><J>vGwGg9wqwwWP9xsoPoXu6kHArJtadiNKe9azBiUx5Ob883gd5wlKfEcGuKkBmBySGbgwxyOsIBovd9Kk48hF01ymfQzAAuHR0EdJECSsTsTTKVTLQNBU32O+PRbLYpv4E8kt6rNL83JLJCBY</J><Seed>sqzn8J6fd2gtEyq6YOqiUSHgPE8=</Seed><PgenCounter>sQ==</PgenCounter></DSAKeyValue></KeyValue></KeyInfo><Object Id=\"MyObjectId\"><MyElement xmlns=\"samples\">This is some text</MyElement></Object></Signature>";
338 XmlDocument doc = new XmlDocument ();
341 SignedXml v1 = new SignedXml ();
342 v1.LoadXml (doc.DocumentElement);
343 Assert.IsTrue (v1.CheckSignature (), "DSA-CheckSignature()");
345 SignedXml v2 = new SignedXml ();
346 v2.LoadXml (doc.DocumentElement);
347 AsymmetricAlgorithm key = null;
348 bool vrfy = v2.CheckSignatureReturningKey (out key);
349 Assert.IsTrue (vrfy, "DSA-CheckSignatureReturningKey()");
351 SignedXml v3 = new SignedXml ();
352 v3.LoadXml (doc.DocumentElement);
353 Assert.IsTrue (v3.CheckSignature (key), "DSA-CheckSignature(key)");
357 public void SymmetricHMACSHA1Verify ()
359 string value = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#hmac-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>/Vvq6sXEVbtZC8GwNtLQnGOy/VI=</DigestValue></Reference></SignedInfo><SignatureValue>e2RxYr5yGbvTqZLCFcgA2RAC0yE=</SignatureValue><Object Id=\"MyObjectId\"><MyElement xmlns=\"samples\">This is some text</MyElement></Object></Signature>";
360 XmlDocument doc = new XmlDocument ();
363 SignedXml v1 = new SignedXml ();
364 v1.LoadXml (doc.DocumentElement);
366 byte[] secretkey = Encoding.Default.GetBytes ("password");
367 HMACSHA1 hmac = new HMACSHA1 (secretkey);
369 Assert.IsTrue (v1.CheckSignature (hmac), "HMACSHA1-CheckSignature(key)");
373 // adapted from http://bugzilla.ximian.com/show_bug.cgi?id=52084
374 public void GetIdElement ()
376 XmlDocument doc = new XmlDocument ();
377 doc.LoadXml (signature);
379 SignedXml v1 = new SignedXml ();
380 v1.LoadXml (doc.DocumentElement);
381 Assert.IsTrue (v1.CheckSignature (), "CheckSignature");
383 XmlElement xel = v1.GetIdElement (doc, "MyObjectId");
384 Assert.IsTrue (xel.InnerXml.StartsWith ("<ObjectListTag"), "GetIdElement");
388 public void GetPublicKey ()
390 XmlDocument doc = new XmlDocument ();
391 doc.LoadXml (signature);
393 SignedXmlEx sxe = new SignedXmlEx ();
394 sxe.LoadXml (doc.DocumentElement);
396 AsymmetricAlgorithm aa1 = sxe.PublicGetPublicKey ();
397 Assert.IsTrue ((aa1 is RSA), "First Public Key is RSA");
399 AsymmetricAlgorithm aa2 = sxe.PublicGetPublicKey ();
400 Assert.IsNull (aa2, "Second Public Key is null");
404 // [ExpectedException (typeof (ArgumentNullException))]
405 public void AddObject_Null ()
407 SignedXml sx = new SignedXml ();
408 // still no ArgumentNullExceptions for this one
413 [ExpectedException (typeof (ArgumentNullException))]
414 public void AddReference_Null ()
416 SignedXml sx = new SignedXml ();
417 sx.AddReference (null);
421 public void Add_Null ()
423 SignedXml sx = new SignedXml ();
424 // no ArgumentNull exceptions for those
426 sx.AddReference (null);
430 [ExpectedException (typeof (CryptographicException))]
431 public void GetXml_WithoutInfo ()
433 SignedXml sx = new SignedXml ();
434 XmlElement xel = sx.GetXml ();
438 [ExpectedException (typeof (ArgumentNullException))]
439 public void LoadXml_Null ()
441 SignedXml sx = new SignedXml ();
446 public void SigningKeyName ()
448 SignedXmlEx sxe = new SignedXmlEx ();
449 Assert.IsNull (sxe.SigningKeyName, "SigningKeyName");
450 sxe.SigningKeyName = "mono";
451 Assert.AreEqual ("mono", sxe.SigningKeyName, "SigningKeyName");
455 public void CheckSignatureEmptySafe ()
461 // empty keyinfo passes...
462 sx = new SignedXml ();
463 sx.KeyInfo = new KeyInfo ();
464 Assert.IsTrue (!sx.CheckSignature ());
466 // with empty KeyInfoName
467 kic = new KeyInfoName ();
471 Assert.IsTrue (!sx.CheckSignature ());
476 [ExpectedException (typeof (CryptographicException))]
478 public void CheckSignatureEmpty ()
480 SignedXml sx = new SignedXml ();
481 Assert.IsTrue (!sx.CheckSignature ());
485 [ExpectedException (typeof (CryptographicException))]
486 public void ComputeSignatureNoSigningKey ()
488 XmlDocument doc = new XmlDocument ();
489 doc.LoadXml ("<foo/>");
490 SignedXml signedXml = new SignedXml (doc);
492 Reference reference = new Reference ();
495 XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform ();
496 reference.AddTransform (env);
497 signedXml.AddReference (reference);
499 signedXml.ComputeSignature ();
503 [ExpectedException (typeof (CryptographicException))]
504 public void ComputeSignatureMissingReferencedObject ()
506 XmlDocument doc = new XmlDocument ();
507 doc.LoadXml ("<foo/>");
508 SignedXml signedXml = new SignedXml (doc);
509 DSA key = DSA.Create ();
510 signedXml.SigningKey = key;
512 Reference reference = new Reference ();
513 reference.Uri = "#bleh";
515 XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform ();
516 reference.AddTransform (env);
517 signedXml.AddReference (reference);
519 signedXml.ComputeSignature ();
523 public void DataReferenceToNonDataObject ()
525 XmlDocument doc = new XmlDocument ();
526 doc.LoadXml ("<foo Id='id:1'/>");
527 SignedXml signedXml = new SignedXml (doc);
528 DSA key = DSA.Create ();
529 signedXml.SigningKey = key;
531 Reference reference = new Reference ();
532 reference.Uri = "#id:1";
534 XmlDsigC14NTransform t = new XmlDsigC14NTransform ();
535 reference.AddTransform (t);
536 signedXml.AddReference (reference);
538 signedXml.ComputeSignature ();
542 public void SignElementWithoutPrefixedNamespace ()
544 string input = "<Action xmlns='urn:foo'>http://tempuri.org/IFoo/Echo</Action>";
545 string expected = @"<Signature xmlns=""http://www.w3.org/2000/09/xmldsig#""><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /><SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#hmac-sha1"" /><Reference URI=""#_1""><Transforms><Transform Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /></Transforms><DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" /><DigestValue>zdFEZB8rNzvpNG/gFEJBWk/M5Nk=</DigestValue></Reference></SignedInfo><SignatureValue>+OyGVzrHjmKSDWLNyvgx8pjbPfM=</SignatureValue><Object Id=""_1""><Action xmlns=""urn:foo"">http://tempuri.org/IFoo/Echo</Action></Object></Signature>";
547 byte [] key = Convert.FromBase64String (
548 "1W5EigVnbnRjGLbg99ElieOmuUgYO+KcwMJtE35SAGI=");
549 Transform t = new XmlDsigC14NTransform ();
550 Assert.AreEqual (expected, SignWithHMACSHA1 (input, key, t), "#1");
551 // The second result should be still identical.
552 Assert.AreEqual (expected, SignWithHMACSHA1 (input, key, t), "#2");
556 public void SignElementWithPrefixedNamespace ()
558 string input = "<a:Action xmlns:a='urn:foo'>http://tempuri.org/IFoo/Echo</a:Action>";
559 string expected = @"<Signature xmlns=""http://www.w3.org/2000/09/xmldsig#""><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /><SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#hmac-sha1"" /><Reference URI=""#_1""><Transforms><Transform Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /></Transforms><DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" /><DigestValue>6i5FlqkEfJOdUaOMCK7xn0I0HDg=</DigestValue></Reference></SignedInfo><SignatureValue>tASp+e2A0xqcm02jKg5TGqlhKpI=</SignatureValue><Object Id=""_1""><a:Action xmlns:a=""urn:foo"">http://tempuri.org/IFoo/Echo</a:Action></Object></Signature>";
561 byte [] key = Convert.FromBase64String (
562 "1W5EigVnbnRjGLbg99ElieOmuUgYO+KcwMJtE35SAGI=");
563 Assert.AreEqual (SignWithHMACSHA1 (input, key), expected);
566 string SignWithHMACSHA1 (string input, byte [] key)
568 return SignWithHMACSHA1 (input, key, new XmlDsigC14NTransform ());
571 string SignWithHMACSHA1 (string input, byte [] key, Transform transform)
573 XmlDocument doc = new XmlDocument ();
575 SignedXml sxml = new SignedXml (doc);
577 HMACSHA1 keyhash = new HMACSHA1 (key);
578 DataObject d = new DataObject ();
579 //d.Data = doc.SelectNodes ("//*[local-name()='Body']/*");
580 d.Data = doc.SelectNodes ("//*[local-name()='Action']");
583 Reference r = new Reference ("#_1");
584 r.AddTransform (transform);
585 r.DigestMethod = SignedXml.XmlDsigSHA1Url;
586 sxml.SignedInfo.AddReference (r);
587 sxml.ComputeSignature (keyhash);
588 StringWriter sw = new StringWriter ();
589 XmlWriter w = new XmlTextWriter (sw);
590 sxml.GetXml ().WriteTo (w);
592 return sw.ToString ();
596 public void GetIdElement_Null ()
598 SignedXml sign = new SignedXml ();
599 Assert.IsNull (sign.GetIdElement (null, "value"));
600 Assert.IsNull (sign.GetIdElement (new XmlDocument (), null));
605 [Category ("NotWorking")] // bug #79483
606 public void DigestValue_CRLF ()
608 XmlDocument doc = CreateSomeXml ("\r\n");
609 XmlDsigExcC14NTransform transform = new XmlDsigExcC14NTransform ();
610 transform.LoadInput (doc);
611 Stream s = (Stream) transform.GetOutput ();
612 string output = Stream2String (s);
613 Assert.AreEqual ("<person>
\n <birthplace>Brussels</birthplace>
\n</person>", output, "#1");
617 HashAlgorithm hash = HashAlgorithm.Create ("System.Security.Cryptography.SHA1CryptoServiceProvider");
618 byte[] digest = hash.ComputeHash (s);
619 Assert.AreEqual ("IKbfdK2/DMfXyezCf5QggVCXfk8=", Convert.ToBase64String (digest), "#2");
621 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
622 SignedXml signedXml = new SignedXml (doc);
623 signedXml.SigningKey = cert.PrivateKey;
624 signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
626 Reference reference = new Reference ();
629 XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform ();
630 reference.AddTransform (env);
631 signedXml.AddReference (reference);
633 KeyInfo keyInfo = new KeyInfo ();
634 KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data ();
635 x509KeyInfo.AddCertificate (new X509Certificate2 (_cert));
636 x509KeyInfo.AddCertificate (cert);
637 keyInfo.AddClause (x509KeyInfo);
638 signedXml.KeyInfo = keyInfo;
640 signedXml.ComputeSignature ();
642 digest = reference.DigestValue;
643 Assert.AreEqual ("e3dsi1xK8FAx1vsug7J203JbEAU=", Convert.ToBase64String (digest), "#3");
645 Assert.AreEqual ("<SignedInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">"
646 + "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" />"
647 + "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" />"
648 + "<Reference URI=\"\">"
650 + "<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" />"
652 + "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" />"
653 + "<DigestValue>e3dsi1xK8FAx1vsug7J203JbEAU=</DigestValue>"
655 + "</SignedInfo>", signedXml.SignedInfo.GetXml ().OuterXml, "#4");
659 public void DigestValue_LF ()
661 XmlDocument doc = CreateSomeXml ("\n");
662 XmlDsigExcC14NTransform transform = new XmlDsigExcC14NTransform ();
663 transform.LoadInput (doc);
664 Stream s = (Stream) transform.GetOutput ();
665 string output = Stream2String (s);
666 Assert.AreEqual ("<person>\n <birthplace>Brussels</birthplace>\n</person>", output, "#1");
670 HashAlgorithm hash = HashAlgorithm.Create ("System.Security.Cryptography.SHA1CryptoServiceProvider");
671 byte[] digest = hash.ComputeHash (s);
672 Assert.AreEqual ("e3dsi1xK8FAx1vsug7J203JbEAU=", Convert.ToBase64String (digest), "#2");
674 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
675 SignedXml signedXml = new SignedXml (doc);
676 signedXml.SigningKey = cert.PrivateKey;
677 signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
679 Reference reference = new Reference ();
682 XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform ();
683 reference.AddTransform (env);
684 signedXml.AddReference (reference);
686 KeyInfo keyInfo = new KeyInfo ();
687 KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data ();
688 x509KeyInfo.AddCertificate (new X509Certificate2 (_cert));
689 x509KeyInfo.AddCertificate (cert);
690 keyInfo.AddClause (x509KeyInfo);
691 signedXml.KeyInfo = keyInfo;
693 signedXml.ComputeSignature ();
695 digest = reference.DigestValue;
696 Assert.AreEqual ("e3dsi1xK8FAx1vsug7J203JbEAU=", Convert.ToBase64String (digest), "#3");
698 Assert.AreEqual ("<SignedInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">"
699 + "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" />"
700 + "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" />"
701 + "<Reference URI=\"\">"
703 + "<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" />"
705 + "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" />"
706 + "<DigestValue>e3dsi1xK8FAx1vsug7J203JbEAU=</DigestValue>"
708 + "</SignedInfo>", signedXml.SignedInfo.GetXml ().OuterXml, "#4");
712 [Category ("NotWorking")] // bug #79483
713 public void SignedXML_CRLF_Invalid ()
715 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
717 XmlDocument doc = new XmlDocument ();
718 doc.LoadXml (string.Format (CultureInfo.InvariantCulture,
720 " <birthplace>Brussels</birthplace>{0}" +
721 "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" +
723 "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" />" +
724 "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" />" +
725 "<Reference URI=\"\">" +
727 "<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" />" +
729 "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" />" +
730 "<DigestValue>IKbfdK2/DMfXyezCf5QggVCXfk8=</DigestValue>" +
734 "JuSd68PyARsZqGKSo5xX5yYHDuu6whHEhoXqxxFmGeEdvkKY2bgroWJ1ZTGHGr" +
735 "VI7mtG3h0w1ibOKdltm9j4lZaZWo87CAJiJ2syeLbMyIVSw6OyZEsiFF/VqLKK" +
736 "4T4AO6q7HYsC55zJrOvL1j9IIr8zBnJfvBdKckf0lczYbXc=" +
737 "</SignatureValue>" +
740 "<X509Certificate>" +
741 "MIIBozCCAQygAwIBAgIQHc+8iURSTUarmg4trmrnGTANBgkqhkiG9w0BAQUFAD" +
742 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcyNjUxWhgPMjA5MDAxMjEw" +
743 "ODI2NTFaMA8xDTALBgNVBAMTBE1vbm8wgZ0wDQYJKoZIhvcNAQEBBQADgYsAMI" +
744 "GHAoGBAJhFB1KHv2WzsHqih9Mvm3KffEOSMv+sh1mPW3sWI/95VOOVqJnhemMM" +
745 "s82phSbNZeoPHny4btbykbRRaRQv94rtIM6geJR1e2c5mfJWtHSq3EYQarHC68" +
746 "cAZvCAmQZGa1eQRNRqcTSKX8yfqH0SouIE9ohJtpiluNe+Xgk5fKv3AgERMA0G" +
747 "CSqGSIb3DQEBBQUAA4GBAE6pqSgK8QKRHSh6YvYs9oRh1n8iREco7QmZCFj7UB" +
748 "kn/QgJ9mKsT8o12VnYHqBCEwBNaT1ay3z/SR4/Z383zuu4Y6xxjqOqnM6gtwUV" +
749 "u5/0hvz+ThtuTjItG6Ny5JkLZZQt/XbI5kg920t9jq3vbHBMuX2HxivwQe5sug" +
751 "</X509Certificate>" +
752 "<X509Certificate>" +
753 "MIIBpTCCAQ6gAwIBAgIQXo6Lr3rrSkW4xmNPRbHMbjANBgkqhkiG9w0BAQUFAD" +
754 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcxNDE4WhgPMjA5MDAxMjEw" +
755 "ODE0MThaMBExDzANBgNVBAMTBk1pZ3VlbDCBnTANBgkqhkiG9w0BAQEFAAOBiw" +
756 "AwgYcCgYEArCkeSZ6U3U3Fm2qSuQsM7xvvsSzZGQLPDUHFQ/BZxA7LiGRfXbmO" +
757 "yPkkYRYItXdy0yDl/8rAjelaL8jQ4me6Uexyeq+5xEgHn9VbNJny5apGNi4kF1" +
758 "8DR5DK9Zme9d6icusgW8krv3//5SVE8ao7X5qrIOGS825eCJL73YWbxKkCAREw" +
759 "DQYJKoZIhvcNAQEFBQADgYEASqBgYTkIJpDO28ZEXnF5Q/G3xDR/MxhdcrCISJ" +
760 "tDbuGVZzK+xhFhiYD5Q1NiGhD4oDIVJPwKmZH4L3YP96iSh6RdtO27V05ET/X5" +
761 "yWMKdeIsq6r9jXXv7NaWTmvNfMLKLNgEBCJ00+wN0u4xHUC7yCJc0KNQ3fjDLU" +
763 "</X509Certificate>" +
767 "</person>", "\r\n"));
769 SignedXml signedXml = new SignedXml (doc);
770 XmlNodeList nodeList = doc.GetElementsByTagName ("Signature");
771 signedXml.LoadXml ((XmlElement) nodeList [0]);
772 Assert.IsTrue (!signedXml.CheckSignature (), "#2");
776 [Category ("NotWorking")] // bug #79483
777 public void SignedXML_CRLF_Valid ()
779 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
781 XmlDocument doc = CreateSignedXml (cert, SignedXml.XmlDsigExcC14NTransformUrl, "\r\n");
782 Assert.AreEqual (string.Format (CultureInfo.InvariantCulture, "<person>{0}" +
783 " <birthplace>Brussels</birthplace>{0}" +
784 "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" +
786 "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" />" +
787 "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" />" +
788 "<Reference URI=\"\">" +
790 "<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" />" +
792 "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" />" +
793 "<DigestValue>e3dsi1xK8FAx1vsug7J203JbEAU=</DigestValue>" +
797 "X29nbkOR/Xk3KwsEpEvpDOqfI6/NTtiewIxNqKMrPCoM0HLawK5HKsCw3lL07C" +
798 "8SwqvoXJL9VS05gsSia85YCB8NPDeHuHY3CPGT7DVpgeHFA0oefMnOi8IAqKD2" +
799 "nx29A222u5OmwbDO0qFqbtsgvIFiP5YJg04cwmnqs+eL+WA=" +
800 "</SignatureValue>" +
803 "<X509Certificate>" +
804 "MIIBozCCAQygAwIBAgIQHc+8iURSTUarmg4trmrnGTANBgkqhkiG9w0BAQUFAD" +
805 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcyNjUxWhgPMjA5MDAxMjEw" +
806 "ODI2NTFaMA8xDTALBgNVBAMTBE1vbm8wgZ0wDQYJKoZIhvcNAQEBBQADgYsAMI" +
807 "GHAoGBAJhFB1KHv2WzsHqih9Mvm3KffEOSMv+sh1mPW3sWI/95VOOVqJnhemMM" +
808 "s82phSbNZeoPHny4btbykbRRaRQv94rtIM6geJR1e2c5mfJWtHSq3EYQarHC68" +
809 "cAZvCAmQZGa1eQRNRqcTSKX8yfqH0SouIE9ohJtpiluNe+Xgk5fKv3AgERMA0G" +
810 "CSqGSIb3DQEBBQUAA4GBAE6pqSgK8QKRHSh6YvYs9oRh1n8iREco7QmZCFj7UB" +
811 "kn/QgJ9mKsT8o12VnYHqBCEwBNaT1ay3z/SR4/Z383zuu4Y6xxjqOqnM6gtwUV" +
812 "u5/0hvz+ThtuTjItG6Ny5JkLZZQt/XbI5kg920t9jq3vbHBMuX2HxivwQe5sug" +
814 "</X509Certificate>" +
815 "<X509Certificate>" +
816 "MIIBpTCCAQ6gAwIBAgIQXo6Lr3rrSkW4xmNPRbHMbjANBgkqhkiG9w0BAQUFAD" +
817 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcxNDE4WhgPMjA5MDAxMjEw" +
818 "ODE0MThaMBExDzANBgNVBAMTBk1pZ3VlbDCBnTANBgkqhkiG9w0BAQEFAAOBiw" +
819 "AwgYcCgYEArCkeSZ6U3U3Fm2qSuQsM7xvvsSzZGQLPDUHFQ/BZxA7LiGRfXbmO" +
820 "yPkkYRYItXdy0yDl/8rAjelaL8jQ4me6Uexyeq+5xEgHn9VbNJny5apGNi4kF1" +
821 "8DR5DK9Zme9d6icusgW8krv3//5SVE8ao7X5qrIOGS825eCJL73YWbxKkCAREw" +
822 "DQYJKoZIhvcNAQEFBQADgYEASqBgYTkIJpDO28ZEXnF5Q/G3xDR/MxhdcrCISJ" +
823 "tDbuGVZzK+xhFhiYD5Q1NiGhD4oDIVJPwKmZH4L3YP96iSh6RdtO27V05ET/X5" +
824 "yWMKdeIsq6r9jXXv7NaWTmvNfMLKLNgEBCJ00+wN0u4xHUC7yCJc0KNQ3fjDLU" +
826 "</X509Certificate>" +
830 "</person>", "\r\n"), doc.OuterXml, "#1");
834 [Ignore ("This is a bad test case which should basically just check the computed signature value instead of comparing XML document literal string, and thus caused inconsistency between .NET 1.1 and .NET 2.0. Not deleting this test case, to easily find the reason for potentially happening regression in the future (which should not waste time).")]
835 public void SignedXML_LF_Valid ()
837 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
839 XmlDocument doc = CreateSignedXml (cert, SignedXml.XmlDsigExcC14NTransformUrl, "\n");
840 Assert.AreEqual (string.Format (CultureInfo.InvariantCulture, "<person>{0}" +
841 " <birthplace>Brussels</birthplace>{0}" +
842 "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" +
844 "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" />" +
845 "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" />" +
846 "<Reference URI=\"\">" +
848 "<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" />" +
850 "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" />" +
851 "<DigestValue>e3dsi1xK8FAx1vsug7J203JbEAU=</DigestValue>" +
855 "X29nbkOR/Xk3KwsEpEvpDOqfI6/NTtiewIxNqKMrPCoM0HLawK5HKsCw3lL07C" +
856 "8SwqvoXJL9VS05gsSia85YCB8NPDeHuHY3CPGT7DVpgeHFA0oefMnOi8IAqKD2" +
857 "nx29A222u5OmwbDO0qFqbtsgvIFiP5YJg04cwmnqs+eL+WA=" +
858 "</SignatureValue>" +
861 "<X509Certificate>" +
862 "MIIBozCCAQygAwIBAgIQHc+8iURSTUarmg4trmrnGTANBgkqhkiG9w0BAQUFAD" +
863 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcyNjUxWhgPMjA5MDAxMjEw" +
864 "ODI2NTFaMA8xDTALBgNVBAMTBE1vbm8wgZ0wDQYJKoZIhvcNAQEBBQADgYsAMI" +
865 "GHAoGBAJhFB1KHv2WzsHqih9Mvm3KffEOSMv+sh1mPW3sWI/95VOOVqJnhemMM" +
866 "s82phSbNZeoPHny4btbykbRRaRQv94rtIM6geJR1e2c5mfJWtHSq3EYQarHC68" +
867 "cAZvCAmQZGa1eQRNRqcTSKX8yfqH0SouIE9ohJtpiluNe+Xgk5fKv3AgERMA0G" +
868 "CSqGSIb3DQEBBQUAA4GBAE6pqSgK8QKRHSh6YvYs9oRh1n8iREco7QmZCFj7UB" +
869 "kn/QgJ9mKsT8o12VnYHqBCEwBNaT1ay3z/SR4/Z383zuu4Y6xxjqOqnM6gtwUV" +
870 "u5/0hvz+ThtuTjItG6Ny5JkLZZQt/XbI5kg920t9jq3vbHBMuX2HxivwQe5sug" +
872 "</X509Certificate>" +
873 "<X509Certificate>" +
874 "MIIBpTCCAQ6gAwIBAgIQXo6Lr3rrSkW4xmNPRbHMbjANBgkqhkiG9w0BAQUFAD" +
875 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcxNDE4WhgPMjA5MDAxMjEw" +
876 "ODE0MThaMBExDzANBgNVBAMTBk1pZ3VlbDCBnTANBgkqhkiG9w0BAQEFAAOBiw" +
877 "AwgYcCgYEArCkeSZ6U3U3Fm2qSuQsM7xvvsSzZGQLPDUHFQ/BZxA7LiGRfXbmO" +
878 "yPkkYRYItXdy0yDl/8rAjelaL8jQ4me6Uexyeq+5xEgHn9VbNJny5apGNi4kF1" +
879 "8DR5DK9Zme9d6icusgW8krv3//5SVE8ao7X5qrIOGS825eCJL73YWbxKkCAREw" +
880 "DQYJKoZIhvcNAQEFBQADgYEASqBgYTkIJpDO28ZEXnF5Q/G3xDR/MxhdcrCISJ" +
881 "tDbuGVZzK+xhFhiYD5Q1NiGhD4oDIVJPwKmZH4L3YP96iSh6RdtO27V05ET/X5" +
882 "yWMKdeIsq6r9jXXv7NaWTmvNfMLKLNgEBCJ00+wN0u4xHUC7yCJc0KNQ3fjDLU" +
884 "</X509Certificate>" +
888 "</person>", "\n"), doc.OuterXml, "#1");
891 [Test] // part of bug #79454
892 public void MultipleX509Certificates ()
894 XmlDocument doc = null;
895 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
897 doc = CreateSignedXml (cert, SignedXml.XmlDsigExcC14NTransformUrl, "\n");
898 Assert.IsTrue (VerifySignedXml (doc), "#1");
900 doc = CreateSignedXml (cert, SignedXml.XmlDsigExcC14NWithCommentsTransformUrl, "\n");
901 Assert.IsTrue (VerifySignedXml (doc), "#2");
903 doc = CreateSignedXml (cert, SignedXml.XmlDsigCanonicalizationUrl, "\n");
904 Assert.IsTrue (VerifySignedXml (doc), "#3");
906 doc = CreateSignedXml (cert, SignedXml.XmlDsigCanonicalizationWithCommentsUrl, "\n");
907 Assert.IsTrue (VerifySignedXml (doc), "#4");
910 // creates a signed XML document with two certificates in the X509Data
911 // element, with the second being the one that should be used to verify
913 static XmlDocument CreateSignedXml (X509Certificate2 cert, string canonicalizationMethod, string lineFeed)
915 XmlDocument doc = CreateSomeXml (lineFeed);
917 SignedXml signedXml = new SignedXml (doc);
918 signedXml.SigningKey = cert.PrivateKey;
919 signedXml.SignedInfo.CanonicalizationMethod = canonicalizationMethod;
921 Reference reference = new Reference ();
924 XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform ();
925 reference.AddTransform (env);
926 signedXml.AddReference (reference);
928 KeyInfo keyInfo = new KeyInfo ();
929 KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data ();
930 x509KeyInfo.AddCertificate (new X509Certificate2 (_cert));
931 x509KeyInfo.AddCertificate (cert);
932 keyInfo.AddClause (x509KeyInfo);
933 signedXml.KeyInfo = keyInfo;
935 signedXml.ComputeSignature ();
936 XmlElement xmlDigitalSignature = signedXml.GetXml ();
938 doc.DocumentElement.AppendChild (doc.ImportNode (xmlDigitalSignature, true));
942 static bool VerifySignedXml (XmlDocument signedDoc)
944 SignedXml signedXml = new SignedXml (signedDoc);
945 XmlNodeList nodeList = signedDoc.GetElementsByTagName ("Signature");
946 signedXml.LoadXml ((XmlElement) nodeList [0]);
947 return signedXml.CheckSignature ();
950 static XmlDocument CreateSomeXml (string lineFeed)
952 StringWriter sw = new StringWriter ();
953 sw.NewLine = lineFeed;
954 XmlTextWriter xtw = new XmlTextWriter (sw);
955 xtw.Formatting = Formatting.Indented;
956 xtw.WriteStartElement ("person");
957 xtw.WriteElementString ("birthplace", "Brussels");
958 xtw.WriteEndElement ();
961 XmlDocument doc = new XmlDocument ();
962 doc.PreserveWhitespace = true;
963 doc.Load (new StringReader (sw.ToString ()));
967 string Stream2String (Stream s)
969 StringBuilder sb = new StringBuilder ();
970 int b = s.ReadByte ();
972 sb.Append (Convert.ToChar (b));
975 return sb.ToString ();
978 private static byte [] _cert = new byte [] {
979 0x30, 0x82, 0x01, 0xa3, 0x30, 0x82, 0x01, 0x0c, 0xa0, 0x03, 0x02,
980 0x01, 0x02, 0x02, 0x10, 0x1d, 0xcf, 0xbc, 0x89, 0x44, 0x52, 0x4d,
981 0x46, 0xab, 0x9a, 0x0e, 0x2d, 0xae, 0x6a, 0xe7, 0x19, 0x30, 0x0d,
982 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
983 0x05, 0x00, 0x30, 0x11, 0x31, 0x0f, 0x30, 0x0d, 0x06, 0x03, 0x55,
984 0x04, 0x03, 0x13, 0x06, 0x4e, 0x6f, 0x76, 0x65, 0x6c, 0x6c, 0x30,
985 0x20, 0x17, 0x0d, 0x30, 0x36, 0x30, 0x39, 0x32, 0x31, 0x30, 0x37,
986 0x32, 0x36, 0x35, 0x31, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x39, 0x30,
987 0x30, 0x31, 0x32, 0x31, 0x30, 0x38, 0x32, 0x36, 0x35, 0x31, 0x5a,
988 0x30, 0x0f, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x04, 0x03,
989 0x13, 0x04, 0x4d, 0x6f, 0x6e, 0x6f, 0x30, 0x81, 0x9d, 0x30, 0x0d,
990 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
991 0x05, 0x00, 0x03, 0x81, 0x8b, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81,
992 0x81, 0x00, 0x98, 0x45, 0x07, 0x52, 0x87, 0xbf, 0x65, 0xb3, 0xb0,
993 0x7a, 0xa2, 0x87, 0xd3, 0x2f, 0x9b, 0x72, 0x9f, 0x7c, 0x43, 0x92,
994 0x32, 0xff, 0xac, 0x87, 0x59, 0x8f, 0x5b, 0x7b, 0x16, 0x23, 0xff,
995 0x79, 0x54, 0xe3, 0x95, 0xa8, 0x99, 0xe1, 0x7a, 0x63, 0x0c, 0xb3,
996 0xcd, 0xa9, 0x85, 0x26, 0xcd, 0x65, 0xea, 0x0f, 0x1e, 0x7c, 0xb8,
997 0x6e, 0xd6, 0xf2, 0x91, 0xb4, 0x51, 0x69, 0x14, 0x2f, 0xf7, 0x8a,
998 0xed, 0x20, 0xce, 0xa0, 0x78, 0x94, 0x75, 0x7b, 0x67, 0x39, 0x99,
999 0xf2, 0x56, 0xb4, 0x74, 0xaa, 0xdc, 0x46, 0x10, 0x6a, 0xb1, 0xc2,
1000 0xeb, 0xc7, 0x00, 0x66, 0xf0, 0x80, 0x99, 0x06, 0x46, 0x6b, 0x57,
1001 0x90, 0x44, 0xd4, 0x6a, 0x71, 0x34, 0x8a, 0x5f, 0xcc, 0x9f, 0xa8,
1002 0x7d, 0x12, 0xa2, 0xe2, 0x04, 0xf6, 0x88, 0x49, 0xb6, 0x98, 0xa5,
1003 0xb8, 0xd7, 0xbe, 0x5e, 0x09, 0x39, 0x7c, 0xab, 0xf7, 0x02, 0x01,
1004 0x11, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
1005 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x4e, 0xa9,
1006 0xa9, 0x28, 0x0a, 0xf1, 0x02, 0x91, 0x1d, 0x28, 0x7a, 0x62, 0xf6,
1007 0x2c, 0xf6, 0x84, 0x61, 0xd6, 0x7f, 0x22, 0x44, 0x47, 0x28, 0xed,
1008 0x09, 0x99, 0x08, 0x58, 0xfb, 0x50, 0x19, 0x27, 0xfd, 0x08, 0x09,
1009 0xf6, 0x62, 0xac, 0x4f, 0xca, 0x35, 0xd9, 0x59, 0xd8, 0x1e, 0xa0,
1010 0x42, 0x13, 0x00, 0x4d, 0x69, 0x3d, 0x5a, 0xcb, 0x7c, 0xff, 0x49,
1011 0x1e, 0x3f, 0x67, 0x7f, 0x37, 0xce, 0xeb, 0xb8, 0x63, 0xac, 0x71,
1012 0x8e, 0xa3, 0xaa, 0x9c, 0xce, 0xa0, 0xb7, 0x05, 0x15, 0xbb, 0x9f,
1013 0xf4, 0x86, 0xfc, 0xfe, 0x4e, 0x1b, 0x6e, 0x4e, 0x32, 0x2d, 0x1b,
1014 0xa3, 0x72, 0xe4, 0x99, 0x0b, 0x65, 0x94, 0x2d, 0xfd, 0x76, 0xc8,
1015 0xe6, 0x48, 0x3d, 0xdb, 0x4b, 0x7d, 0x8e, 0xad, 0xef, 0x6c, 0x70,
1016 0x4c, 0xb9, 0x7d, 0x87, 0xc6, 0x2b, 0xf0, 0x41, 0xee, 0x6c, 0xba,
1017 0x08, 0xcf, 0x69, 0x31, 0x18 };
1019 private static byte [] _pkcs12 = new byte [] {
1020 0x30, 0x82, 0x05, 0x8d, 0x02, 0x01, 0x03, 0x30, 0x82, 0x05, 0x47,
1021 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01,
1022 0xa0, 0x82, 0x05, 0x38, 0x04, 0x82, 0x05, 0x34, 0x30, 0x82, 0x05,
1023 0x30, 0x30, 0x82, 0x02, 0x3f, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
1024 0xf7, 0x0d, 0x01, 0x07, 0x06, 0xa0, 0x82, 0x02, 0x30, 0x30, 0x82,
1025 0x02, 0x2c, 0x02, 0x01, 0x00, 0x30, 0x82, 0x02, 0x25, 0x06, 0x09,
1026 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x30, 0x1c,
1027 0x06, 0x0a, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01,
1028 0x03, 0x30, 0x0e, 0x04, 0x08, 0x6e, 0x0a, 0x50, 0x20, 0xc3, 0x11,
1029 0x49, 0x07, 0x02, 0x02, 0x07, 0xd0, 0x80, 0x82, 0x01, 0xf8, 0x74,
1030 0x40, 0x07, 0x44, 0x6b, 0x80, 0x46, 0xe1, 0x4e, 0x65, 0x5e, 0xf2,
1031 0xf6, 0x38, 0x90, 0xd1, 0x75, 0x24, 0xd9, 0x72, 0x92, 0x5b, 0x4a,
1032 0xb9, 0x9e, 0xbd, 0xab, 0xe2, 0xb8, 0x91, 0xc9, 0x48, 0x14, 0x88,
1033 0x61, 0x7d, 0x06, 0xf9, 0x24, 0x80, 0xb5, 0x36, 0xaf, 0xfe, 0xc0,
1034 0x59, 0x00, 0x39, 0x3f, 0x78, 0xc0, 0x57, 0xea, 0x1e, 0xcb, 0x29,
1035 0xa4, 0x5f, 0xba, 0x4b, 0xd9, 0xca, 0x95, 0xab, 0x55, 0x4a, 0x11,
1036 0x1a, 0xf8, 0xe9, 0xd4, 0xc0, 0x08, 0x55, 0xfb, 0x69, 0x09, 0x0d,
1037 0x5b, 0xed, 0x02, 0xcc, 0x55, 0xfe, 0x05, 0x2e, 0x45, 0xa7, 0x8d,
1038 0x63, 0x9a, 0xda, 0x6c, 0xc7, 0xe1, 0xcb, 0x5c, 0xa7, 0xd9, 0x9b,
1039 0x4a, 0xfb, 0x7d, 0x31, 0xe5, 0x89, 0x3e, 0xf2, 0x32, 0xc9, 0x78,
1040 0xd0, 0x66, 0x1e, 0x38, 0xc7, 0xbf, 0x41, 0xf9, 0xe7, 0xbd, 0xce,
1041 0x8b, 0xc3, 0x14, 0x19, 0x4b, 0xfa, 0x3a, 0xa2, 0x1f, 0xb0, 0xd4,
1042 0xfa, 0x33, 0x39, 0x12, 0xd9, 0x36, 0x7f, 0x7e, 0xf0, 0xc4, 0xdc,
1043 0xf0, 0xb5, 0x7a, 0x50, 0x2c, 0x99, 0x9d, 0x02, 0x40, 0xec, 0x6a,
1044 0x23, 0x83, 0x16, 0xec, 0x8f, 0x58, 0x14, 0xa0, 0xa0, 0x9c, 0xa0,
1045 0xe1, 0xd0, 0x6f, 0x54, 0x1a, 0x10, 0x47, 0x69, 0x6b, 0x55, 0x7f,
1046 0x67, 0x7d, 0xb8, 0x38, 0xa0, 0x40, 0x99, 0x13, 0xe8, 0x15, 0x73,
1047 0x8d, 0x18, 0x86, 0x29, 0x74, 0xec, 0x66, 0xa3, 0xb8, 0x14, 0x10,
1048 0x61, 0xef, 0xa5, 0x79, 0x89, 0x01, 0xaa, 0xf2, 0x1f, 0x0c, 0xdd,
1049 0x0d, 0x8c, 0xbb, 0x7a, 0x4e, 0x0f, 0x47, 0x91, 0x37, 0xa3, 0x8a,
1050 0x43, 0x0f, 0xeb, 0xc7, 0x9b, 0x8d, 0xaf, 0x39, 0xdf, 0x23, 0x1c,
1051 0xa4, 0xf7, 0x66, 0x1c, 0x61, 0x42, 0x24, 0x9a, 0x0a, 0x3a, 0x31,
1052 0x9c, 0x51, 0xa2, 0x30, 0xbe, 0x85, 0xa6, 0xe8, 0x18, 0xfa, 0x8b,
1053 0xff, 0xdd, 0xdc, 0x34, 0x46, 0x4f, 0x15, 0xde, 0xdb, 0xc4, 0xeb,
1054 0x62, 0x3b, 0x7c, 0x25, 0x1a, 0x13, 0x8b, 0xda, 0x3b, 0x59, 0x2a,
1055 0xb8, 0x50, 0xe3, 0x9f, 0x76, 0xfc, 0xe8, 0x00, 0xfc, 0xf7, 0xba,
1056 0xd2, 0x45, 0x92, 0x14, 0xb5, 0xe2, 0x93, 0x41, 0x09, 0xea, 0x5b,
1057 0x5e, 0xda, 0x66, 0x92, 0xd1, 0x93, 0x7a, 0xc0, 0xe1, 0x2f, 0xed,
1058 0x29, 0x78, 0x80, 0xff, 0x79, 0x0e, 0xda, 0x78, 0x7e, 0x71, 0xa4,
1059 0x31, 0x2f, 0xe9, 0x48, 0xab, 0xc9, 0x40, 0x7d, 0x63, 0x06, 0xd6,
1060 0xb5, 0x2b, 0x49, 0xba, 0x43, 0x56, 0x69, 0xc5, 0xc2, 0x85, 0x37,
1061 0xdb, 0xe7, 0x39, 0x87, 0x8d, 0x14, 0x15, 0x55, 0x76, 0x3f, 0x70,
1062 0xf6, 0xd7, 0x80, 0x82, 0x48, 0x02, 0x64, 0xe1, 0x73, 0x1a, 0xd9,
1063 0x35, 0x1a, 0x43, 0xf3, 0xde, 0xd4, 0x00, 0x9d, 0x49, 0x2b, 0xc6,
1064 0x66, 0x19, 0x3e, 0xb8, 0xcc, 0x43, 0xcc, 0xa8, 0x12, 0xa4, 0xad,
1065 0xcd, 0xe2, 0xe6, 0xb3, 0xdd, 0x7e, 0x80, 0x50, 0xc0, 0xb4, 0x0c,
1066 0x4c, 0xd2, 0x31, 0xf3, 0xf8, 0x49, 0x31, 0xbe, 0xf2, 0x7d, 0x60,
1067 0x38, 0xe0, 0x60, 0xdf, 0x7b, 0x58, 0xe0, 0xf9, 0x6e, 0x68, 0x79,
1068 0x33, 0xb2, 0x2a, 0x53, 0x4c, 0x5a, 0x9d, 0xb3, 0x81, 0x4b, 0x19,
1069 0x21, 0xe2, 0x3a, 0x42, 0x07, 0x25, 0x5a, 0xee, 0x1f, 0x5d, 0xa2,
1070 0xca, 0xf7, 0x2f, 0x3c, 0x9b, 0xb0, 0xbc, 0xe7, 0xaf, 0x8c, 0x2f,
1071 0x52, 0x43, 0x79, 0x94, 0xb0, 0xee, 0xc4, 0x53, 0x09, 0xc0, 0xc9,
1072 0x21, 0x39, 0x64, 0x82, 0xc3, 0x54, 0xb8, 0x65, 0xf8, 0xdc, 0xb3,
1073 0xdf, 0x4d, 0xc4, 0x63, 0x59, 0x14, 0x37, 0xd6, 0xba, 0xa3, 0x98,
1074 0xda, 0x99, 0x02, 0xdd, 0x7a, 0x87, 0x3e, 0x34, 0xb5, 0x4b, 0x0a,
1075 0xb4, 0x2d, 0xea, 0x19, 0x24, 0xd1, 0xc2, 0x9f, 0x30, 0x82, 0x02,
1076 0xe9, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07,
1077 0x01, 0xa0, 0x82, 0x02, 0xda, 0x04, 0x82, 0x02, 0xd6, 0x30, 0x82,
1078 0x02, 0xd2, 0x30, 0x82, 0x02, 0xce, 0x06, 0x0b, 0x2a, 0x86, 0x48,
1079 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x02, 0xa0, 0x82, 0x02,
1080 0xa6, 0x30, 0x82, 0x02, 0xa2, 0x30, 0x1c, 0x06, 0x0a, 0x2a, 0x86,
1081 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x03, 0x30, 0x0e, 0x04,
1082 0x08, 0xe0, 0x21, 0x4f, 0x90, 0x7d, 0x86, 0x72, 0xc7, 0x02, 0x02,
1083 0x07, 0xd0, 0x04, 0x82, 0x02, 0x80, 0x92, 0xac, 0xe8, 0x52, 0xa6,
1084 0x3e, 0xed, 0x3d, 0xbc, 0x28, 0x5f, 0xb9, 0x45, 0x76, 0x27, 0x95,
1085 0xf8, 0x6a, 0xc5, 0x17, 0x97, 0x46, 0x58, 0xe9, 0x15, 0x7c, 0x68,
1086 0x62, 0x67, 0xb5, 0x2f, 0x1b, 0x64, 0x27, 0x9d, 0xfd, 0x67, 0x66,
1087 0x42, 0x21, 0x5c, 0xf4, 0x64, 0x37, 0xcc, 0xc0, 0x04, 0x01, 0x91,
1088 0x6c, 0x6b, 0x84, 0x96, 0xae, 0x04, 0xfe, 0xcc, 0x88, 0x6a, 0x84,
1089 0xd7, 0x59, 0x28, 0x78, 0xc9, 0xb4, 0xf6, 0x4d, 0x86, 0x8d, 0x59,
1090 0xc6, 0x74, 0x30, 0xca, 0x2f, 0x0a, 0xa7, 0x66, 0x99, 0xf4, 0x8f,
1091 0x44, 0x6d, 0x97, 0x3c, 0xd6, 0xdb, 0xd6, 0x31, 0x8c, 0xf7, 0x75,
1092 0xd9, 0x0b, 0xf5, 0xd2, 0x27, 0x80, 0x81, 0x28, 0x0f, 0x6b, 0x8b,
1093 0x45, 0x11, 0x08, 0x1d, 0x06, 0x31, 0x4d, 0x98, 0x68, 0xc9, 0x09,
1094 0x9b, 0x51, 0x84, 0x81, 0x74, 0x76, 0x57, 0x63, 0xb5, 0x38, 0xc8,
1095 0xe1, 0x96, 0xe4, 0xcd, 0xd4, 0xe8, 0xf8, 0x26, 0x88, 0x88, 0xaa,
1096 0xdf, 0x1b, 0xc6, 0x37, 0xb8, 0xc4, 0xe1, 0xcb, 0xc0, 0x71, 0x3d,
1097 0xd6, 0xd7, 0x8b, 0xc6, 0xec, 0x5f, 0x42, 0x86, 0xb0, 0x8d, 0x1c,
1098 0x49, 0xb9, 0xc6, 0x96, 0x11, 0xa5, 0xd6, 0xd2, 0xc0, 0x18, 0xca,
1099 0xe7, 0xf6, 0x93, 0xb4, 0xf5, 0x7a, 0xe4, 0xec, 0xa2, 0x90, 0xf8,
1100 0xef, 0x66, 0x0f, 0xa8, 0x52, 0x0c, 0x3f, 0x85, 0x4a, 0x76, 0x3a,
1101 0xb8, 0x5a, 0x2d, 0x03, 0x5d, 0x99, 0x70, 0xbb, 0x02, 0x1c, 0x77,
1102 0x43, 0x12, 0xd9, 0x1f, 0x7c, 0x6f, 0x69, 0x15, 0x17, 0x30, 0x51,
1103 0x7d, 0x53, 0xc2, 0x06, 0xe0, 0xd2, 0x31, 0x17, 0x2a, 0x98, 0xe3,
1104 0xe0, 0x20, 0xfb, 0x01, 0xfd, 0xd1, 0x1b, 0x50, 0x00, 0xad, 0x1d,
1105 0xff, 0xa1, 0xae, 0xd6, 0xac, 0x38, 0x8b, 0x71, 0x28, 0x44, 0x66,
1106 0x8c, 0xb6, 0x34, 0xc5, 0x86, 0xc9, 0x34, 0xda, 0x6c, 0x2a, 0xef,
1107 0x69, 0x3c, 0xb7, 0xbd, 0xa5, 0x05, 0x3c, 0x7c, 0xfb, 0x0c, 0x2d,
1108 0x49, 0x09, 0xdb, 0x91, 0x3b, 0x41, 0x2a, 0xe4, 0xfa, 0x4a, 0xc2,
1109 0xea, 0x9e, 0x6f, 0xc3, 0x46, 0x2a, 0x77, 0x83, 0x4e, 0x22, 0x01,
1110 0xfb, 0x0c, 0x2d, 0x5a, 0xcf, 0x8d, 0xa7, 0x55, 0x24, 0x7c, 0xda,
1111 0x9e, 0xd8, 0xbc, 0xf6, 0x81, 0x63, 0x8a, 0x36, 0xd0, 0x13, 0x74,
1112 0x30, 0x4d, 0xd8, 0x4e, 0xa6, 0x81, 0x71, 0x71, 0xff, 0x9f, 0xf3,
1113 0x8d, 0x75, 0xad, 0x6b, 0x93, 0x93, 0x8c, 0xf8, 0x7d, 0xa6, 0x62,
1114 0x9d, 0xf7, 0x86, 0x6f, 0xcb, 0x5b, 0x6f, 0xe5, 0xee, 0xcd, 0xb0,
1115 0xb2, 0xfd, 0x96, 0x2c, 0xde, 0xa0, 0xcf, 0x46, 0x8c, 0x66, 0x0e,
1116 0xf9, 0xa3, 0xdb, 0xfa, 0x8f, 0x1b, 0x54, 0x9d, 0x13, 0x13, 0x6b,
1117 0x97, 0x43, 0x97, 0x64, 0xec, 0x2a, 0xc5, 0xc0, 0x26, 0xab, 0xea,
1118 0x37, 0xd6, 0xcb, 0xb9, 0x83, 0x18, 0x53, 0x5a, 0xcd, 0x28, 0xb3,
1119 0x3b, 0x9c, 0x13, 0xaa, 0x78, 0x6c, 0xcf, 0xe9, 0x75, 0x7c, 0x80,
1120 0x04, 0x05, 0x52, 0xda, 0x13, 0x41, 0xb0, 0x27, 0x0f, 0x82, 0xa3,
1121 0x81, 0xd8, 0xf7, 0xdc, 0x61, 0xbb, 0x98, 0x32, 0x5a, 0x88, 0xbf,
1122 0x49, 0xc1, 0x76, 0x83, 0xcd, 0xc4, 0xb4, 0xca, 0x8d, 0x36, 0x88,
1123 0xee, 0xdb, 0xc5, 0xf4, 0x13, 0x28, 0x4d, 0xae, 0x7a, 0x31, 0x3e,
1124 0x77, 0x19, 0xab, 0x11, 0x15, 0x29, 0xd4, 0xcf, 0xb4, 0x73, 0x36,
1125 0x92, 0x1e, 0x4e, 0x5d, 0x35, 0x57, 0x84, 0x45, 0x9d, 0x05, 0x3c,
1126 0x44, 0x86, 0x08, 0x0b, 0x90, 0x29, 0xf9, 0xe6, 0x48, 0xaf, 0xf4,
1127 0x62, 0xd2, 0x4d, 0x32, 0x1a, 0xe9, 0xbf, 0x3a, 0x7b, 0x25, 0x4a,
1128 0x03, 0xfb, 0x40, 0x1d, 0x71, 0x2c, 0x10, 0x54, 0xdc, 0xbf, 0xf4,
1129 0x50, 0x85, 0x15, 0x11, 0xb1, 0x2d, 0x03, 0x2c, 0xe4, 0x8a, 0xce,
1130 0xec, 0x6e, 0x46, 0x06, 0x13, 0x3c, 0x97, 0x8d, 0xdd, 0xf6, 0x1e,
1131 0x62, 0xb4, 0x8d, 0xfa, 0x2c, 0x86, 0x87, 0x64, 0x5e, 0xec, 0xc8,
1132 0x84, 0xd1, 0x3d, 0xc5, 0x76, 0x4a, 0x31, 0xd3, 0xdb, 0x34, 0x6e,
1133 0x8a, 0x49, 0xd6, 0x38, 0xbb, 0x05, 0xe9, 0x4d, 0xf1, 0xde, 0x3e,
1134 0xa4, 0x47, 0xdd, 0xe8, 0xa8, 0xf1, 0xba, 0x55, 0xce, 0xca, 0x5b,
1135 0x57, 0xd7, 0xc8, 0x9f, 0x09, 0xa3, 0x8e, 0x58, 0x83, 0x21, 0x0a,
1136 0x6e, 0xd3, 0x70, 0x9c, 0xb9, 0x7c, 0x52, 0x98, 0x53, 0xcb, 0xda,
1137 0x9d, 0xaf, 0xb7, 0x4b, 0xf7, 0x48, 0x91, 0x7e, 0x78, 0x20, 0x19,
1138 0xe3, 0x41, 0x9d, 0xc8, 0x68, 0x11, 0xfb, 0x5f, 0x6b, 0xc8, 0x09,
1139 0x74, 0xcb, 0x76, 0x08, 0xbc, 0x28, 0x63, 0x57, 0x04, 0xb0, 0x80,
1140 0xd1, 0x53, 0x60, 0x50, 0x44, 0xba, 0x80, 0x48, 0x5e, 0x0e, 0x9a,
1141 0xe5, 0x64, 0x26, 0x7a, 0x88, 0xb9, 0xc6, 0x33, 0x31, 0x15, 0x30,
1142 0x13, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
1143 0x15, 0x31, 0x06, 0x04, 0x04, 0x01, 0x00, 0x00, 0x00, 0x30, 0x3d,
1144 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
1145 0x05, 0x00, 0x04, 0x14, 0x32, 0x55, 0x07, 0xa2, 0x67, 0xf3, 0x76,
1146 0x4d, 0x0b, 0x6f, 0xa4, 0xa0, 0x7b, 0xce, 0x2f, 0xc5, 0xff, 0xbe,
1147 0x3e, 0x38, 0x04, 0x14, 0x52, 0xf8, 0xb3, 0xeb, 0xc3, 0xda, 0x79,
1148 0xfa, 0x75, 0x89, 0x67, 0x33, 0x01, 0xd0, 0xb0, 0x13, 0xfa, 0x11,
1149 0x94, 0xac, 0x02, 0x02, 0x07, 0xd0 };
1151 public SignedXml SignHMAC (string uri, KeyedHashAlgorithm mac, bool ok)
1153 string input = "<foo/>";
1155 XmlDocument doc = new XmlDocument ();
1156 doc.LoadXml (input);
1158 SignedXml sig = new SignedXml (doc);
1159 Reference r = new Reference ("");
1160 r.AddTransform (new XmlDsigEnvelopedSignatureTransform ());
1161 r.DigestMethod = uri;
1162 sig.AddReference (r);
1164 sig.ComputeSignature (mac);
1165 doc.DocumentElement.AppendChild (doc.ImportNode (sig.GetXml (), true));
1166 // doc.Save (System.Console.Out);
1168 sig.LoadXml (doc.DocumentElement ["Signature"]);
1169 Assert.AreEqual (ok, sig.CheckSignature (mac), "CheckSignature");
1173 static byte [] hmackey = new byte [0];
1174 private const string more256 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";
1175 private const string more384 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384";
1176 private const string more512 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512";
1177 private const string moreripe = "http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160";
1180 public void SignHMAC_SHA256 ()
1182 SignedXml sign = SignHMAC (EncryptedXml.XmlEncSHA256Url, new HMACSHA256 (hmackey), true);
1183 Assert.AreEqual (more256, sign.SignatureMethod, "SignatureMethod");
1187 public void SignHMAC_SHA256_Bad ()
1189 SignedXml sign = SignHMAC (more256, new HMACSHA256 (hmackey), false);
1190 Assert.AreEqual (more256, sign.SignatureMethod, "SignatureMethod");
1194 public void VerifyHMAC_SHA256 ()
1196 string xml = "<?xml version=\"1.0\" encoding=\"Windows-1252\"?><foo><Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#hmac-sha256\" /><Reference URI=\"\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" /></Transforms><DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha256\" /><DigestValue>sKG2hDPEHiPrzpd3QA8BZ0eMzMbSEPPMh9QqXgkP7Cs=</DigestValue></Reference></SignedInfo><SignatureValue>Faad3KInJdIpaGcBn5e04Zv080u45fSjAKqrgevdWQw=</SignatureValue></Signature></foo>";
1197 XmlDocument doc = new XmlDocument ();
1200 SignedXml sign = new SignedXml (doc);
1201 sign.LoadXml (doc.DocumentElement ["Signature"]);
1203 // verify MS-generated signature
1204 Assert.IsTrue (sign.CheckSignature (new HMACSHA256 (hmackey)));
1208 public void SignHMAC_SHA512 ()
1210 SignedXml sign = SignHMAC (EncryptedXml.XmlEncSHA512Url, new HMACSHA512 (hmackey), true);
1211 Assert.AreEqual (more512, sign.SignatureMethod, "SignatureMethod");
1215 public void SignHMAC_SHA512_Bad ()
1217 SignedXml sign = SignHMAC (more512, new HMACSHA512 (hmackey), false);
1218 Assert.AreEqual (more512, sign.SignatureMethod, "SignatureMethod");
1222 public void VerifyHMAC_SHA512 ()
1224 string xml = "<?xml version=\"1.0\" encoding=\"Windows-1252\"?><foo><Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#hmac-sha512\" /><Reference URI=\"\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" /></Transforms><DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha512\" /><DigestValue>2dvMkpTUE8Z76ResJG9pwPpVJNYo7t6s2L02V81xUVJ0oF8yJ7v8CTojjuL76s0iVdBxAOhP80Ambd1YaSkwSw==</DigestValue></Reference></SignedInfo><SignatureValue>wFenihRlm1x5/n0cifdX/TDOYqlbg2oVIbD/gyrAc0Q2hiIUTtwfBIMY5rQhKcErSz6YNoIl8RBQBmww/0rv5g==</SignatureValue></Signature></foo>";
1225 XmlDocument doc = new XmlDocument ();
1228 SignedXml sign = new SignedXml (doc);
1229 sign.LoadXml (doc.DocumentElement ["Signature"]);
1231 // verify MS-generated signature
1232 Assert.IsTrue (sign.CheckSignature (new HMACSHA512 (hmackey)));
1236 public void SignHMAC_SHA384 ()
1238 // works as long as the string can be used by CryptoConfig to create
1239 // an instance of the required hash algorithm
1240 SignedXml sign = SignHMAC ("SHA384", new HMACSHA384 (hmackey), true);
1241 Assert.AreEqual (more384, sign.SignatureMethod, "SignatureMethod");
1245 public void SignHMAC_SHA384_Bad ()
1247 // we can't verity the signature if the URI is used
1248 SignedXml sign = SignHMAC (more384, new HMACSHA384 (hmackey), false);
1249 Assert.AreEqual (more384, sign.SignatureMethod, "SignatureMethod");
1253 public void VerifyHMAC_SHA384 ()
1255 string xml = "<?xml version=\"1.0\" encoding=\"Windows-1252\"?><foo><Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#hmac-sha384\" /><Reference URI=\"\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" /></Transforms><DigestMethod Algorithm=\"SHA384\" /><DigestValue>kH9C0LeZocNVXhjfzpz00M5fc3WJf0QU8gxK4I7pAN7HN602yHo8yYDSlG14b5YS</DigestValue></Reference></SignedInfo><SignatureValue>LgydOfhv8nqpFLFPC+xg3ZnjC8D+V3mpzxv6GOdH1HDdw1r+LH/BFM2U7dntxgf0</SignatureValue></Signature></foo>";
1256 XmlDocument doc = new XmlDocument ();
1259 SignedXml sign = new SignedXml (doc);
1260 sign.LoadXml (doc.DocumentElement ["Signature"]);
1262 // verify MS-generated signature
1263 Assert.IsTrue (sign.CheckSignature (new HMACSHA384 (hmackey)));
1267 public void SignHMAC_RIPEMD160 ()
1269 // works as long as the string can be used by CryptoConfig to create
1270 // an instance of the required hash algorithm
1271 SignedXml sign = SignHMAC ("RIPEMD160", new HMACRIPEMD160 (hmackey), true);
1272 Assert.AreEqual (moreripe, sign.SignatureMethod, "SignatureMethod");
1276 public void SignHMAC_RIPEMD160_Bad ()
1278 // we can't verity the signature if the URI is used
1279 SignedXml sign = SignHMAC (moreripe, new HMACRIPEMD160 (hmackey), false);
1280 Assert.AreEqual (moreripe, sign.SignatureMethod, "SignatureMethod");
1284 public void VerifyHMAC_RIPEMD160 ()
1286 string xml = "<?xml version=\"1.0\" encoding=\"Windows-1252\"?><foo><Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160\" /><Reference URI=\"\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" /></Transforms><DigestMethod Algorithm=\"RIPEMD160\" /><DigestValue>+uyqtoSDPvgrsXCl1KCimhFpOVw=</DigestValue></Reference></SignedInfo><SignatureValue>8E2m/A5lyU6mBug7uskBqpDHuvs=</SignatureValue></Signature></foo>";
1287 XmlDocument doc = new XmlDocument ();
1290 SignedXml sign = new SignedXml (doc);
1291 sign.LoadXml (doc.DocumentElement ["Signature"]);
1293 // verify MS-generated signature
1294 Assert.IsTrue (sign.CheckSignature (new HMACRIPEMD160 (hmackey)));
1298 // * a 0-length signature is the worse case - it accepts anything
1299 // * between 1-7 bits length are considered invalid (not a multiple of 8)
1300 // * a 8 bits signature would have one chance, out of 256, to be valid
1301 // * and so on... until we hit (output-length / 2) or 80 bits (see ERRATUM)
1303 static bool erratum = true; // xmldsig erratum for CVE-2009-0217
1305 static SignedXml GetSignedXml (string xml)
1307 XmlDocument doc = new XmlDocument ();
1310 SignedXml sign = new SignedXml (doc);
1311 sign.LoadXml (doc.DocumentElement);
1315 static void CheckErratum (SignedXml signed, KeyedHashAlgorithm hmac, string message)
1319 signed.CheckSignature (hmac);
1320 Assert.Fail (message + ": unexcepted success");
1322 catch (CryptographicException) {
1324 catch (Exception e) {
1325 Assert.Fail (message + ": unexcepted " + e.ToString ());
1328 Assert.IsTrue (signed.CheckSignature (hmac), message);
1332 private void HmacMustBeMultipleOfEightBits (int bits)
1334 string xml = @"<?xml version=""1.0"" encoding=""UTF-8""?>
1335 <Signature xmlns=""http://www.w3.org/2000/09/xmldsig#"">
1337 <CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" />
1338 <SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#hmac-sha1"" >
1339 <HMACOutputLength>{0}</HMACOutputLength>
1341 <Reference URI=""#object"">
1342 <DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" />
1343 <DigestValue>nz4GS0NbH2SrWlD/4fX313CoTzc=</DigestValue>
1349 <Object Id=""object"">some other text</Object>
1352 SignedXml sign = GetSignedXml (String.Format (xml, bits));
1353 // only multiple of 8 bits are supported
1354 sign.CheckSignature (new HMACSHA1 (Encoding.ASCII.GetBytes ("secret")));
1358 public void HmacMustBeMultipleOfEightBits ()
1360 for (int i = 1; i < 160; i++) {
1361 // The .NET framework only supports multiple of 8 bits
1366 HmacMustBeMultipleOfEightBits (i);
1367 Assert.Fail ("Unexpected Success " + i.ToString ());
1369 catch (CryptographicException) {
1371 catch (Exception e) {
1372 Assert.Fail ("Unexpected Exception " + i.ToString () + " : " + e.ToString ());
1378 [Category ("NotDotNet")] // will fail until a fix is available
1379 public void VerifyHMAC_ZeroLength ()
1381 string xml = @"<?xml version=""1.0"" encoding=""UTF-8""?>
1382 <Signature xmlns=""http://www.w3.org/2000/09/xmldsig#"">
1384 <CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" />
1385 <SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#hmac-sha1"" >
1386 <HMACOutputLength>0</HMACOutputLength>
1388 <Reference URI=""#object"">
1389 <DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" />
1390 <DigestValue>nz4GS0NbH2SrWlD/4fX313CoTzc=</DigestValue>
1395 <Object Id=""object"">some other text</Object>
1398 SignedXml sign = GetSignedXml (xml);
1400 CheckErratum (sign, new HMACSHA1 (Encoding.ASCII.GetBytes ("no clue")), "1");
1401 CheckErratum (sign, new HMACSHA1 (Encoding.ASCII.GetBytes ("")), "2");
1402 CheckErratum (sign, new HMACSHA1 (Encoding.ASCII.GetBytes ("oops")), "3");
1403 CheckErratum (sign, new HMACSHA1 (Encoding.ASCII.GetBytes ("secret")), "4");
1407 [Category ("NotDotNet")] // will fail until a fix is available
1408 public void VerifyHMAC_SmallerThanMinimumLength ()
1410 // 72 is a multiple of 8 but smaller than the minimum of 80 bits
1411 string xml = @"<Signature xmlns=""http://www.w3.org/2000/09/xmldsig#""><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /><SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#hmac-sha1""><HMACOutputLength>72</HMACOutputLength></SignatureMethod><Reference URI=""#object""><DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" /><DigestValue>nz4GS0NbH2SrWlD/4fX313CoTzc=</DigestValue></Reference></SignedInfo><SignatureValue>2dimB+P5Aw5K</SignatureValue><Object Id=""object"">some other text</Object></Signature>";
1412 SignedXml sign = GetSignedXml (xml);
1413 CheckErratum (sign, new HMACSHA1 (Encoding.ASCII.GetBytes ("secret")), "72");
1417 public void VerifyHMAC_MinimumLength ()
1419 // 80 bits is the minimum (and the half-size of HMACSHA1)
1420 string xml = @"<Signature xmlns=""http://www.w3.org/2000/09/xmldsig#""><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /><SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#hmac-sha1""><HMACOutputLength>80</HMACOutputLength></SignatureMethod><Reference URI=""#object""><DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" /><DigestValue>nz4GS0NbH2SrWlD/4fX313CoTzc=</DigestValue></Reference></SignedInfo><SignatureValue>jVQPtLj61zNYjw==</SignatureValue><Object Id=""object"">some other text</Object></Signature>";
1421 SignedXml sign = GetSignedXml (xml);
1422 Assert.IsTrue (sign.CheckSignature (new HMACSHA1 (Encoding.ASCII.GetBytes ("secret"))));
1426 [Category ("NotDotNet")] // will fail until a fix is available
1427 public void VerifyHMAC_SmallerHalfLength ()
1429 // 80bits is smaller than the half-size of HMACSHA256
1430 string xml = @"<Signature xmlns=""http://www.w3.org/2000/09/xmldsig#""><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /><SignatureMethod Algorithm=""http://www.w3.org/2001/04/xmldsig-more#hmac-sha256""><HMACOutputLength>80</HMACOutputLength></SignatureMethod><Reference URI=""#object""><DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" /><DigestValue>nz4GS0NbH2SrWlD/4fX313CoTzc=</DigestValue></Reference></SignedInfo><SignatureValue>vPtw7zKVV/JwQg==</SignatureValue><Object Id=""object"">some other text</Object></Signature>";
1431 SignedXml sign = GetSignedXml (xml);
1432 CheckErratum (sign, new HMACSHA256 (Encoding.ASCII.GetBytes ("secret")), "80");
1436 public void VerifyHMAC_HalfLength ()
1438 // 128 is the half-size of HMACSHA256
1439 string xml = @"<Signature xmlns=""http://www.w3.org/2000/09/xmldsig#""><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /><SignatureMethod Algorithm=""http://www.w3.org/2001/04/xmldsig-more#hmac-sha256""><HMACOutputLength>128</HMACOutputLength></SignatureMethod><Reference URI=""#object""><DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" /><DigestValue>nz4GS0NbH2SrWlD/4fX313CoTzc=</DigestValue></Reference></SignedInfo><SignatureValue>aegpvkAwOL8gN/CjSnW6qw==</SignatureValue><Object Id=""object"">some other text</Object></Signature>";
1440 SignedXml sign = GetSignedXml (xml);
1441 Assert.IsTrue (sign.CheckSignature (new HMACSHA256 (Encoding.ASCII.GetBytes ("secret"))));
1445 public void VerifyHMAC_FullLength ()
1447 string xml = @"<Signature xmlns=""http://www.w3.org/2000/09/xmldsig#""><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /><SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#hmac-sha1"" /><Reference URI=""#object""><DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" /><DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue></Reference></SignedInfo><SignatureValue>a0goL9esBUKPqtFYgpp2KST4huk=</SignatureValue><Object Id=""object"">some text</Object></Signature>";
1448 SignedXml sign = GetSignedXml (xml);
1449 Assert.IsTrue (sign.CheckSignature (new HMACSHA1 (Encoding.ASCII.GetBytes ("secret"))));
1453 [ExpectedException (typeof (CryptographicException))]
1454 public void VerifyHMAC_HMACOutputLength_Signature_Mismatch ()
1456 string xml = @"<?xml version=""1.0"" encoding=""UTF-8""?>
1457 <Signature xmlns=""http://www.w3.org/2000/09/xmldsig#"">
1459 <CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" />
1460 <SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#hmac-sha1"" >
1461 <HMACOutputLength>80</HMACOutputLength>
1463 <Reference URI=""#object"">
1464 <DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" />
1465 <DigestValue>nz4GS0NbH2SrWlD/4fX313CoTzc=</DigestValue>
1470 <Object Id=""object"">some other text</Object>
1473 SignedXml sign = GetSignedXml (xml);
1474 sign.CheckSignature (new HMACSHA1 (Encoding.ASCII.GetBytes ("no clue")));
1478 [ExpectedException (typeof (FormatException))]
1479 public void VerifyHMAC_HMACOutputLength_Invalid ()
1481 string xml = @"<?xml version=""1.0"" encoding=""UTF-8""?>
1482 <Signature xmlns=""http://www.w3.org/2000/09/xmldsig#"">
1484 <CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" />
1485 <SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#hmac-sha1"" >
1486 <HMACOutputLength>I wish this was not a string property</HMACOutputLength>
1488 <Reference URI=""#object"">
1489 <DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" />
1490 <DigestValue>nz4GS0NbH2SrWlD/4fX313CoTzc=</DigestValue>
1495 <Object Id=""object"">some other text</Object>
1498 SignedXml sign = GetSignedXml (xml);
1499 sign.CheckSignature (new HMACSHA1 (Encoding.ASCII.GetBytes ("no clue")));