Thank you for your appreciation.
Unfortunately, we don't have API for signing/encrypting XML.
However, I have done this in my private project. I have got inspired by blogpost of Rick Strahl (or just source code on GitHub).
I needed to sign a XML using
RSA SHA-2 certificate. I am not sure whether
SignedXml class is capable of
RSASSA-PSS. If not, Rebex component can probably help.
Signing data using Rebex certificate API looks like this:
var cert = Certificate.LoadPfx(@"c:\data\cert.pfx", "password");
var parameters = new SignatureParameters();
parameters.PaddingScheme = SignaturePaddingScheme.Pss;
parameters.HashAlgorithm = HashingAlgorithmId.SHA384;
// sign a message (data)
var signature = cert.SignMessage(messageBytes, parameters);
// or sign already computed hash of the message (data)
// this method is not currently public (please let us know if you need it)
var signature = cert.SignHash(hashBytes, parameters);
The easiest way to sign XML using
SignedXml doesn't support it natively) seems to be:
- Use Rick Strahl's code to create
RSA SHA-1 signed XML
RSASSA-PSS signature using Rebex certificate API based on generated hash (digest)
- Replace necessary data (
SignatureValue) with correct values
I didn't try it, but it can work.