Hi All,
I am using the System.Security.Cryptography.Xml.XmlDsigExcC14NTransform function to convert an XML document into C14N standard ready for applying hashes and digital signatures. I am having trouble creating the correct output as expected by the web service I am invoking.
I have tracked the problem down to the C14N, and the problem seems to be for namespaces which are defined in the <soap:Envelope> element and are then also included in the PrefixList when using Exclusive C14N Canonicalization. In this case, the namespaces specified in the PrefixList which are defined in the <soap:Envelope> (but not defined in the actual child element) are not propagated down to the child when running C14N transformation.
For example, if I have this;
<soap:Envelope xmlns:parent="parent-namespace" xmlns:soap="w3.org/2003/05/soap-envelope">
<soap:Header>
<MessageID>abcdef-123456-abc123</MessageID>
<soap:Header>
<soap:Body>
....
</soap:Body>
<soap:Envelope>
If I then want to create a C14N version of <MessageID> I use the following code;
Dim instring As New StreamReader("C:\Sample.xml")
Dim xmldoc As String = instring.ReadToEnd
Dim canon As New System.Security.Cryptography.Xml.XmlDsigExcC14NTransform
Dim xd As New System.Xml.XmlDocument
xd.LoadXml(xmldoc)
canon.LoadInput(xd)
canon.InclusiveNamespacesPrefixList = "parent soap"
Dim outstream As New StreamReader(CType(canon.GetOutput(), IO.Stream))
Dim outstring As String = outstream.ReadToEnd
msgbox(outstring)
However, when looking at the output displayed in the messagebox (i.e. the output in string 'outstring') then I see that the <MessageID> element doesnot have the "parent" or "soap" namespaces added to it's attributes.
At first I did not think this was an issue. But then I tested a web service using the SoapUI tool and what I observed there is that SoapUIdoes propagate those namespaces down to the child element.
Please note I have simplified the issue here as ultimately I am testing some WS Security elements involving hashes, but the problem I am seeing at the moment is that the string value being sent in to the hash (SHA-256) function is different between using the .NET C14N and using SoapUI. The above illustrates the point, but what I don't quite understand is why the <soap:Envelope> namespace attributes are not propagated down to the child element. Do I somehow need to tell the Transform that I only want to extract the <MessageID> element? I didn't see any object or properties to allow this?