You are gonna need the XmlDsigEnvelopedSignatureTransform
in your case because you are adding the signature inside the element you are signing.
XmlDsigEnvelopedSignatureTransform
will tell the SignedXml
class to remove the signature from the signature node itself before testing it's validity. This is needed because you added that element after calculating the signature.
You can add more then one transform by calling the AddTransform
again like this:
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
XmlDsigExcC14NTransform c14n = new XmlDsigExcC14NTransform();
reference.AddTransform(env);
reference.AddTransform(c14n);
However i think what you actually want to do instead of my example above is set the CanonicalizationMethod
to c14n:
signedXml.SignedInfo.CanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
- or -
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;