I am attempting to add References to my Security Header and am running into a fairly generic error:
Malformed Reference Element
I have tried the following with similar results:
- Referencing the element within the document by passing in the
ID
of the element as theURI
of theReference
object. - Passing an
XmlElement
object to theReference
through theLoadXml()
method. I am retrieving theXmlElement
reference by using the overloadedGetIdElement
found on this StackOverflow post.
When I pass in an empty string as the URI
, the ComputeSignature()
method of the SignedXml
works as expected. However, I need to add up to 3 references to the Security Header.
UPDATE #1
Thanks to this blog post, I was able to create the simplified version from that and I believe what is causing my problem is the use of the Namespace
attributes and prefixes.
UPDATE #2
It appears as though the Namespace declaration on the Id
attribute of the <Timestamp>
element is causing this error to occur.
UPDATE #3
I think I got this working. See my answer post below.
Working Sample:
Please note the Id XAttribute
with the Namespace defined does not work; while the Id XAttribute
without the Namespace defined does work.
private void CreateSecurityAndTimestampXML(string fileName)
{
TimestampID = "TS-E" + GUID.NewGuid();
DateTime SecurityTimestampUTC = DateTime.UtcNow;
XDocument xdoc = new XDocument(
new XElement(wsse + "Security",
new XAttribute(XNamespace.Xmlns + "wsse", wsse.NamespaceName),
new XAttribute(XNamespace.Xmlns + "wsu", wsu.NamespaceName),
new XElement(wsu + "Timestamp",
// new XAttribute(wsu + "Id", TimestampID), // <-- Does Not Work
new XAttribute("Id", TimestampID), // <-- Works
new XElement(wsu + "Created", SecurityTimestampUTC.ToString(_timestampFormat)),
new XElement(wsu + "Expires", SecurityTimestampUTC.AddMinutes(10).ToString(_timestampFormat))
)
)
);
using (XmlTextWriter tw = new XmlTextWriter(fileName, new UTF8Encoding(false)))
{
xdoc.WriteTo(tw);
}
}
// Snippet
string[] elements = { TimestampID };
foreach (string s in elements)
{
Reference reference = new Reference()
{
Uri = "#" + s
};
XmlDsigExcC14NTransform env = new XmlDsigExcC14NTransform();
env.InclusiveNamespacesPrefixList = _includedPrefixList;
reference.AddTransform(env);
xSigned.AddReference(reference);
}
// Add Key Info Here.
// Compute the Signature.
xSigned.ComputeSignature();