XmlDsigXPathTransform Class
This documentation is archived and is not being maintained.

XmlDsigXPathTransform Class

Represents the XPath transform for a digital signature as defined by the W3C.

Namespace: System.Security.Cryptography.Xml
Assembly: System.Security (in system.security.dll)

public ref class XmlDsigXPathTransform : public Transform
public class XmlDsigXPathTransform extends Transform
public class XmlDsigXPathTransform extends Transform
Not applicable.

The XmlDsigXPathTransform class allows you to address an XML document using the XPath language. This class uses an XPath expression to select the XML nodes you want to sign or encrypt while removing all others from either cryptographic operation.

Use the XmlDsigXPathTransform class to sign or encrypt specific parts of an XML document using an XPath expression. For information on initializing the XmlDsigXPathTransform class to the value of an XPath transform string, see the LoadInnerXml method.

The Uniform Resource Identifier (URI) that describes the XmlDsigXPathTransform class is defined by the XmlDsigXPathTransformUrl field.

For more information about the XPath transform, see Section 6.6.3 of the XMLDSIG specification, which is available from the W3C at www.w3.org/TR/xmldsig-core/.

This section contains two code examples. The first code example shows how to sign and verify an XML document using the XmlDsigXPathTransform class with an envelope signature. This example signs an XML document and saves the signature in a new XML document. The second code example demonstrates how to call members of the XmlDsigXPathTransform class.

Example #1

// This example signs an XML file using an
// envelope signature. It then verifies the 
// signed XML.
#using <System.Xml.dll>
#using <System.Security.dll>
#using <System.dll>

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::X509Certificates;
using namespace System::Security::Cryptography::Xml;
using namespace System::Text;
using namespace System::Xml;

// Create the XML that represents the transform.
static XmlDsigXPathTransform^ CreateXPathTransform( String^ XPathString )
   // Create a new XMLDocument object.
   XmlDocument^ doc = gcnew XmlDocument;
   // Create a new XmlElement.
   XmlElement^ xPathElem = doc->CreateElement( L"XPath" );
   // Set the element text to the value
   // of the XPath string.
   xPathElem->InnerText = XPathString;
   // Create a new XmlDsigXPathTransform object.
   XmlDsigXPathTransform^ xForm = gcnew XmlDsigXPathTransform;
   // Load the XPath XML from the element. 
   xForm->LoadInnerXml( xPathElem->SelectNodes( L"." ) );
   // Return the XML that represents the transform.
   return xForm;

// Sign an XML file and save the signature in a new file.
static void SignXmlFile( String^ FileName, String^ SignedFileName, RSA^ Key, String^ XPathString )
   // Create a new XML document.
   XmlDocument^ doc = gcnew XmlDocument;
   // Format the document to ignore white spaces.
   doc->PreserveWhitespace = false;
   // Load the passed XML file using it's name.
   doc->Load( gcnew XmlTextReader( FileName ) );
   // Create a SignedXml object.
   SignedXml^ signedXml = gcnew SignedXml( doc );
   // Add the key to the SignedXml document. 
   signedXml->SigningKey = Key;
   // Create a reference to be signed.
   Reference^ reference = gcnew Reference;
   reference->Uri = L"";
   // Create an XmlDsigXPathTransform object using 
   // the helper method 'CreateXPathTransform' defined
   // later in this sample.
   XmlDsigXPathTransform^ XPathTransform = CreateXPathTransform( XPathString );
   // Add the transform to the reference.
   reference->AddTransform( XPathTransform );
   // Add the reference to the SignedXml object.
   signedXml->AddReference( reference );
   // Add an RSAKeyValue KeyInfo (optional; helps recipient find key to validate).
   KeyInfo^ keyInfo = gcnew KeyInfo;
   keyInfo->AddClause( gcnew RSAKeyValue( dynamic_cast<RSA^>(Key) ) );
   signedXml->KeyInfo = keyInfo;
   // Compute the signature.
   // Get the XML representation of the signature and save
   // it to an XmlElement object.
   XmlElement^ xmlDigitalSignature = signedXml->GetXml();
   // Append the element to the XML document.
   doc->DocumentElement->AppendChild( doc->ImportNode( xmlDigitalSignature, true ) );
   // Save the signed XML document to a file specified
   // using the passed string.
   XmlTextWriter^ xmltw = gcnew XmlTextWriter( SignedFileName,gcnew UTF8Encoding( false ) );
   doc->WriteTo( xmltw );

// Verify the signature of an XML file and return the result.
static Boolean VerifyXmlFile( String^ Name )
   // Create a new XML document.
   XmlDocument^ xmlDocument = gcnew XmlDocument;
   // Format using white spaces.
   xmlDocument->PreserveWhitespace = true;
   // Load the passed XML file into the document. 
   xmlDocument->Load( Name );
   // Create a new SignedXml object and pass it
   // the XML document class.
   SignedXml^ signedXml = gcnew SignedXml( xmlDocument );
   // Find the "Signature" node and create a new
   // XmlNodeList object.
   XmlNodeList^ nodeList = xmlDocument->GetElementsByTagName( L"Signature" );
   // Load the signature node.
   signedXml->LoadXml( dynamic_cast<XmlElement^>(nodeList->Item( 0 )) );
   // Check the signature and return the result.
   return signedXml->CheckSignature();

// Create example data to sign.
static void CreateSomeXml( String^ FileName )
   // Create a new XmlDocument object.
   XmlDocument^ document = gcnew XmlDocument;
   // Create a new XmlNode object.
   XmlNode^ node = document->CreateNode( XmlNodeType::Element, L"", L"MyXML", L"Don't_Sign" );
   // Append the node to the document.
   document->AppendChild( node );
   // Create a new XmlNode object.
   XmlNode^ subnode = document->CreateNode( XmlNodeType::Element, L"", L"TempElement", L"Sign" );
   // Add some text to the node.
   subnode->InnerText = L"Here is some data to sign.";
   // Append the node to the document.
   document->DocumentElement->AppendChild( subnode );
   // Save the XML document to the file name specified.
   XmlTextWriter^ xmltw = gcnew XmlTextWriter( FileName,gcnew UTF8Encoding( false ) );
   document->WriteTo( xmltw );

int main()
   // Generate a signing key.
   RSACryptoServiceProvider^ Key = gcnew RSACryptoServiceProvider;
      // Create an XML file to sign.
      CreateSomeXml( L"Example.xml" );
      Console::WriteLine( L"New XML file created." );
      // Sign the XML that was just created and save it in a 
      // new file.
      SignXmlFile( L"Example.xml", L"SignedExample.xml", Key, L"ancestor-or-self::TempElement" );
      Console::WriteLine( L"XML file signed." );
      // Verify the signature of the signed XML.
      Console::WriteLine( L"Verifying signature..." );
      bool result = VerifyXmlFile( L"SignedExample.xml" );
      // Display the results of the signature verification to \
      // the console.
      if ( result )
         Console::WriteLine( L"The XML signature is valid." );
         Console::WriteLine( L"The XML signature is not valid." );
   catch ( CryptographicException^ e ) 
      Console::WriteLine( e->Message );

   return 1;

Example #2

No code example is currently available or this language may not be supported.


Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 98, Windows Server 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

.NET Framework

Supported in: 3.0, 2.0, 1.1, 1.0
© 2016 Microsoft