I’m trying to sign an Xml file using the SignedXml calls in .Net 8. I’m having an issue with the XPath transforms.
Calling SignedXml.ComputeSignature() throws the following exception:
Unhandled exception. System.Xml.XPath.XPathException: Namespace prefix 'ext' is not defined.
at MS.Internal.Xml.XPath.CompiledXpathExpr.UndefinedXsltContext.LookupNamespace(String prefix)
at MS.Internal.Xml.XPath.BaseAxisQuery.SetXsltContext(XsltContext context)
at MS.Internal.Xml.XPath.CompiledXpathExpr.SetContext(IXmlNamespaceResolver nsResolver)
at System.Security.Cryptography.Xml.XmlDsigXPathTransform.GetOutput()
at System.Security.Cryptography.Xml.TransformChain.TransformToOctetStream(Object inputObject, XmlResolver resolver, String baseUri)
at System.Security.Cryptography.Xml.Reference.CalculateHashValue(XmlDocument document, CanonicalXmlNodeList refList)
at System.Security.Cryptography.Xml.Reference.UpdateHashValue(XmlDocument document, CanonicalXmlNodeList refList)
at System.Security.Cryptography.Xml.SignedXml.BuildDigestedReferences()
at System.Security.Cryptography.Xml.SignedXml.ComputeSignature()
The XPath transforms look like this:
<ds:Reference Id="invoiceSignedData" URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<ds:XPath>not(//ancestor-or-self::ext:UBLExtensions)</ds:XPath>
</ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<ds:XPath>not(//ancestor-or-self::cac:Signature)</ds:XPath>
</ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<ds:XPath>not(//ancestor-or-self::cac:AdditionalDocumentReference[cbc:ID='QR'])</ds:XPath>
</ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>f+0WCqnPkInI+eL9G3LAry12fTPf+toC9UX07F4fI+s=</ds:DigestValue>
</ds:Reference>
I thought the class would be smart enough to get the namespaces specified in the XPath expressions automatically, but it seems not. How do I add the namespaces so that the XPath transforms work correctly?