I am working on a client side communication with a SOAP web services using .NET Core (latest version at the moment 1.1.) and C# (actually Omnisharp). Requests should be digitally signed with an enveloped signature, using RSA-SHA1 signing method, ending up with structure like this:
<soap:Envelope>
<soap:Body>
<MyRootElement>
<MyData>
...
</MyData>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#G0xcabf5080-4D">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>4j9JKFMvg6Mmfx7ERu8R3WkZTtQ=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>....</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>....</X509Certificate>
<X509IssuerSerial>
<X509IssuerName>...</X509IssuerName>
<X509SerialNumber>72672627</X509SerialNumber>
</X509IssuerSerial>
</X509Data>
</KeyInfo>
</Signature>
</MyRootElement>
</soap:Body>
</soap:Envelope>
All documentation I was able to find refer to using SignedXml class that is not available in .NET Core. Does anyone have suggestion or link to share how can I make this signature (and required canonicalization) without SignedXml class? Or maybe there is some unofficial version of SignedXml that I am not aware of?
SignedXml is in the tree at https://github.com/dotnet/corefx and presumably will be available with the upcoming 2.0 release (as a nuget package, not the shared framework bundle).
It has a lot of dependencies on 2.0 types, so it would be difficult to try to port it back to 1.1; but maybe you could carve it down to your specific needs.
Or, try with the 2.0 preview release and see if things just work.