In my last post, I showed how to read an XML digital signature. In this post, I’m going to show how to verify the XML digital signature to check if it’s valid or not.
public bool VerifyXmlDSigValue(string value)
{
var xmlDoc = new XmlDocument();
xmlDoc.LoadXml(value);
SignedXml signedXml = new SignedXml(xmlDoc);
XmlNodeList signatures = xmlDoc.GetElementsByTagName("Signature");
X509Certificate2 certificate = new X509Certificate2(Convert.FromBase64String(xmlDoc.GetElementsByTagName("X509Certificate")[0].InnerText));
foreach (XmlElement signature in signatures)
{
signedXml.LoadXml(signature);
if (!signedXml.CheckSignature(certificate, true))
return false;
}
return true;
}