How can I sign a xml file with an x509 certificate in .NET Core?

Question

I am struggling with signing an XML document to be sent as a SAML 2.0 Request. I need to do this in Asp.Net Core.

The library that would help me with this problem System.Security.Cryptography.Xml is not available in .NET Core. I was thinking if there is a manual way to sign a xml document with specified signature algorithms and canonicalization method.

The initial xml document is:

<saml2p:AuthnRequest ID="_6cf0de52-7baa-42a6-bde9-1b3758876e23" Version="2.0" IssueInstant="2017-08-08T12:36:52.5360695Z" Destination="*hidden*" AssertionConsumerServiceURL="*hidden*" 
    xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" 
    xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
    <saml2:Issuer>*hidden*</saml2:Issuer>
    <saml2p:NameIDPolicy AllowCreate="true"/>
</saml2p:AuthnRequest>

And I need to obtain:

<saml2p:AuthnRequest ID="_6cf0de52-7baa-42a6-bde9-1b3758876e23" Version="2.0" IssueInstant="2017-08-08T12:36:52.5360695Z" Destination="*hidden*" AssertionConsumerServiceURL="*hidden*" 
    xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" 
    xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
    <saml2:Issuer>*hidden*</saml2:Issuer>
    <Signature 
        xmlns="http://www.w3.org/2000/09/xmldsig#">
        <SignedInfo>
            <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
            <Reference URI="#_6cf0de52-7baa-42a6-bde9-1b3758876e23">
                <Transforms>
                    <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
                </Transforms>
                <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
                <DigestValue>ECaUeAOFJKloXmSPfKqB67S8QWU=</DigestValue>
            </Reference>
        </SignedInfo>
        <SignatureValue>Rpj8w+29giFaKvnWO9Fjz4cs12mm+VcchYK3Y7T2iT7y48TejOYzKhBHIQ5JUZ/dRZ+B7Rc+PeAmixyR43WYyLpOoHGHL7kBj/Ols5eO5OXNAlcTocv1PUhAxn0onJeuX7vzWewmuRf9t8fItXrZFopFSaGHkDk0gYuRCEBf15seukaf9XT9EwRKt/bz8a5LaCqDH+sWEt8OUZucpUOlrMTaP9zx1/0+M6V3YM5DvndPuZcSKlyStELp1okXnxeMENwGBGB1XJwSP+VwbWADz6J0SB9sqNzMNF7YOAvZCdkYhxalIJ5VQll3dg+ZT5g/vGmKHehNhPDsjsnK+5W2OQ==</SignatureValue>
        <KeyInfo>
            <X509Data>
                <X509Certificate>MIIDETCCAf2gAwIBAgIQ8VcaEM0KNqNKVdi240uVlTAJBgUrDgMCHQUAMB4xHDAaBgNVBAMTE3NhbXBsZS5tcGFzcy5nb3YubWQwHhcNMTQwNzE2MTExMjI4WhcNMzkxMjMxMjM1OTU5WjAeMRwwGgYDVQQDExNzYW1wbGUubXBhc3MuZ292Lm1kMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJB1ZunoQVBBcIDUGDnDogjSzzYOZ+jaLFHGHIABA05IbPqLl6xJqKOT9ykC/jIYHbNkNiBF6FSrpU3qWfALJ7rZHef4IksQHEz0vqXq4LMVDBBVBCon4YtE9uZWmZU+m2us63MI0RQrj4mg4+u2RvQqEbDTPG5u5mmbcrLcl/tnN2wsOnLvCNFT9j2RLMKgEB9jKubRszKG1dEVkphgxm5S7lqmOXQWX24n9rBHro2fuuA5DE7GIF6YU9B3oCIFB5jRJcoWL3rX30cUb0sxlJXmVKEt1pOqt8n5aheWPFPtnBtIH13hLxVTqmWW7JUk+SgMdPLGpqxmtv6sPWOI2QIDAQABo1MwUTBPBgNVHQEESDBGgBC5sKpnobhhHkO5u+Vp8jpXoSAwHjEcMBoGA1UEAxMTc2FtcGxlLm1wYXNzLmdvdi5tZIIQ8VcaEM0KNqNKVdi240uVlTAJBgUrDgMCHQUAA4IBAQASmfVnZjEGPlmWK3X+vMZdSUw/FU11NdHIjwO8YA6OqNYHrHPOwLlgUlycr/VYs73s0wI1b+SaC2/lsbkXAF1w83jy3FHnipFjEkV1+d0ogmox4WFX0PVyeAwVO99swzU1ERrEoXQ/kIgtGe7FYrZ+3H+x0nae9fKnGOlW0GctwoZmG0zk2reU0AuQHj9GAkHK5nF7KAQg1VEdI/WsMxaz+ZS/ZS1882GEl6ZNKrhRIGrO4tGRFI9yYHEW2qzjewKIUrAba/ifdPsk37nJwJvlAD+gSUUeENCzHbZvx8iiNmxcGr1/6gB6Dub+Qc8NvrvVcWvPq+0Gox1rSQi/yQT0</X509Certificate>
            </X509Data>
        </KeyInfo>
    </Signature>
    <saml2p:NameIDPolicy AllowCreate="true" />
</saml2p:AuthnRequest>

Thank you in advance.

Answer 1

The SignedXml class is available in .NET Core 2.0 Preview 2, though you will need to explicitly reference the System.Security.Cryptography.Xml package, since it's not part of .NET Standard.

If you can't move to .NET Core 2.0 (which should be releasing any time in the next couple of weeks) then you'd have to find a 3rd party library or write it yourself. Given how complex the xmldsig and c14n specifications are, I'd strongly recommend against writing it yourself.