tags:

views:

373

answers:

2
+2  Q: 

Generating an XML document hash in C#

What's the best way to go about hashing an XML document in C#? I'd like to hash an XML document so that I can tell if it was manually changed from when it was generated. I'm not using this for security--it's OK if someone changes the XML, and changes the hash to match.

For example, I'd hash the child nodes of the root and store the hash as an attribute of the root:

<RootNode Hash="abc123">
    <!-- Content to hash here -->
</RootNode>
+3  A: 

You can use the cryptography name space:

System.Security.Cryptography.MACTripleDES hash = new System.Security.Cryptography.MACTripleDES(Encoding.Default.GetBytes("mykey"));
string hashString = Convert.ToBase64String(hash.ComputeHash(Encoding.Default.GetBytes(myXMLString)));

You just need to use a key to create the hashing cryptographer and then create a hash with the string reqpresentation of your xml.

Matt Wrock  2009-10-05 17:14:49
see also System.Security.Cryptography.MD5, System.Security.Cryptography.SHA1, System.Security.Cryptography.SHA256, etc. and review comparision here: http://en.wikipedia.org/wiki/Cryptographic_hash_function
csharptest.net  2009-10-05 17:33:51
Encoding.Default is the encoding for the operating system's current ANSI code page. Your code will therefore give different results depending on the settings in the Regional and Language Options - Advanced tab.
Wim Coenen  2009-10-06 14:13:12
wcoenen has a very fair point. Use Encoding.ASCII or Encoding.<some consistent encoding>.
Matt Wrock  2009-10-06 14:17:40
+3  A: 

.NET has classes that implement the XML digital signature spec. The signature can be added inside the original XML document (i.e. an "enveloped signature"), or stored/transferred separately.

It may be a bit overkill since you don't need the security, but it has the advantage of being already implemented, and being a standard which does not depend on a language or platform.

Wim Coenen  2009-10-05 21:28:35
I like this solution, because as you pointed out, it is already implemented and is a standard.
emddudley  2009-11-18 14:59:36

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?