// What we want to do is pump the input throug the TransformChain and then
        // hash the output of the chain
        // document is the document context for resolving relative references
        internal byte[] CalculateHashValue(XmlDocument document, CanonicalXmlNodeList refList)
        {
            // refList is a list of elements that might be targets of references
            // Now's the time to create our hashing algorithm
            m_hashAlgorithm = (HashAlgorithm)CryptoConfig.CreateFromName(DigestMethod);
            if (m_hashAlgorithm == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_CreateHashAlgorithmFailed"));
            }

            string strBaseUri = (document == null ? null : document.BaseURI);
            // For interop w/ Petteri & IBM -- may not be required by the spec
            //if (m_transforms.Count == 0) {
            //if (DataObject != null && DataObject.Data != null) {
            //AddTransform(new W3cCanonicalization());
            //}
            //}

            // Let's go get the target.
            Stream      hashInputStream;
            WebRequest  theRequest  = null;
            WebResponse theResponse = null;
            Stream      inputStream = null;
            XmlResolver resolver    = null;

            switch (m_refTargetType)
            {
            case ReferenceTargetType.Stream:
                // This is the easiest case.  We already have a stream, so just pump it through
                // the TransformChain
                resolver        = (m_signedXml.ResolverSet ? m_signedXml.m_xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), strBaseUri));
                hashInputStream = m_transformChain.TransformToOctetStream((Stream)m_refTarget, resolver, strBaseUri);
                break;

            case ReferenceTargetType.UriReference:
                // Second-easiest case -- dereference the URI & pump through the TransformChain
                // handle the special cases where the URI is null (meaning whole doc)
                // or the URI is just a fragment (meaning a reference to an embedded Object)
                if (m_strUri == "")
                {
                    // This is the self-referential case.
                    // The Enveloped Signature does not discard comments as per spec; those will be omitted during the transform chain process
                    // First, check that we have a document context.
                    if (document == null)
                    {
                        throw new CryptographicException(String.Format(SecurityResources.GetResourceString("Cryptography_Xml_SelfReferenceRequiresContext"), m_strUri));
                    }

                    // Normalize the containing document
                    resolver = (m_signedXml.ResolverSet ? m_signedXml.m_xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), strBaseUri));
                    XmlDocument docWithNoComments = CanonicalXml.DiscardComments(SignedXml.PreProcessDocumentInput(document, resolver, strBaseUri));
                    hashInputStream = m_transformChain.TransformToOctetStream(docWithNoComments, resolver, strBaseUri);
                }
                else if (m_strUri[0] == '#')
                {
                    // If we get here, then we are constructing a Reference to an embedded DataObject
                    // referenced by an Id= attribute.  Go find the relevant object
                    String idref            = m_strUri.Substring(1);
                    bool   bDiscardComments = true;

                    // Deal with XPointer of types #xpointer(/) and #xpointer(id("ID")). Other XPointer support isn't handled here and is anyway optional
                    if (idref == "xpointer(/)")
                    {
                        // This is a self referencial case
                        if (document == null)
                        {
                            throw new CryptographicException(String.Format(SecurityResources.GetResourceString("Cryptography_Xml_SelfReferenceRequiresContext"), m_strUri));
                        }

                        // We should not discard comments here!!!
                        resolver        = (m_signedXml.ResolverSet ? m_signedXml.m_xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), strBaseUri));
                        hashInputStream = m_transformChain.TransformToOctetStream(SignedXml.PreProcessDocumentInput(document, resolver, strBaseUri), resolver, strBaseUri);
                        goto end;
                    }
                    else if (idref.StartsWith("xpointer(id("))
                    {
                        int startId = idref.IndexOf("id(");
                        int endId   = idref.IndexOf(")");
                        if (endId < 0 || endId < startId + 3)
                        {
                            throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidReference"));
                        }
                        idref            = idref.Substring(startId + 3, endId - startId - 3);
                        idref            = idref.Replace("\'", "");
                        idref            = idref.Replace("\"", "");
                        bDiscardComments = false;
                    }

                    XmlElement elem = m_signedXml.GetIdElement(document, idref);

                    if (elem == null)
                    {
                        // Go throw the referenced items passed in
                        if (refList != null)
                        {
                            foreach (XmlNode node in refList)
                            {
                                XmlElement tempElem = node as XmlElement;
                                if ((tempElem != null) && (tempElem.HasAttribute("Id")) && (tempElem.GetAttribute("Id").Equals(idref)))
                                {
                                    elem = tempElem;
                                    break;
                                }
                            }
                        }
                    }

                    if (elem == null)
                    {
                        throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidReference"));
                    }

                    // Add the propagated attributes, clone the element first
                    XmlElement elemClone = elem.Clone() as XmlElement;
                    if (m_namespaces != null)
                    {
                        foreach (XmlNode attrib in m_namespaces)
                        {
                            string name = ((attrib.Prefix != String.Empty) ? attrib.Prefix + ":" + attrib.LocalName : attrib.LocalName);
                            // Skip the attribute if one with the same qualified name already exists
                            if (elemClone.HasAttribute(name) || (name.Equals("xmlns") && elemClone.NamespaceURI != String.Empty))
                            {
                                continue;
                            }
                            XmlAttribute nsattrib = (XmlAttribute)elemClone.OwnerDocument.CreateAttribute(name);
                            nsattrib.Value = attrib.Value;
                            elemClone.SetAttributeNode(nsattrib);
                        }
                    }

                    if (bDiscardComments)
                    {
                        // We should discard comments before going into the transform chain
                        resolver = (m_signedXml.ResolverSet ? m_signedXml.m_xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), strBaseUri));
                        XmlDocument docWithNoComments = CanonicalXml.DiscardComments(SignedXml.PreProcessElementInput(elemClone, resolver, strBaseUri));
                        hashInputStream = m_transformChain.TransformToOctetStream(docWithNoComments, resolver, strBaseUri);
                    }
                    else
                    {
                        // This is an XPointer reference, do not discard comments!!!
                        resolver        = (m_signedXml.ResolverSet ? m_signedXml.m_xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), strBaseUri));
                        hashInputStream = m_transformChain.TransformToOctetStream(SignedXml.PreProcessElementInput(elemClone, resolver, strBaseUri), resolver, strBaseUri);
                    }
                }
                else
                {
                    theRequest = WebRequest.Create(m_strUri);
                    if (theRequest == null)
                    {
                        goto default;
                    }
                    theResponse = theRequest.GetResponse();
                    if (theResponse == null)
                    {
                        goto default;
                    }
                    inputStream = theResponse.GetResponseStream();
                    if (inputStream == null)
                    {
                        goto default;
                    }
                    resolver        = (m_signedXml.ResolverSet ? m_signedXml.m_xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), m_strUri));
                    hashInputStream = m_transformChain.TransformToOctetStream(inputStream, resolver, m_strUri);
                }
                break;

            case ReferenceTargetType.XmlElement:
                // We need to create a DocumentNavigator out of the XmlElement
                resolver        = (m_signedXml.ResolverSet ? m_signedXml.m_xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), strBaseUri));
                hashInputStream = m_transformChain.TransformToOctetStream(SignedXml.PreProcessElementInput((XmlElement)m_refTarget, resolver, strBaseUri), resolver, strBaseUri);
                break;

            default:
                throw new CryptographicException();
            }

end:
            // Compute the new hash value
            byte[] hashval = m_hashAlgorithm.ComputeHash(hashInputStream);

            // Close the response to free resources, before returning
            if (theResponse != null)
            {
                theResponse.Close();
            }
            if (inputStream != null)
            {
                inputStream.Close();
            }

            return(hashval);
        }