private static void VerifySigningCertificate(VerificationParameters parameters, X509Certificate2 signingCertificate)
{
var certificateBase64 = signingCertificate.RawData;
var calculatedHash = CryptoHelper.GetBytesSHA1(certificateBase64);
var xmlDocument = new XmlDocument();
xmlDocument.Load(parameters.InputPath);
var signingCertificateNode = XmlHelper.FindNodesIn(xmlDocument.DocumentElement,
"Signature/Object/QualifyingProperties/SignedProperties/" +
"SignedSignatureProperties/SigningCertificate/Cert/CertDigest");
var certificateHashNode = XmlHelper.FindNodesIn(signingCertificateNode[0],
"DigestValue");
var certificateHashInSignature = Convert.FromBase64String(certificateHashNode[0].InnerText);
if (!ArrayHelper.ArraysAreEqual(certificateHashInSignature, calculatedHash))
{
throw new InvalidSignedDocumentException("SigningCertificate cannot be verified");
}
}
