I'm having a lot of problems using XmlDsigEnvelopedSignatureTransform when signing an XML document multiple times. For example, I have a simple document and I add a signature to it, then, when I check the document, the signature is valid and everything
is fine. But when I add a second signature to the previously signed XML then the problems begin: the second signature is valid, the first one not! This seems like if the XmlDsigEnvelopedSignatureTransform is not removing the already existing Signature
nodes (as from W3C specifications) from the document before signing and when verifying, so the second signature broke the first one. This behavior is also specified in the MSDN documentation:
The XmlDsigEnvelopedSignatureTransform class removes the <Signature> element from an XML document before the digest
is computed. With this transform, you can sign and verify all elements of an XML document except the XML digital signature elements.
To confirm this, I've tested the example found in the official documentation and the results are like I imagined, the Signature element is not removed: