dotnet
diff --git a/‎src/libraries/System.Security.Cryptography.Xml/tests/CanonicalXmlEntityReferenceTest.cs‎
Lines changed: 168 additions & 0 deletions b/‎src/libraries/System.Security.Cryptography.Xml/tests/CanonicalXmlEntityReferenceTest.cs‎
Lines changed: 168 additions & 0 deletions
diff --git a/‎src/libraries/System.Security.Cryptography.Xml/tests/DataObjectTests.cs‎
Lines changed: 152 additions & 0 deletions b/‎src/libraries/System.Security.Cryptography.Xml/tests/DataObjectTests.cs‎
Lines changed: 152 additions & 0 deletions
diff --git a/‎src/libraries/System.Security.Cryptography.Xml/tests/DataReferenceTest.cs‎
Lines changed: 67 additions & 0 deletions b/‎src/libraries/System.Security.Cryptography.Xml/tests/DataReferenceTest.cs‎
Lines changed: 67 additions & 0 deletions
@@ -0,0 +1,168 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+using System.IO;
+using System.Text;
+using System.Xml;
+using Xunit;
+
+namespace System.Security.Cryptography.Xml.Tests
+{
+    public class CanonicalXmlEntityReferenceTest
+    {
+        [Fact]
+        public void EntityReferenceInCanonicalization()
+        {
+            // This test exercises CanonicalXmlEntityReference by using a transform
+            // that internally creates a CanonicalXmlDocument and loads XML into it.
+            // When an XmlNodeReader reads from a document containing entity references,
+            // the target document's CreateEntityReference method is called.
+
+            string xml = @"<!DOCTYPE doc [
+<!ENTITY test ""TestValue"">
+]>
+<root>&test;</root>";
+
+            XmlDocument doc = new XmlDocument();
+            doc.PreserveWhitespace = true;
+            doc.LoadXml(xml);
+
+            // Use C14N transform which internally uses CanonicalXmlDocument
+            XmlDsigC14NTransform transform = new XmlDsigC14NTransform();
+            transform.LoadInput(doc);
+            
+            Stream output = (Stream)transform.GetOutput();
+            string result = new StreamReader(output, Encoding.UTF8).ReadToEnd();
+            
+            // Entity should be expanded in canonical form
+            Assert.Equal("<root>TestValue</root>", result);
+        }
+
+        [Fact]
+        public void EntityReferenceWithXmlNodeList()
+        {
+            // Test with XmlNodeList input which triggers different code path in CanonicalXml
+            // When using XmlNodeList, nodes not in the list are not included, which may affect
+            // entity reference expansion in the canonical output
+            string xml = @"<!DOCTYPE doc [
+<!ENTITY test ""Hello"">
+]>
+<root><child>&test;</child></root>";
+
+            XmlDocument doc = new XmlDocument();
+            doc.PreserveWhitespace = true;
+            doc.LoadXml(xml);
+
+            XmlNodeList nodeList = doc.SelectNodes("//child")!;
+
+            XmlDsigC14NTransform transform = new XmlDsigC14NTransform();
+            transform.LoadInput(nodeList);
+            
+            Stream output = (Stream)transform.GetOutput();
+            string result = new StreamReader(output, Encoding.UTF8).ReadToEnd();
+            
+            // Only the child element should be in the result (entity not expanded since only child element is in XPath)
+            Assert.Equal("<child></child>", result);
+        }
+
+        [Fact]
+        public void EntityReferenceWithCommentsIncluded()
+        {
+            // Test with includeComments = true
+            string xml = @"<!DOCTYPE doc [
+<!ENTITY ent ""EntityContent"">
+]>
+<root><!--comment-->&ent;</root>";
+
+            XmlDocument doc = new XmlDocument();
+            doc.PreserveWhitespace = true;
+            doc.LoadXml(xml);
+
+            XmlDsigC14NWithCommentsTransform transform = new XmlDsigC14NWithCommentsTransform();
+            transform.LoadInput(doc);
+            
+            Stream output = (Stream)transform.GetOutput();
+            string result = new StreamReader(output, Encoding.UTF8).ReadToEnd();
+            
+            // Both comment and expanded entity should be in output
+            Assert.Contains("<!--comment-->", result);
+            Assert.Contains("EntityContent", result);
+        }
+
+        [Fact]
+        public void EntityReferenceInExclusiveCanonicalization()
+        {
+            // Test with Exclusive C14N transform
+            string xml = @"<!DOCTYPE doc [
+<!ENTITY test ""ExclusiveTest"">
+]>
+<root xmlns=""http://example.com"">&test;</root>";
+
+            XmlDocument doc = new XmlDocument();
+            doc.PreserveWhitespace = true;
+            doc.LoadXml(xml);
+
+            XmlDsigExcC14NTransform transform = new XmlDsigExcC14NTransform();
+            transform.LoadInput(doc);
+            
+            Stream output = (Stream)transform.GetOutput();
+            string result = new StreamReader(output, Encoding.UTF8).ReadToEnd();
+            
+            // Entity should be expanded in canonical form
+            Assert.Contains("ExclusiveTest", result);
+            Assert.Contains("http://example.com", result);
+        }
+
+        [Fact]
+        public void EntityReferenceWithHash()
+        {
+            // Test the WriteHash code path by using GetDigestedOutput
+            string xml = @"<!DOCTYPE doc [
+<!ENTITY test ""HashTest"">
+]>
+<root>&test;</root>";
+
+            XmlDocument doc = new XmlDocument();
+            doc.PreserveWhitespace = true;
+            doc.LoadXml(xml);
+
+            XmlDsigC14NTransform transform = new XmlDsigC14NTransform();
+            transform.LoadInput(doc);
+            
+            using (SHA256 hash = SHA256.Create())
+            {
+                byte[] digest = transform.GetDigestedOutput(hash);
+                
+                // Should produce a valid hash
+                Assert.NotNull(digest);
+                Assert.Equal(32, digest.Length); // SHA256 produces 32 bytes
+            }
+        }
+
+        [Fact]
+        public void MultipleEntityReferences()
+        {
+            // Test with multiple entity references
+            string xml = @"<!DOCTYPE doc [
+<!ENTITY ent1 ""First"">
+<!ENTITY ent2 ""Second"">
+]>
+<root>&ent1; and &ent2;</root>";
+
+            XmlDocument doc = new XmlDocument();
+            doc.PreserveWhitespace = true;
+            doc.LoadXml(xml);
+
+            XmlDsigC14NTransform transform = new XmlDsigC14NTransform();
+            transform.LoadInput(doc);
+            
+            Stream output = (Stream)transform.GetOutput();
+            string result = new StreamReader(output, Encoding.UTF8).ReadToEnd();
+            
+            // Both entities should be expanded
+            Assert.Contains("First", result);
+            Assert.Contains("Second", result);
+            Assert.Contains("and", result);
+        }
+    }
+}
@@ -161,5 +161,157 @@ private static XmlElement CreateTestElement(string name, string idValue, string
 
             return element;
         }
+
+        [Fact]
+        public void LoadXml_InvalidElement()
+        {
+            XmlDocument doc = new XmlDocument();
+            doc.LoadXml("<WrongElement />");
+
+            DataObject dataObject = new DataObject();
+            dataObject.Id = "test-id";
+            dataObject.Encoding = "UTF-8";
+            // LoadXml replaces the properties, so pre-set values are overwritten
+            dataObject.LoadXml(doc.DocumentElement);
+            Assert.NotNull(dataObject.Data);
+            // LoadXml reads from the XML, not the pre-set values
+            Assert.Null(dataObject.Id);
+            Assert.Null(dataObject.Encoding);
+        }
+
+        [Fact]
+        public void GetXml_WithData()
+        {
+            DataObject dataObject = new DataObject();
+            XmlDocument doc = new XmlDocument();
+            XmlElement elem = doc.CreateElement("TestData");
+            elem.InnerText = "test content";
+            dataObject.Data = new XmlNodeList[] { elem.ChildNodes }[0];
+
+            XmlElement xml = dataObject.GetXml();
+            Assert.NotNull(xml);
+            Assert.Equal("Object", xml.LocalName);
+            // The InnerText "test content" is a text node, verify it appears in the output
+            Assert.Contains("test content", xml.InnerXml);
+        }
+
+        [Fact]
+        public void Properties_SetAndGet()
+        {
+            DataObject dataObject = new DataObject();
+            
+            dataObject.Id = "obj-1";
+            Assert.Equal("obj-1", dataObject.Id);
+
+            dataObject.MimeType = "text/xml";
+            Assert.Equal("text/xml", dataObject.MimeType);
+
+            dataObject.Encoding = "UTF-8";
+            Assert.Equal("UTF-8", dataObject.Encoding);
+
+            Assert.NotNull(dataObject.Data);
+        }
+
+        [Fact]
+        public void LoadXml_WithData()
+        {
+            string xml = @"<Object Id=""obj1"" xmlns=""http://www.w3.org/2000/09/xmldsig#"">
+                <test>data</test>
+            </Object>";
+            XmlDocument doc = new XmlDocument();
+            doc.LoadXml(xml);
+
+            DataObject dataObject = new DataObject();
+            dataObject.LoadXml(doc.DocumentElement);
+            Assert.Equal("obj1", dataObject.Id);
+            Assert.Equal(1, dataObject.Data.Count);
+        }
+
+        [Fact]
+        public void LoadXml_NoId()
+        {
+            string xml = @"<Object xmlns=""http://www.w3.org/2000/09/xmldsig#"">
+                <test>data</test>
+            </Object>";
+            XmlDocument doc = new XmlDocument();
+            doc.LoadXml(xml);
+
+            DataObject dataObject = new DataObject();
+            dataObject.LoadXml(doc.DocumentElement);
+            Assert.Null(dataObject.Id);
+        }
+
+        [Fact]
+        public void LoadXml_NoMimeType()
+        {
+            string xml = @"<Object Id=""obj1"" xmlns=""http://www.w3.org/2000/09/xmldsig#"">
+                <test>data</test>
+            </Object>";
+            XmlDocument doc = new XmlDocument();
+            doc.LoadXml(xml);
+
+            DataObject dataObject = new DataObject();
+            dataObject.LoadXml(doc.DocumentElement);
+            Assert.Null(dataObject.MimeType);
+        }
+
+        [Fact]
+        public void LoadXml_NoEncoding()
+        {
+            string xml = @"<Object Id=""obj1"" xmlns=""http://www.w3.org/2000/09/xmldsig#"">
+                <test>data</test>
+            </Object>";
+            XmlDocument doc = new XmlDocument();
+            doc.LoadXml(xml);
+
+            DataObject dataObject = new DataObject();
+            dataObject.LoadXml(doc.DocumentElement);
+            Assert.Null(dataObject.Encoding);
+        }
+
+        [Fact]
+        public void GetXml_NoData()
+        {
+            DataObject dataObject = new DataObject();
+            dataObject.Id = "obj1";
+            
+            XmlElement xml = dataObject.GetXml();
+            Assert.NotNull(xml);
+            Assert.Equal(@"<Object Id=""obj1"" xmlns=""http://www.w3.org/2000/09/xmldsig#"" />", xml.OuterXml);
+        }
+
+        [Fact]
+        public void GetXml_EmptyStrings()
+        {
+            DataObject dataObject = new DataObject();
+            dataObject.Id = "";
+            dataObject.MimeType = "";
+            dataObject.Encoding = "";
+            
+            XmlElement xml = dataObject.GetXml();
+            // Verify the full output XML - empty strings for MimeType and Encoding mean no attributes are added
+            Assert.Equal(@"<Object xmlns=""http://www.w3.org/2000/09/xmldsig#"" />", xml.OuterXml);
+        }
+
+        [Fact]
+        public void Constructor_NullArguments()
+        {
+            XmlDocument doc = new XmlDocument();
+            XmlElement elem = doc.CreateElement("test");
+            
+            DataObject dataObject = new DataObject(null, null, null, elem);
+            Assert.Null(dataObject.Id);
+            Assert.Null(dataObject.MimeType);
+            Assert.Null(dataObject.Encoding);
+            Assert.NotNull(dataObject.Data);
+            
+            // Verify GetXml output - should include the test element content
+            XmlElement xml = dataObject.GetXml();
+            Assert.NotNull(xml);
+            Assert.Equal("Object", xml.LocalName);
+            Assert.Equal(SignedXml.XmlDsigNamespaceUrl, xml.NamespaceURI);
+            // The element should contain the child element
+            Assert.Contains("<test", xml.InnerXml);
+        }
     }
 }
@@ -25,5 +25,72 @@ public void LoadXml()
             EncryptedKey ek = new EncryptedKey();
             ek.LoadXml(doc.DocumentElement);
         }
+
+        [Fact]
+        public void Constructor_Empty()
+        {
+            DataReference dataRef = new DataReference();
+            Assert.Equal(string.Empty, dataRef.Uri);
+        }
+
+        [Fact]
+        public void Constructor_WithUri()
+        {
+            string uri = "#data1";
+            DataReference dataRef = new DataReference(uri);
+            Assert.Equal(uri, dataRef.Uri);
+        }
+
+        [Fact]
+        public void Constructor_WithUriAndTransformChain()
+        {
+            string uri = "#data1";
+            TransformChain tc = new TransformChain();
+            tc.Add(new XmlDsigBase64Transform());
+
+            DataReference dataRef = new DataReference(uri, tc);
+            Assert.Equal(uri, dataRef.Uri);
+            Assert.NotNull(dataRef.TransformChain);
+            Assert.Equal(1, dataRef.TransformChain.Count);
+        }
+
+        [Fact]
+        public void GetXml_SimpleDataReference()
+        {
+            DataReference dataRef = new DataReference("#encrypted-data-1");
+            XmlElement xml = dataRef.GetXml();
+            Assert.Equal(@"<DataReference URI=""#encrypted-data-1"" xmlns=""http://www.w3.org/2001/04/xmlenc#"" />", xml.OuterXml);
+        }
+
+        [Fact]
+        public void GetXml_WithTransforms()
+        {
+            DataReference dataRef = new DataReference("#data1");
+            dataRef.TransformChain.Add(new XmlDsigC14NTransform());
+            
+            XmlElement xml = dataRef.GetXml();
+            Assert.Equal("DataReference", xml.LocalName);
+            Assert.NotNull(xml.SelectSingleNode("//*[local-name()='Transforms']"));
+        }
+
+        [Fact]
+        public void LoadXml_SimpleDataReference()
+        {
+            string xml = @"<DataReference URI=""#encrypted-element"" xmlns=""http://www.w3.org/2001/04/xmlenc#"" />";
+            XmlDocument doc = new XmlDocument();
+            doc.LoadXml(xml);
+
+            DataReference dataRef = new DataReference();
+            dataRef.LoadXml(doc.DocumentElement);
+            Assert.Equal("#encrypted-element", dataRef.Uri);
+        }
+
+        [Fact]
+        public void ReferenceType_IsDataReference()
+        {
+            DataReference dataRef = new DataReference();
+            XmlElement xml = dataRef.GetXml();
+            Assert.Equal("DataReference", xml.LocalName);
+        }
     }
 }