Пример с тестовой xml, который лежал в sdk
<?xml version="1.0" encoding="utf-8" standalone="no"?><INISExtractFromPersonalAccount xmlns="http://pmicro.kz/inis/egov"><ExtractDate>2011-10-01</ExtractDate><DeclarationDate>2011-10-01</DeclarationDate><TaxOrgCode>1509</TaxOrgCode><RNN>150920023804</RNN><IIN_BIN>850209400742</IIN_BIN><CompanyNameRu/><CompanyNameKz/><TaxpayerNameRu><LastName>string</LastName><FirstName>string</FirstName><MiddleName>string</MiddleName><FullName>string</FullName></TaxpayerNameRu><TaxpayerNameKz><LastName>string</LastName><FirstName>string</FirstName><MiddleName>string</MiddleName><FullName>string</FullName></TaxpayerNameKz><BeginDate>2011-01-01</BeginDate><EndDate>2011-01-05</EndDate><Table><Item><PaymentCode>string</PaymentCode><PaymentNameRu>string</PaymentNameRu><PaymentNameKz>string</PaymentNameKz><PaymentState><BeginDateBallance><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></BeginDateBallance><AcceptedBallance><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></AcceptedBallance><Charged><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></Charged><Decreased><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></Decreased><Payed><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></Payed><Returned><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></Returned><TransferedBallance><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></TransferedBallance><WrittenOffBallance><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></WrittenOffBallance><EndDateBallance><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></EndDateBallance><TaxSumWithModifiedExecutionDate>0.0</TaxSumWithModifiedExecutionDate><TaxSumOnAppealStageOrAppealed>0.0</TaxSumOnAppealStageOrAppealed><summPenaltyTO>0.0</summPenaltyTO><enumerationPenaltyTP>0.0</enumerationPenaltyTP></PaymentState></Item></Table><WorkerNameRu><LastName/><FirstName/><MiddleName/><FullName/></WorkerNameRu><WorkerNameKz><LastName/><FirstName/><MiddleName/><FullName/></WorkerNameKz><Total><BeginDateBallance><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></BeginDateBallance><AcceptedBallance><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></AcceptedBallance><Charged><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></Charged><Decreased><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></Decreased><Payed><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></Payed><Returned><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></Returned><TransferedBallance><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></TransferedBallance><WrittenOffBallance><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></WrittenOffBallance><EndDateBallance><Tax>0.0</Tax><PenaltyFee>0.0</PenaltyFee><Fine>0.0</Fine></EndDateBallance><TaxSumWithModifiedExecutionDate>0.0</TaxSumWithModifiedExecutionDate><TaxSumOnAppealStageOrAppealed>0.0</TaxSumOnAppealStageOrAppealed><summPenaltyTO>0.0</summPenaltyTO><enumerationPenaltyTP>0.0</enumerationPenaltyTP></Total><TaxpayerNameKz><LastName/><FirstName/><MiddleName/><FullName>Елсейтова Салтанат Султангереевна</FullName></TaxpayerNameKz><TaxpayerNameRu><LastName>Елсейтова</LastName><FirstName>Салтанат</FirstName><MiddleName>Султангереевна</MiddleName><FullName>Елсейтова Салтанат Султангереевна</FullName></TaxpayerNameRu><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gost34310-gost34311"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gost34311"/>
<ds:DigestValue>IaBO06Bzu9oVD51iOAzElFsuH6dzJDWQTHHpvVYlHAE=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
XJJra3koAsYXjk18xXeCksucqfegFSLB8dTKEZeFstkFWr/IMobQUgUPIscm0KJgzfvVHsjrtRdh
QHcnpmfC3g==
</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIFzDCCBXWgAwIBAgIgdwt7wTCQnyII5xnzKn7zXpWSW1qB4Hie8uh51jGU0HEwDgYKKwYBBAG1
EQECAgUAMIIBFDEfMB0GA1UEAwwW0J3Qo9CmINCg0JogKNCT0J7QodCiKTFDMEEGA1UECww60JjQ
vdGE0YDQsNGB0YLRgNGD0LrRgtGD0YDQsCDQvtGC0LrRgNGL0YLRi9GFINC60LvRjtGH0LXQuTFx
MG8GA1UECgxo0J3QsNGG0LjQvtC90LDQu9GM0L3Ri9C5INGD0LTQvtGB0YLQvtCy0LXRgNGP0Y7R
idC40Lkg0YbQtdC90YLRgCDQoNC10YHQv9GD0LHQu9C40LrQuCDQmtCw0LfQsNGF0YHRgtCw0L0x
FTATBgNVBAcMDNCQ0YHRgtCw0L3QsDEVMBMGA1UECAwM0JDRgdGC0LDQvdCwMQswCQYDVQQGEwJL
WjAeFw0xMzA4MjEwOTAwMzlaFw0xNDA4MjEwOTAwMzlaMIIBjjEYMBYGA1UEBRMPSUlONTg5NzQ2
MjMxNTg3MRYwFAYKCZImiZPyLGQBGRYGUk9MRTAwMRAwDgYDVQQLDAdLUzEyMzQ1MRgwFgYDVQQL
DA9CSU4zNDg5NTEyNzY1ODQxITAfBgNVBAoMGNCa0JDQl9Cd0JDQp9CV0JnQodCi0JLQkDFRME8G
A1UEAwxI0JrQkNCX0J3QkNCn0JXQmdCh0KLQktCQINCU0JXQmdCh0KLQktCj0K7QqdCY0Jkg0JrQ
kNCX0J3QkNCn0JXQmdCh0KLQktCQMTgwNgYDVQQEDC/QmtCQ0JfQndCQ0KfQldCZ0KHQotCS0JAg
0JTQldCZ0KHQotCS0KPQrtCp0JjQmTEhMB8GA1UEKgwY0JrQkNCX0J3QkNCn0JXQmdCh0KLQktCQ
MSAwHgYJKoZIhvcNAQkBFhFBQkROQlNOQE5XRE5ETi5LVDELMAkGA1UEBhMCS1oxFTATBgNVBAgM
DNCQ0KHQotCQ0J3QkDEVMBMGA1UEBwwM0JDQodCi0JDQndCQMGMwDgYKKwYBBAG1EQEFCAUAA1EA
BgIAADqqAAAARUMxAAIAANgVScMvVRrN+53UlgPOlY6koESuUSKUqK0d0NQfdNwSFch8hNA/2FkZ
OQmgjiw1MITKr4ib2Bj1rL795DPzp9yjggILMIICBzAdBgNVHQ4EFgQU4Ijndc5tl769ASk8IejV
BdTKdUIwQgYIKwYBBQUHAQEENjA0MDIGCCsGAQUFBzAChiZodHRwOi8vcGtpLmdvdi5rei9pbmZv
L2NhY2VydF9nb3N0LmNlcjAMBgNVHSMEBTADgAEwMAsGA1UdDwQEAwIAwDAzBgkqgw4FEwECAgEE
JgQkDCJUcmVhc3VyZS1DbGllbnQgSW5mb3JtYXRpb24gU3lzdGVtMGQGA1UdLgRdMFswK6ApoCeG
JWh0dHA6Ly9jcmwucGtpLmt6L2NybC9Hb3N0MF9kZWx0YS5jcmwwLKAqoCiGJmh0dHA6Ly9jcmwx
LnBraS5rei9jcmwvR29zdDBfZGVsdGEuY3JsMIGRBgNVHSAEgYkwgYYwPQYKKoMOBRMBAgIBATAv
MC0GCCsGAQUFBwIBFiFodHRwOi8vcGtpLmdvdi5rei9pbmZvL2syX3JlZy5wZGYwRQYKKoMOBRMB
AgIBAjA3MDUGCCsGAQUFBwIBFilodHRwOi8vcGtpLmdvdi5rei9pbmZvL2syX3NpZ25fcG9saWN5
LnBkZjBYBgNVHR8EUTBPMCWgI6Ahhh9odHRwOi8vY3JsLnBraS5rei9jcmwvR29zdDAuY3JsMCag
JKAihiBodHRwOi8vY3JsMS5wa2kua3ovY3JsL0dvc3QwLmNybDAOBgorBgEEAbURAQICBQADQQBk
9KqSGpZ1psTHNov1OA6QCGfHvcNBZs3SMTrODSL2HsUdiPbWKKo3SfpdrR1t9qGIibN+VYeNEOHM
98NAulA/
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature></INISExtractFromPersonalAccount>
А разве DigestValue, SignatureValue и X509Certificate не достаточно для проверки валидности подписи(естественно не проверяя правильно ли сформировался сам хеш)?