XML 数字签名和规范化
[英]XML Digital Signature and Canonicalization
问题描述
Is it enough to just specify the canonicalization method to canonicalize the input xml as in
仅指定规范化方法来规范化输入 xml 是否足够
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
or should we also have to new up XmlDsigExcC14NTransform and add it as in或者我们是否还必须新建 XmlDsigExcC14NTransform 并将其添加为
var reference = new Reference { Uri = ""};
reference.AddTransform(new XmlDsigExcC14NTransform());
signedXml.AddReference(reference);
1 个解决方案
解决方案1
0 2022-08-31 13:43:08
There is a difference on which elements the canonicalization algorithm is applied to.规范化算法应用于哪些元素存在差异。
The canonicalization algorithm specified in CanonicalizationMethod is applied to the SignedInfo element of the signature node and is used for the calculation of SignatureValue CanonicalizationMethod中指定的规范化算法应用于签名节点的SignedInfo元素,用于计算SignatureValue
A Reference with an empty URI addresses the node set of the XML resource containing the signature node, so the canonicalization algorithm specified in the Transform element of a reference is applied to this nodeset.具有空 URI 的引用寻址包含签名节点的 XML 资源的节点集,因此引用的Transform元素中指定的规范化算法应用于此节点集。 In this case the canonicalization is used for the calculation of a DigestValue在这种情况下,规范化用于计算DigestValue
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.