堆棧內存溢出
  簡體   English   中英

如何簽署(x.509)XML元素?

[英]How to sign (x.509) XML element?

 原文  2015-08-31 15:26:23       c#/ xml/ x509certificate

問題描述

我需要使用X.509證書簽署XML文件

此時此刻,我有(復制表格msdn) 

    public static void SignXml(XmlDocument xmlDoc, X509Certificate2 uidCert)
    {

        RSACryptoServiceProvider rsaKey = (RSACryptoServiceProvider)uidCert.PrivateKey;


        // Check arguments. 
        if (xmlDoc == null)
            throw new ArgumentException("xmlDoc");
        if (rsaKey == null)
            throw new ArgumentException("Key");

        // Create a SignedXml object.
        SignedXml signedXml = new SignedXml(xmlDoc);

        // Add the key to the SignedXml document.
        signedXml.SigningKey = rsaKey;


        // Create a reference to be signed.
        Reference reference = new Reference();
        reference.Uri = "";

        // Add an enveloped transformation to the reference.
        XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
        reference.AddTransform(env);

        // Add the reference to the SignedXml object.
        signedXml.AddReference(reference);


        // Add an RSAKeyValue KeyInfo (optional; helps recipient find key to validate).
        KeyInfo keyInfo = new KeyInfo();

        KeyInfoX509Data clause = new KeyInfoX509Data();
        clause.AddSubjectName(uidCert.Subject);
        clause.AddCertificate(uidCert);
        keyInfo.AddClause(clause);
        signedXml.KeyInfo = keyInfo;

        // Compute the signature.
        signedXml.ComputeSignature();

        // Get the XML representation of the signature and save 
        // it to an XmlElement object.
        XmlElement xmlDigitalSignature = signedXml.GetXml();

        System.Console.WriteLine(signedXml.GetXml().InnerXml);

        // Append the element to the XML docu0ment.
        xmlDoc.DocumentElement.AppendChild(xmlDoc.ImportNode(xmlDigitalSignature, true));

當我運行它時,會生成一個類似 

<root>
   <myelement>.....</myelement>
   <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
        <SignedInfo>
            <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
   ....
   </Signature>
   ....

但是需要此文件的人告訴我這是錯誤的 ,他們需要該文件已簽名myelement內容

例如,他們需要這樣的結果文件 

<root>
   <myelement>
      <Signature>.....
      </Signature>
   </myelement>
</root>

我該怎么做?

1 個解決方案

解決方案1
 0  2015-08-31 18:45:33

嘗試這個。 我在SignXml()的末尾修改了幾行 

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Xml;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Security.Cryptography.X509Certificates;

namespace ConsoleApplication1
{
    class Program
    {
        static void Main(string[] args)
        {
            XmlDocument doc = new XmlDocument();
            string input =
                "<?xml version=\"1.0\"?>" +
                "<root></root>";

            doc.LoadXml(input);

            X509Store store = new X509Store(StoreLocation.CurrentUser);
            store.Open(OpenFlags.ReadOnly);
            X509Certificate2Collection certCollection = store.Certificates;

            SignXml(doc, certCollection[0]);
        }


        public static void SignXml(XmlDocument xmlDoc, X509Certificate2 uidCert)
        {

            RSACryptoServiceProvider rsaKey = (RSACryptoServiceProvider)uidCert.PrivateKey;


            // Check arguments. 
            if (xmlDoc == null)
                throw new ArgumentException("xmlDoc");
            if (rsaKey == null)
                throw new ArgumentException("Key");

            // Create a SignedXml object.
            SignedXml signedXml = new SignedXml(xmlDoc);

            // Add the key to the SignedXml document.
            signedXml.SigningKey = rsaKey;


            // Create a reference to be signed.
            Reference reference = new Reference();
            reference.Uri = "";

            // Add an enveloped transformation to the reference.
            XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
            reference.AddTransform(env);

            // Add the reference to the SignedXml object.
            signedXml.AddReference(reference);


            // Add an RSAKeyValue KeyInfo (optional; helps recipient find key to validate).
            KeyInfo keyInfo = new KeyInfo();

            KeyInfoX509Data clause = new KeyInfoX509Data();
            clause.AddSubjectName(uidCert.Subject);
            clause.AddCertificate(uidCert);
            keyInfo.AddClause(clause);
            signedXml.KeyInfo = keyInfo;

            // Compute the signature.
            signedXml.ComputeSignature();

            // Get the XML representation of the signature and save 
            // it to an XmlElement object.
            XmlElement xmlDigitalSignature = signedXml.GetXml();

            System.Console.WriteLine(signedXml.GetXml().InnerXml);

            // Append the element to the XML docu0ment.
            XmlElement root = (XmlElement)xmlDoc.GetElementsByTagName("root")[0];
            XmlElement myElement = xmlDoc.CreateElement("myelement");
            root.AppendChild(myElement);
            myElement.AppendChild(xmlDigitalSignature);
        }
    }
}
​

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 在C#中,使用x.509證書簽署xml並檢查簽名 如何正確加密/解密帶有X.509證書的XMl證書? 使用X.509證書加密XML元素 如何判斷X.509證書是否可導出? WCF上的X.509證書? 如何在 azure 上部署的雲服務上引用 x.509 證書? 如何檢索用於構造X509AsymmetricSecurityKey的X.509證書? 如何使用X509證書對xml進行簽名,將摘要值和簽名添加到xml模板 為什么此X.509證書被視為無效? 將字節數組轉換為X.509證書
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM