[英]CheckSignature returns false
我有一個問題,即簡單簽名上的CheckSignature總是失敗。 我正在使用SignXml簽名一些外部數據(在我的情況下是AS4有效負載的一部分),這些數據將作為MIME附件存儲。
這是代碼(修改后的MS示例):
static string flXML = @"D:\Test\Example.xml";
static string flSignedXML = @"D:\Test\SignedExample.xml";
private void button1_Click(object sender, EventArgs e)
{
try
{
// Generate a signing key.
RSACryptoServiceProvider Key = new RSACryptoServiceProvider();
CreateSomeXml(flXML);
SignXmlFile(flXML, flSignedXML, Key);
bool result = VerifyXmlFile(flSignedXML, Key);
if (result)
{
Console.WriteLine("The XML signature is valid.");
}
else
{
Console.WriteLine("The XML signature is not valid.");
}
}
catch (CryptographicException ee)
{
Console.WriteLine(ee.Message);
}
}
public static void CreateSomeXml(string FileName)
{
File.WriteAllText(FileName, "<?xml version=\"1.0\" encoding=\"utf-8\"?><MyElement xmlns=\"samples\"></MyElement>");
}
private static readonly FieldInfo RefTargetTypeField = typeof(Reference).GetField("m_refTargetType", BindingFlags.Instance | BindingFlags.NonPublic);
private static readonly FieldInfo RefTargetField = typeof(Reference).GetField("m_refTarget", BindingFlags.Instance | BindingFlags.NonPublic);
public static void SignXmlFile(string FileName, string SignedFileName, RSA Key)
{
XmlDocument doc = new XmlDocument();
doc.Load(new XmlTextReader(FileName));
SignedXml signedXml = new SignedXml(doc);
signedXml.SigningKey = Key;
byte[] Content = System.Text.Encoding.UTF8.GetBytes("1234567890asdfghjkl");
Stream stream = new MemoryStream(Content);
var attachmentReference = new Reference(uri: "cid:xml-sample") { DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256" };
const int streamReferenceTargetType = 0;
RefTargetTypeField.SetValue(attachmentReference, streamReferenceTargetType);
RefTargetField.SetValue(attachmentReference, stream);
signedXml.AddReference(attachmentReference);
// Compute the signature.
signedXml.ComputeSignature();
XmlElement xmlDigitalSignature = signedXml.GetXml();
doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, true));
if (doc.FirstChild is XmlDeclaration)
{
doc.RemoveChild(doc.FirstChild);
}
XmlTextWriter xmltw = new XmlTextWriter(SignedFileName, new UTF8Encoding(false));
doc.WriteTo(xmltw);
xmltw.Close();
}
public static Boolean VerifyXmlFile(String Name, RSA Key)
{
XmlDocument xmlDocument = new XmlDocument();
xmlDocument.Load(Name);
SignedXml signedXml = new SignedXml(xmlDocument);
XmlNodeList nodeList = xmlDocument.GetElementsByTagName("Signature");
signedXml.LoadXml((XmlElement)nodeList[0]);
{
byte[] Content = System.Text.Encoding.UTF8.GetBytes("1234567890asdfghjkl");
Stream stream = new MemoryStream(Content);
var attachmentReference = new Reference(uri: "cid:xml-sample") { DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256" };
const int streamReferenceTargetType = 0;
RefTargetTypeField.SetValue(attachmentReference, streamReferenceTargetType);
RefTargetField.SetValue(attachmentReference, stream);
signedXml.AddReference(attachmentReference);
}
// Check the signature and return the result.
signedXml.SigningKey = Key;
return signedXml.CheckSignature();
}
有人知道我做錯了嗎? 附帶一提,我知道我可以為其他參考指定轉換。 問題是,如何獲取SignedXml處理的引用結果,以便我也可以存儲該結果? 例如,如果我指定壓縮以進行參考轉換,那么現在如何獲得該壓縮的結果?
當簽名驗證失敗時,啟用記錄器將有助於您提供更多有關錯誤原因的信息。
您可以通過將其添加到您的app.config文件中來啟用它:
<system.diagnostics>
<sources>
<source name="System.Security.Cryptography.Xml.SignedXml" switchName="XmlDsigLogSwitch">
<listeners>
<add name="xmlDsigLogFile" />
</listeners>
</source>
</sources>
<switches>
<add name="XmlDsigLogSwitch" value="Verbose" />
<!-- possible values: Off (0) Error (1) Warning (2) Info (3) Verbose (4) -->
</switches>
<sharedListeners>
<add name="xmlDsigLogFile" type="System.Diagnostics.TextWriterTraceListener" initializeData="XmlDsigLog.txt" />
</sharedListeners>
<trace autoflush="true">
<listeners>
<add name="xmlDsigLogFile" />
</listeners>
</trace>
</system.diagnostics>
當附件是XML附件時,應使用XmlDsigExcC14NTransform
轉換。 如果附件不是XML附件,則不應使用它。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.