Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/csharp/321.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
C# 使用RSA-SHA256签名方法对Xml文档签名问题_C#_Signedxml - Fatal编程技术网
Fatal编程技术网
  • csharp/
  • C# 使用RSA-SHA256签名方法对Xml文档签名问题

C# 使用RSA-SHA256签名方法对Xml文档签名问题

c#

C# 使用RSA-SHA256签名方法对Xml文档签名问题,c#,signedxml,C#,Signedxml,我正在使用以下方法签署Xml文档: public static XmlDocument SignDocument(XmlDocument doc) { string signatureCanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#"; string signatureMethod = @"http://www.w3.org/2001/04/xmldsig-more#rsa-

我正在使用以下方法签署Xml文档:

public static XmlDocument SignDocument(XmlDocument doc)
    {
        string signatureCanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
        string signatureMethod = @"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
        string digestMethod = @"http://www.w3.org/2001/04/xmlenc#sha256";

        string signatureReferenceURI = "#_73e63a41-156d-4fda-a26c-8d79dcade713";

        CryptoConfig.AddAlgorithm(typeof(RSAPKCS1SHA256SignatureDescription), signatureMethod);

        var signingCertificate = GetCertificate();

        SignedXml signer = new SignedXml(doc);
        signer.SigningKey = signingCertificate.PrivateKey;
        signer.KeyInfo = new KeyInfo();
        signer.KeyInfo.AddClause(new KeyInfoX509Data(signingCertificate));

        signer.SignedInfo.CanonicalizationMethod = signatureCanonicalizationMethod;
        signer.SignedInfo.SignatureMethod = signatureMethod;

        XmlDsigEnvelopedSignatureTransform envelopeTransform = new XmlDsigEnvelopedSignatureTransform();
        XmlDsigExcC14NTransform cn14Transform = new XmlDsigExcC14NTransform();

        Reference signatureReference = new Reference();
        signatureReference.Uri = signatureReferenceURI;
        signatureReference.AddTransform(envelopeTransform);
        signatureReference.AddTransform(cn14Transform);
        signatureReference.DigestMethod = digestMethod;

        signer.AddReference(signatureReference);

        signer.ComputeSignature();
        XmlElement signatureElement = signer.GetXml();

        doc.DocumentElement.AppendChild(signer.GetXml());

        return doc;
    }


        private static X509Certificate2 GetCertificate()
    {

        X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
        store.Open(OpenFlags.ReadOnly);
        X509Certificate2 card = null;
        foreach (X509Certificate2 cert in store.Certificates)
        {
            if (!cert.HasPrivateKey) continue;

            if (cert.Thumbprint.Equals("a_certain_thumb_print", StringComparison.OrdinalIgnoreCase))
            {
                card = cert;
                break;
            }
        }
        store.Close();

        return card;
    }
尝试使用指定的错误消息无效算法计算签名时,引发System.Security.Cryptography.CryptographyException类型的异常。有什么想法吗

计算机:Windows Server 2008 R2

.Net Framework:4.0

IDE:Visual Studio 2010。

非常感谢您的博客。它实际上解决了我的问题。 顺便说一下,如果证书是从文件加载的,它应该是可导出的:
X509Certificate2 x509Key=新的X509Certificate2(“xxxxx.pfx”,“123”,X509keystrageFlags.Exportable

来自@minhj的回复提到了一些博客,但没有链接

但是,添加并注册所提到的类解决了这个问题。似乎每个应用程序域只能注册一次

字符串signatureMethod=@“”

根据

我解决了这个问题(感谢Phillip),如下所示:/*在var signingCertificate=GetCertificate()之后添加以下代码行;*/CspParameters cspParams=新的CspParameters(24);csparams.KeyContainerName=“XML\u DISG\u RSA\u KEY”;RSACryptoServiceProvider key=新的RSACryptoServiceProvider(csparams);key.FromXmlString(signingCertificate.PrivateKey.ToXmlString(true))/*将新密钥分配给签名者的SigningKey*/metadataSigner.SigningKey=key;thx UncleZen修复了它,但是cspParams.KeyContainerName=“XML_DISG_RSA_KEY”不是必需的,没有它也可以工作。这不会回答不回答问题的问题,但在实现UncleZen的解决方案后,如果密钥未标记为可导出,则会出现错误“密钥在指定状态下无效”。