我开发了一个应用程序,通过以下方式对 XML 文档进行签名,但我必须添加签名策略(公司提供的证书),我不知道该怎么做。这就是我签署 XML 文档的方式:
public string CreateCspParameters (string path)
{
error = "true";
try
{
CspParameters cspParams = new CspParameters();
cspParams.KeyContainerName = "XML_DSIG_RSA_KEY";
RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(cspParams);
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.PreserveWhitespace = true;
xmlDoc.Load(path);
SignXml(xmlDoc, rsaKey);
xmlDoc.Save(path);
}
catch (Exception ex) { error = ex.ToString(); }
return error;
}
public void SignXml(XmlDocument xmlDoc, RSA Key)
{
if (xmlDoc == null)
throw new ArgumentException("xmlDoc");
if (Key == null)
throw new ArgumentException("Key");
SignedXml signedXml = new SignedXml(xmlDoc);
signedXml.SigningKey = Key;
Reference reference = new Reference();
reference.Uri = "";
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
signedXml.AddReference(reference);
signedXml.ComputeSignature();
XmlElement xmlDigitalSignature = signedXml.GetXml();
xmlDoc.DocumentElement.AppendChild(xmlDoc.ImportNode(xmlDigitalSignature, true));
}
这样可以选择公司提供的证书但是不知道怎么添加到之前的SignXml()方法中完成Xade-Epes
public X509Certificate2Collection ElejirCertificado()
{
X509Store store = new X509Store(StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2Collection certificates = store.Certificates;
X509Certificate2Collection foundCertificates = certificates.Find(X509FindType.FindByTimeValid, DateTime.Now, false);
X509Certificate2Collection selectedCertificates = X509Certificate2UI.SelectFromCollection(foundCertificates,
"Selecciona un certificado.",
"Selecciona un certificado de la siguiente lista:",
X509SelectionFlag.SingleSelection);
return selectedCertificates;
}
1 Answers