Pkcs11 - 如何将签名添加到 xml 文件? [英] Pkcs11 - How to add signature to xml file?

问题描述

我在获取证书并将其放入 xml 文件时出现问题.我应该使用私钥进行签名吗?我只看到证书中的公钥.我的证书中没有私钥.

I've a problem that occurs when getting certificate and putting to xml file. Should I use private key for signing? I see only public key in certificate. There is no private key in my certificate.

                        byte[] ckaIdd = objectAttributess[0].GetValueAsByteArray();
                        string ckaLabel = objectAttributess[1].GetValueAsString();
                        byte[] ckaValue = objectAttributess[2].GetValueAsByteArray();
                        var _rawData = ckaValue ?? throw new ArgumentNullException(nameof(ckaValue));
                        var _parsedCertificate = new X509Certificate2(_rawData);
                        ECertificate cert = new ECertificate(_parsedCertificate.GetRawCertData());

                        string signatureListString = "";
                        XmlDocument document = new XmlDocument();
                        document.Load(@"C:\Users\MyUser\Desktop\myfile.xml");
                        Esya e = new Esya();
                        Context context = e.CreateContext();
                        context.Document = document;
                        XMLSignature signature = new XMLSignature(context, false);

                        signature.addKeyInfo(new ECertificate(cert.getEncoded()));

                        //signature.sign(v);  << ! My problem is with this line

                        var inv = (XmlElement)signature.Document.GetElementsByTagName("Invoice")[0];
                        signatureListString += inv.OuterXml + "\n";

                        var elementCount = (XmlElement)document.GetElementsByTagName("ElementCount")[0];
                        if (elementCount != null)
                        {
                            elementCount.InnerText = "1";
                        }

                        var element = (XmlElement)document.GetElementsByTagName("ElementList")[0];
                        if (element != null)
                        {
                            element.InnerXml = signatureListString;
                        }

                        var xmlPageSettings = document.GetElementsByTagName("Invoice");
                        foreach (XmlElement xmlElement in xmlPageSettings)
                        {
                            xmlElement.SetAttribute("xmlns:xsi", "http://www.w3.org/2001/XMLSchema-instance");
                            xmlElement.SetAttribute("xmlns:xsd", "http://www.w3.org/2001/XMLSchema");
                        }

                        session.Logout();
                        return cert;
                    }
                }

我应该如何处理 signature.sign(v);?如何在 xml 文件中添加签名?

What should I do with signature.sign(v);? How can I add signature to xml file?

推荐答案

你必须实现从 System.Security.Cryptography.RSA 类，在其实现中使用 Pkcs11Interop，然后使用自定义类的实例作为 签名密钥.

You have to implement class inherited from System.Security.Cryptography.RSA class, use Pkcs11Interop in its implementation and then use instance of your custom class as a SigningKey.

这篇关于Pkcs11 - 如何将签名添加到 xml 文件?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！