如何验证以下代码SignedXML? [英] How to validate the SignedXML for the following code?
本文介绍了如何验证以下代码SignedXML?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在一个项目上工作,我需要检查,如果 XML 提供的是有效还是无效。
为了这个目的,我使用的代码来验证 XML 使用 signedXml 类在C#。
请找到该验证()法下面的代码:
公共BOOL验证(XmlDocument的signedDocument)
{
//创建XML
SignedXml signedXml =新SignedXml签署的XML对象(signedDocument) ;
//获取签名节点并加载签名标记
XmlNodeList中节点列表= signedDocument.GetElementsByTagName(签名);
signedXml.LoadXml((XmlElement的)节点列表[0]);
//定义和创建加密密钥
CspParameters CSPParam =新CspParameters();
CSPParam.Flags = CspProviderFlags.UseMachineKeyStore;
的RSACryptoServiceProvider RSA =新的RSACryptoServiceProvider(CSPParam);
rsa.FromXmlString(@< RSAKeyValue><模> 03COUbx8JI6jkkmxrQ3N // 67tgMt + ak1SKSXbGO3 + 4vVGFGhyGICJS8C + W6ON6dUdcm2 / uxC5q4wyPRyFWMf8v8oslGOWJdADPnP8rvcy8PL3Nf67f8fMnTyHoEoZTfZjKuEoyhmPi6rfAX4QQA + OYhk4Qb1FJyOB3fpZ1QiTxX2k =< /模量GT;<指数> AQAB< /指数>< / RSAKeyValue>中);
//加载加密密钥到XML
的密钥信息的密钥信息=新的密钥信息();
keyInfo.AddClause(新RSAKeyValue(RSA));
signedXml.KeyInfo =密钥信息; //检查
如果在签名标签提供的签名是用关键信息
布尔B = signedXml.CheckSignature()有效;
回复B;
}
和提供给该方法的XML数据:
<?XML版本=1.0编码=UTF-8>?;
<肥皂:信封的xmlns:XSI =http://www.w3.org/2001/XMLSchema-instance的xmlns:XSD =http://www.w3.org/2001 / XML模式的xmlns:SOAP =http://schemas.xmlsoap.org/soap/envelope/>
<签名的xmlns =http://www.w3.org/2000/09/xmldsig#ID =MySignature>
<&的SignedInfo GT;
< CanonicalizationMethod的算法=http://www.w3.org/2001/10/xml-exc-c14n#/>
<是SignatureMethod算法=http://www.w3.org/2000/09/xmldsig#rsa-sha1/>
<参考URI =#_ ea559faf-417B-407F-BDC2-bccc76dab76c>
<&变换GT;
<变换算法=http://www.w3.org/2000/09/xmldsig#enveloped-signature/>
<变换算法=http://www.w3.org/2001/10/xml-exc-c14n#>
< /转换>
< /变换>
< DigestMethod算法=http://www.w3.org/2000/09/xmldsig#sha1/>
<&的DigestValue GT; fvQx + J90ZGKhwj8Mfhg6v / esOtI = LT; /&的DigestValue GT;
< /参考和GT;
< /&的SignedInfo GT;
<&SignatureValue所GT; fvQx + J90ZGKhwj8Mfhg6v / esOtI = LT; /&的SignatureValue GT;
<密钥信息类型=http://www.w3.org/2000/09/xmldsig#RSAKeyValue>
< RSAKeyValue><模> 03COUbx8JI6jkLrQ3N // 67tgMt + ak1SKSXbGO3 + 4vVGFGhyGICJS8C + W6ON6dUdcm2 / uxC5q4wyPRyFWMf8v8oslGOWJdADPnP8rvcy8PL3Nf67f8fMnTyHoEoZTfZjKuEoyhmPi6rfAX4QQA + OYhk4Qb1FJyOB3fpZ1QiTxX2k =< /模量GT;<指数> AQAB< /指数>< / RSAKeyValue>
< /密钥信息>
< /签署及GT;
< / SOAP:信封>
我不能够在 XML 我设置错了。
signedXml.CheckSignature()总是让假。
谁能帮我理清这个问题?
在此先感谢。
请让我知道是否需要任何更多的信息。
解决方案
我删除了错误。从菜单中的VS:项目:添加新项:XML文件。然后粘贴到XML页面,确保只有在一列入手一部XML ID行。外观为警告或错误。
<预类?=片段 - 代号CSS郎CSS prettyprint-覆盖>
< XML版本=1.0编码=UTF-8><肥皂:信封的xmlns:XSI = http://www.w3.org/2001/XMLSchema-instance的xmlns:XSD =http://www.w3.org/2001/XMLSchema中的xmlns:SOAP =http://schemas.xmlsoap.org/ SOAP /信封/> <肥皂:身体与GT; <签名的xmlns =http://www.w3.org/2000/09/xmldsig#ID =MySignature> <&的SignedInfo GT; < CanonicalizationMethod的算法=http://www.w3.org/2001/10/xml-exc-c14n#/> <是SignatureMethod算法=http://www.w3.org/2000/09/xmldsig#rsa-sha1/> <参考URI =#_ ea559faf-417B-407F-BDC2-bccc76dab76c> <&变换GT; <变换算法=http://www.w3.org/2000/09/xmldsig#enveloped-signature/> <变换算法=http://www.w3.org/2001/10/xml-exc-c14n#> < /转换> < /变换> < DigestMethod算法=http://www.w3.org/2000/09/xmldsig#sha1/> <&的DigestValue GT; fvQx + J90ZGKhwj8Mfhg6v / esOtI = LT; /&的DigestValue GT; < /参考和GT; < /&的SignedInfo GT; <&SignatureValue所GT; fvQx + J90ZGKhwj8Mfhg6v / esOtI = LT; /&的SignatureValue GT; <密钥信息的xmlns:TYPE =http://www.w3.org/2000/09/xmldsig#RSAKeyValue> <键值> < RSAKeyValue> <模量GT; 03COUbx8JI6jkLrQ3N // 67tgMt + ak1SKSXbGO3 + 4vVGFGhyGICJS8C + W6ON6dUdcm2 / uxC5q4wyPRyFWMf8v8oslGOWJdADPnP8rvcy8PL3Nf67f8fMnTyHoEoZTfZjKuEoyhmPi6rfAX4QQA + OYhk4Qb1FJyOB3fpZ1QiTxX2k = LT; /模量GT; <&指数GT; AQAB< /&指数GT; < / RSAKeyValue> < /键值> < /密钥信息> < /签署及GT; < / SOAP:身体与GT;< / SOAP:信封>
I am working on one project where I need to check if the XML provided is valid or not.
For this purpose, I am using code to verify the XML using the signedXmlclass in c#.
Please find the below code for the verify() Method:
public bool Verify(XmlDocument signedDocument)
{
// create a signed xml object from xml
SignedXml signedXml = new SignedXml(signedDocument);
// get the signature node and load the signature tag
XmlNodeList nodeList = signedDocument.GetElementsByTagName("Signature");
signedXml.LoadXml((XmlElement)nodeList[0]);
// define and create the encryption key
CspParameters CSPParam = new CspParameters();
CSPParam.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(CSPParam);
rsa.FromXmlString(@"<RSAKeyValue><Modulus>03COUbx8JI6jkkmxrQ3N//67tgMt+ak1SKSXbGO3+4vVGFGhyGICJS8C+W6ON6dUdcm2/uxC5q4wyPRyFWMf8v8oslGOWJdADPnP8rvcy8PL3Nf67f8fMnTyHoEoZTfZjKuEoyhmPi6rfAX4QQA+OYhk4Qb1FJyOB3fpZ1QiTxX2k=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>");
// load encryption key to the xml
KeyInfo keyInfo = new KeyInfo();
keyInfo.AddClause(new RSAKeyValue(rsa));
signedXml.KeyInfo=keyInfo;
// check if the signature provided in signature tag is valid with the key info
bool b = signedXml.CheckSignature();
return b;
}
and the xml data provided to the method is:
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" id="MySignature">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="#_ea559faf-417b-407f-bdc2-bccc76dab76c">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>fvQx+J90ZGKhwj8Mfhg6v/esOtI=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>fvQx+J90ZGKhwj8Mfhg6v/esOtI=</SignatureValue>
<KeyInfo type="http://www.w3.org/2000/09/xmldsig#RSAKeyValue">
<RSAKeyValue><Modulus>03COUbx8JI6jkLrQ3N//67tgMt+ak1SKSXbGO3+4vVGFGhyGICJS8C+W6ON6dUdcm2/uxC5q4wyPRyFWMf8v8oslGOWJdADPnP8rvcy8PL3Nf67f8fMnTyHoEoZTfZjKuEoyhmPi6rfAX4QQA+OYhk4Qb1FJyOB3fpZ1QiTxX2k=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>
</KeyInfo >
</Signature>
</soap:Envelope>
I am not able to trace out which tag value in xml I am setting wrong.
The result of signedXml.CheckSignature() is always getting false.
Can anyone help me to sort out this problem?
Thanks in advance. Please let me know if any more information is needed.
解决方案
I removed the errors. From menu in VS : Project : Add New Item : XML File. Then paste you xml into page making sure there is only one xml id line starting in column one. The look for warnings or errors.
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="MySignature">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="#_ea559faf-417b-407f-bdc2-bccc76dab76c">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>fvQx+J90ZGKhwj8Mfhg6v/esOtI=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>fvQx+J90ZGKhwj8Mfhg6v/esOtI=</SignatureValue>
<KeyInfo xmlns:type="http://www.w3.org/2000/09/xmldsig#RSAKeyValue">
<KeyValue>
<RSAKeyValue>
<Modulus>03COUbx8JI6jkLrQ3N//67tgMt+ak1SKSXbGO3+4vVGFGhyGICJS8C+W6ON6dUdcm2/uxC5q4wyPRyFWMf8v8oslGOWJdADPnP8rvcy8PL3Nf67f8fMnTyHoEoZTfZjKuEoyhmPi6rfAX4QQA+OYhk4Qb1FJyOB3fpZ1QiTxX2k=</Modulus>
<Exponent>AQAB</Exponent>
</RSAKeyValue>
</KeyValue>
</KeyInfo >
</Signature>
</soap:Body>
</soap:Envelope>
这篇关于如何验证以下代码SignedXML?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
