2013-07-03 63 views
2

我想從TrustedPeople商店購買x509證書並將其附加到XML文檔。我們如何閱讀X509證書並將其附加到Xml數字簽名?

  RSAKeyValue rsaKey = new RSAKeyValue(); 
      XmlDocument xmlDoc = new XmlDocument(); 
      string filename = "C:/Documents and Settings/sbtho/Desktop/downloads/samp.xml"; 
      string filename1 = "C:/Documents and Settings/sbtho/Desktop/downloads/sampdigsig.xml"; 
      xmlDoc.PreserveWhitespace = false; 
      xmlDoc.Load(new XmlTextReader(filename)); 

      SignedXml signedXml = new SignedXml(xmlDoc); 
      signedXml.SigningKey = rsaKey.Key; 
      Signature xmlSignature = signedXml.Signature; 

      Reference reference = new Reference(""); 
      XmlDsigEnvelopedSignatureTransform envelope = new XmlDsigEnvelopedSignatureTransform(); 
      XmlDsigC14NWithCommentsTransform envelope1 = new XmlDsigC14NWithCommentsTransform(); 
      reference.AddTransform(envelope); 
      reference.AddTransform(envelope1); 
      xmlSignature.SignedInfo.AddReference(reference); 

      KeyInfo keyInfo = new KeyInfo(); 
      X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser); 
      store.Open(OpenFlags.ReadOnly); 
      X509Certificate2Collection certs = store.Certificates.Find(X509FindType.FindByThumbprint, "ffa8ebf4760ab2d145b8ca21b1de258923e7d9d8", false); 
      store.Close(); 
      keyInfo.AddClause(rsaKey); 
      xmlSignature.KeyInfo = keyInfo; 
      signedXml.ComputeSignature(); 

      XmlElement xmlDigSign = signedXml.GetXml(); 
      xmlDoc.DocumentElement.AppendChild(xmlDoc.ImportNode(xmlDigSign, true)); 

      if (xmlDoc.FirstChild.GetType() == typeof(XmlDeclaration)) 
       xmlDoc.RemoveChild(xmlDoc.FirstChild); 

      XmlTextWriter xmlWriter = new XmlTextWriter(filename1, new UTF8Encoding(false)); 
      xmlDoc.WriteTo(xmlWriter); 
      xmlWriter.Close(); 

這是我到達的距離。它從trustedpeople商店讀取。我現在該如何將這個證書插入到XML文檔中?

回答

3

這裏X509證書存儲在x509certificate2collection的對象類型,以顯示它應該存儲在X509證書的對象類型

X509Certificate2 cer=new X509Certificate2(); 
if (certs.Count > 0) 
      { 
       cer = certs[0]; 
      }; 

,現在它可以被添加到使用的KeyInfo addclause的XML簽名的文檔。

keyInfo.AddClause(new KeyInfoX509Data(cer));