XML DSIG：使用.NET封裝簽名轉換

Question

我使用XmlDsigEnvelopedSignatureTransform來使用RSA私鑰對XML文件進行數字簽名。

但是，我真正想要的是使用「包絡」簽名來簽署xml。 .NET是否具有本機支持？

順便說一句，這是我的代碼：

public static void SignXml(XmlDocument xmlDoc, RSA key) 
{ 
    // Check arguments. 
    if (xmlDoc == null) 
     throw new ArgumentException("xmlDoc"); 
    if (key == null) 
     throw new ArgumentException("Key"); 

    SignedXml xml = new SignedXml(xmlDoc);    
    xml.SigningKey = key; 

    Reference reference = new Reference(); 
    reference.Uri = ""; 

    XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(true);       

    reference.AddTransform(env); 

    xml.AddReference(reference); 

    xml.ComputeSignature(); 

    XmlElement element = xml.GetXml(); 

    MessageBox.Show(element.OuterXml); 

    xmlDoc.DocumentElement.AppendChild(xmlDoc.ImportNode(element, true)); 

} 

Answer 1

如果你的簽名是不是你不需要封裝的簽名轉換籤名數據的子元素。

所以只跳過XmlDsigEnvelopedSignatureTransform和否則你將執行簽名：

public XmlElement SignXml(XmlDocument xmlDoc, RSA key) 
{ 
    SignedXml xml = new SignedXml();    
    xml.SigningKey = key; 

    // Add the data to be signed as a sub-element of the Signature-element: 
    DataObject dataObject = new DataObject(); 
    dataObject.Data = xmlDoc.ChildNodes; 
    dataObject.Id = "doc"; 
    xml.AddObject(dataObject); 

    // Add a reference to the signed data: 
    Reference reference = new Reference(); 
    reference.Uri = "#doc"; 
    xml.AddReference(reference); 

    // Perform the signature. No transforms are needed. 
    xml.ComputeSignature(); 

    return xml.GetXml(); 
}