问题描述

我在使用XmlElement解析这个xml文件时遇到问题，在线建议的解决方案通过引用SAML方法建议解决方法，但这对我的xml不起作用。有关如何获取SignatureValue的XmlElement的任何想法？当前错误是格式错误的元素签名行：signedXml.LoadXml（（XmlElement）nodeList [0]）;。以下是用于此测试的xml片段 - 删除了签名和摘要值。我的想法是XmlElement / nodeList没有正确解析xml：

I am having a problem parsing out this xml file using XmlElement, the proposed solutions online suggests work-arounds by referencing SAML methods but that does not work for my xml. Any ideas on how to get the XmlElement of SignatureValue? current error is "Malformed element Signature" at line: "signedXml.LoadXml((XmlElement)nodeList[0]);". And below is a piece of the xml used for this test - with the signature and digest values removed. My thought here is that the xml is not being parsed properly by the XmlElement/nodeList:

<Message xmlns="http://www.blah.com/messaging" version="010" release="006">
   <Header>
      <To Qualifier="blah"</To>
      <From Qualifier="blah"</From>
      <MessageID>93585dc9571b49fda</MessageID>
      <SentTime>2013-08-26T17:27:43.80Z</SentTime>
      <SenderSoftware>
         <SenderSoftwareDeveloper>blahpts</SenderSoftwareDeveloper>
         <SenderSoftwareProduct>Certification Testing</SenderSoftwareProduct>
         <SenderSoftwareVersionRelease>2013</SenderSoftwareVersionRelease>
      </SenderSoftware>
      <PrescriberOrderNumber>blah 2.1 ES</PrescriberOrderNumber>
      <DigitalSignature version="2.0">
         <DigestValue>jblahlwT1Y=</DigestValue>
         <SignatureValue>blahblah</SignatureValue>
         <X509Data>blahblahblah</X509Data>
      </DigitalSignature>
   </Header>
   <Body>

public static void Main(String[] args)
{
    try
    {
        // Create a new CspParameters object to specify
        // a key container.
        CspParameters cspParams = new CspParameters();
        cspParams.KeyContainerName = "XML_DSIG_RSA_KEY";

        // Create a new RSA signing key and save it in the container.
        RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(cspParams);

        // Create a new XML document.
        XmlDocument xmlDoc = new XmlDocument();

        // Load an XML file into the XmlDocument object.
        xmlDoc.PreserveWhitespace = true;
        xmlDoc.Load(args[0]); //("test.xml");

        // Verify the signature of the signed XML.
        Console.WriteLine("Verifying signature...");
        bool result = VerifyXml(xmlDoc, rsaKey);

        // Display the results of the signature verification to
        // the console.
        if (result)
        {
            Console.WriteLine("The XML signature is valid.");
        }
        else
        {
            Console.WriteLine("The XML signature is not valid.");
        }

    }
    catch (Exception e)
    {
        Console.WriteLine(e.Message);
    }
}




// Verify the signature of an XML file against an asymmetric
// algorithm and return the result.
public static Boolean VerifyXml(XmlDocument Doc, RSA Key)
{
    // Check arguments.
    if (Doc == null)
        throw new ArgumentException("Doc");
    if (Key == null)
        throw new ArgumentException("Key");

    // Create a new SignedXml object and pass it
    // the XML document class.
    SignedXml signedXml = new SignedXml(Doc);

    // Find the "Signature" node and create a new
    // XmlNodeList object.
    XmlNodeList nodeList = Doc.GetElementsByTagName("SignatureValue");


    // Throw an exception if no signature was found.
    if (nodeList.Count <= 0)
    {
        throw new CryptographicException("Verification failed: No Signature was found in the document.");
    }

    // This example only supports one signature for
    // the entire XML document.  Throw an exception
    // if more than one signature was found.
    if (nodeList.Count >= 2)
    {
        throw new CryptographicException("Verification failed: More that one signature was found for the document.");
    }

    //
    // Load the first <signature> node.
    signedXml.LoadXml((XmlElement)nodeList[0]); //

    // Check the signature and return the result.
    return signedXml.CheckSignature(Key);
}

以下规格将更容易：



1）计算纯文本的摘要值，纯文本是给定xml中所有字段/值的连续值。此过程包括使用SHA-1哈希将ASCII编码的纯文本缩减为唯一的摘要值。

2）解密签名值，重要提及哈希的加密版本签名的信息。哈希值也是摘要值。发件人的私钥是用于加密摘要以创建签名值的私钥。签名值只能使用发送者的公钥解密，该公钥包含在X509Data元素中的数字证书中。

3）比较我的代码计算的摘要值以匹配摘要值如果签名有效，则在解密的签名中提及xml。

4）验证证书是必需的，并且只有在签名和验证时才接受消息有效有效的数字证书。

推荐答案

<To Qualifier="blah"</To>
<From Qualifier="blah"</From>

以上应该是...

The above should probably be...

<To Qualifier="blah"></To>
<From Qualifier="blah"></From>

这些行也是格格不入...

These lines are malformed too...

<SignatureValue>blahblah>
<X509Data>blahblahblah;/X509Data>

......我猜这就是你想要的......

... and I'm guessing this is what you want for them...

<SignatureValue>blahblah</SignatureValue>
<X509Data>blahblahblah;</X509Data>

这篇关于格式错误的元素签名，signedXml.LoadXml（（XmlElement）nodeList [0]，密码学，RSA的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！