Question

我正在尝试将签名的xml文档导入另一个xml文档。当我导入文档并导出它没有任何变化时，我无法再对其进行验证。

即使是下面的代码也会破坏验证。

OpenFileDialog ofd = new OpenFileDialog();
ofd.ShowDialog();

if (ofd.FileName != "")
{
   XmlDocument XmlDocument = new XmlDocument();
   XmlDocument.Load(ofd.FileName);

   FolderBrowserDialog fbd = new FolderBrowserDialog();
   fbd.ShowDialog();

   if (fbd.SelectedPath != "")
   {
      XmlDocument.Save(fbd.SelectedPath + @"\Doc.xml");
   }
}

如何在不破坏签名验证的情况下导入/导出xml文档？

我的Xml文件是：

信封：dl.omerharmansa.com/envelope.xml
发票：dl.omerharmansa.com/invoice.xml

invoice.xml是已签名的文档。我想将invoice.xml导入envelope.xml。将显示invoice.xml将要导入的envelope.xml元素。

Answer 1

鉴于以下签名XML：

<?xml version="1.0"?>
<MySignedXMLRoot xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <MySignedXMLNode>TextToBeSigned</MySignedXMLNode>
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
    <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
      <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
      <Reference URI="">
        <Transforms>
          <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
        </Transforms>
        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <DigestValue>3tAjL2X1SEMhxQ1Hp9X4HBUtsgQ=</DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>UYyELdlqq1InZSwSKozhIuATU52gdVFw0AqnZxOB0xQR6CS2hbW5tZIXc6fMPSYstyfMVULO1ZioRkHvyIY7LqeR/i4cYZvA1VpzTnx+0gZEcPFEuMORNgJ0v/W7NHi5xJb6uxkdZBcSMleFWitTHO+tPh8tha0cNdp4XO8Xx4Y=</SignatureValue>
  </Signature>
</MySignedXMLRoot>

如果要将其包含在以下XML文档中：

<MyXML>
    <SomeData>Random Data</SomeData>
    <Container/>
</MyXML>

您必须正确设置签名的Reference属性：

<MyXML>
    <SomeData>Random Data</SomeData>
    <Container>
        <MySignedXMLRoot id="ElementToSign" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <MySignedXMLNode>TextToBeSigned</MySignedXMLNode>
            <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
                <SignedInfo>
                    <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
                    <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
                    <Reference URI="#ElementToSign">
                        <Transforms>
                            <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
                        </Transforms>
                        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
                        <DigestValue>3tAjL2X1SEMhxQ1Hp9X4HBUtsgQ=</DigestValue>
                    </Reference>
                </SignedInfo>
                <SignatureValue>UYyELdlqq1InZSwSKozhIuATU52gdVFw0AqnZxOB0xQR6CS2hbW5tZIXc6fMPSYstyfMVULO1ZioRkHvyIY7LqeR/i4cYZvA1VpzTnx+0gZEcPFEuMORNgJ0v/W7NHi5xJb6uxkdZBcSMleFWitTHO+tPh8tha0cNdp4XO8Xx4Y=</SignatureValue>
            </Signature>
        </MySignedXMLRoot>
    </Container>
</MyXML>

您可以使用Reference.Uri

进行设置

如何将Xades签名的Xml文档导入另一个Xml文档？

1 个答案: