我签署了xml文档here
该文件的摘要值为 atHP855e32qDMu4fzAZr + wXRqfeLh9HTpnAlAFy / jDg = 当我尝试用下面的代码检查时,结果是 Ppk6zE8XY4zaIPco / fY / sSKog3imkmko8CMAIHVNwTw = 我认为问题出在包含空格的Body标签中。如果在没有空格的情况下签署此文档,则摘要值相等。
谁能发现错误?
public static byte[] GetDigest(XmlDocument doc)
{
var nodeList = doc.GetElementsByTagName(
"Signature", "http://www.w3.org/2000/09/xmldsig#");
var signedXml = new SignedXml(doc);
signedXml.LoadXml((XmlElement)nodeList[0]);
var signatureDescription = CryptoConfig.CreateFromName(signedXml.SignedInfo.SignatureMethod) as SignatureDescription;
var hashAlgorithm = signatureDescription.CreateDigest();
var xmlDocument = new XmlDocument
{
PreserveWhitespace = true
};
var body = doc.SelectSingleNode("/ReportEnvelope/Body");
XmlNodeList transformNode = ((XmlElement)(nodeList[0])).GetElementsByTagName("Transform");
xmlDocument.AppendChild(xmlDocument.ImportNode(body, true));
var transform = signedXml.SignedInfo.CanonicalizationMethodObject;
transform.LoadInnerXml(transformNode);
transform.LoadInput(xmlDocument);
return transform.GetDigestedOutput(hashAlgorithm);
}
答案 0 :(得分:0)
我也遇到了这个问题,它与SignedXml如何创建哈希摘要有关。在.NET 4中,它完全忽略了XML中的任何空格。
SignedXml.CheckSignature fails in .NET 4 but it works in .NET 3.5, 3 or 2