如何使用SHA256检查签名XML文档的签名?

时间:2014-12-04 14:04:01

标签: .net-4.5 signing

似乎SignedXml.CheckSignature仅对使用SHA1的签名文档工作正常。

我通过添加算法SHA256尝试this code,CheckSignature工作正常,但WIF类开始抛出以下异常:

System.Security.Cryptography.CryptographicException:指定的算法无效。在这个方法中调用 System.IdentityModel.Services.FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest

似乎ProcessSignInRequest使用已在内部覆盖的算法SHA1:

CryptoConfig.AddAlgorithm(typeof(RSAPKCS1SHA256SignatureDescription), 
                          "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");

我错过了什么?如何在CheckSignature中指定算法?

1 个答案:

答案 0 :(得分:3)

我今天遇到了同样的问题。事实证明,WIF签名证书是使用没有SHA256支持的CSP生成的(more details)。

我浏览了System.IdentityModel源代码,发现它包含针对此案例的特殊处理。当您在全局注册相应的算法时,WIF使用它而不是其内部实现,RSAPKCS1SHA256SignatureDescription类不包括此特殊处理。

所以我创建了自己的SignatureDescription实现,它使用默认参数重新创建RSACryptoServiceProvider,其中包括SHA256支持。

/// <summary>
/// Represents the sha256RSA signature algorithm.
/// </summary>
public sealed class RsaPkcs1Sha256SignatureDescription : SignatureDescription
{
    /// <summary>
    /// This type of CSP has SHA256 support
    /// </summary>
    private const int PROV_RSA_AES = 24;

    public RsaPkcs1Sha256SignatureDescription()
    {
        KeyAlgorithm = typeof(RSACryptoServiceProvider).FullName;
        DigestAlgorithm = typeof(SHA256Cng).FullName;
        FormatterAlgorithm = typeof(RSAPKCS1SignatureFormatter).FullName;
        DeformatterAlgorithm = typeof(RSAPKCS1SignatureDeformatter).FullName;
    }

    /// <summary>
    /// Adds support for sha256RSA XML signatures.
    /// </summary>
    public static void RegisterForSignedXml()
    {
        CryptoConfig.AddAlgorithm(
            typeof (RsaPkcs1Sha256SignatureDescription),
            "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
    }

    public override AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key)
    {
        if (key == null) throw new ArgumentNullException("key");

        key = GetSha2CompatibleKey(key);

        var signatureDeformatter = new RSAPKCS1SignatureDeformatter(key);
        signatureDeformatter.SetHashAlgorithm("SHA256");
        return signatureDeformatter;
    }

    public override AsymmetricSignatureFormatter CreateFormatter(AsymmetricAlgorithm key)
    {
        if (key == null) throw new ArgumentNullException("key");

        key = GetSha2CompatibleKey(key);

        var signatureFormatter = new RSAPKCS1SignatureFormatter(key);
        signatureFormatter.SetHashAlgorithm("SHA256");
        return signatureFormatter;
    }

    // Some certificates are generated without SHA2 support, this method recreates the CSP for them.
    // See https://stackoverflow.com/a/11223454/280778
    // WIF handles this case internally if no sha256RSA support is installed globally.
    private static AsymmetricAlgorithm GetSha2CompatibleKey(AsymmetricAlgorithm key)
    {
        var csp = key as RSACryptoServiceProvider;
        if (csp == null || csp.CspKeyContainerInfo.ProviderType == PROV_RSA_AES)
            return key;

        var newKey = new RSACryptoServiceProvider(new CspParameters(PROV_RSA_AES));
        newKey.ImportParameters(csp.ExportParameters(true));
        return newKey;
    }
}