使用OPC直接签署Office Word docx(开放式打包约定)

时间:2015-12-07 07:03:45

标签: c# xml openxml digital-signature

来自this

我终于能够生成一个正确的分离签名。

但是:

  • 当我尝试生成包络签名时,它表示从对象生成的摘要值不正确
  • 当我尝试签署关系对象时,它表示关系文件无效(已处理)。

所以我们在这里有两个问题:

  • 我应该为包络签名准确地消化什么值(或者如果我们在signedinfo数据中引用一个对象,从对象中消化什么值?)
  • 如何处理正确的关系变换以及我应该消化它的价值?
BTW,一个分离的签名看起来像这样(我能够正确签名):

[d[item] for item in l if d.has_key(item)]

但是包络签名看起来像这样(我无法重现对象的正确摘要值):

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="idPackageSignature">
    <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
      <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
      <Reference URI="/word/document.xml?ContentType=application/vnd.openxmlformats-officedocument.wordprocessingml.document.main+xml">
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
          <DigestValue>
          </DigestValue>
      </Reference>
      <Reference URI="/word/webSettings.xml?ContentType=application/vnd.openxmlformats-officedocument.wordprocessingml.webSettings+xml">
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
          <DigestValue>
          </DigestValue>
      </Reference>
      <Reference URI="/word/settings.xml?ContentType=application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml">
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
          <DigestValue>
          </DigestValue>
      </Reference>
      <Reference URI="/word/styles.xml?ContentType=application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml">
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
          <DigestValue>
          </DigestValue>
      </Reference>
      <Reference URI="/word/theme/theme1.xml?ContentType=application/vnd.openxmlformats-officedocument.theme+xml">
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
          <DigestValue>
          </DigestValue>
      </Reference>
      <Reference URI="/word/fontTable.xml?ContentType=application/vnd.openxmlformats-officedocument.wordprocessingml.fontTable+xml">
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
          <DigestValue>
          </DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>
    </SignatureValue>
    <KeyInfo>
      <X509Data>
        <X509Certificate>
        </X509Certificate>
      </X509Data>
    </KeyInfo>
  </Signature>

试图在没有运气的情况下消化对象节点内的内容。

请记住,虽然我可以生成有效的分离签名,但如ECMA标准中所述,它被视为逻辑上无效。

最后,关系参考看起来像这样(我也应该能够消化并签名):

<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<Signature Id="SignatureIdValue" xmlns="http://www.w3.org/2000/09/xmldsig#">
  <SignedInfo>
    <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
    <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
    <Reference URI="#idPackageObject" Type="http://www.w3.org/2000/09/xmldsig#Object">
      <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
      <DigestValue>
      </DigestValue>
    </Reference>
  </SignedInfo>
  <SignatureValue>
  </SignatureValue>
  <KeyInfo>
    <X509Data>
      <X509Certificate>
        </X509Certificate>
    </X509Data>
  </KeyInfo>
  <Object Id="idPackageObject">
    <Manifest>
      <Reference URI="/word/document.xml?ContentType=application/vnd.openxmlformats-officedocument.wordprocessingml.document.main+xml">
        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <DigestValue>
        </DigestValue>
      </Reference>
      <Reference URI="/word/webSettings.xml?ContentType=application/vnd.openxmlformats-officedocument.wordprocessingml.webSettings+xml">
        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <DigestValue>
        </DigestValue>
      </Reference>
      <Reference URI="/word/settings.xml?ContentType=application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml">
        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <DigestValue>
        </DigestValue>
      </Reference>
      <Reference URI="/word/styles.xml?ContentType=application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml">
        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <DigestValue>
        </DigestValue>
      </Reference>
      <Reference URI="/word/theme/theme1.xml?ContentType=application/vnd.openxmlformats-officedocument.theme+xml">
        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <DigestValue>
        </DigestValue>
      </Reference>
      <Reference URI="/word/fontTable.xml?ContentType=application/vnd.openxmlformats-officedocument.wordprocessingml.fontTable+xml">
        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <DigestValue>
        </DigestValue>
      </Reference>
    </Signature>

0 个答案:

没有答案
相关问题
最新问题