Question

我正在对xml文档进行数字签名。这是我的代码：

private void mbSign_Click_1(object sender, EventArgs e)
{
    try
    {
            CadesSignature cs = new CadesSignature(FStrDSCSNo);
                            cs.DigitalSignatureCertificate = DigitalCertificate.LoadCertificate(false, string.Empty, "Select Certificate", "Select the certificate for digital signature");
                            RSACryptoServiceProvider rsaEncryptor = (RSACryptoServiceProvider)cs.DigitalSignatureCertificate.PrivateKey;

        L_ADSC_ValidTo = cs.DigitalSignatureCertificate.NotAfter.ToShortDateString();

        if (DateTime.Now <= DateTime.ParseExact(L_ADSC_ValidTo, "dd/MM/yyyy", null))
                        {
                            FObjLog.WriteToLog("Valid DSC");
                            L_ADSC_CertStatus = "A";
                            // Sign the XML document.
                            //DataTable dt_SignXMlAndSignaute = new DataTable();
                            SignXml(rsaEncryptor);
                        }
}

catch (CryptographicException)
            {
                MessageBox.Show("Invalid DSC Selection.Please Choose Correct DSC");
                FObjLog.WriteToLog("Invalid DSC Selection.Please Choose Correct DSC");
            }
            catch (NullReferenceException)
            {
                MessageBox.Show("Please Attach DSC");
                FObjLog.WriteToLog("Please Attach DSC");
            }

  }
public void SignXml(RSA Key)
        {
XmlDocument LXMLDoc = new XmlDocument();
            if (File.Exists(LXMLPath))
            {
                LXMLDoc.Load(LXMLPath);
            }
                if (LXMLDoc == null)
                    throw new ArgumentException("LXMLDoc");
                if (Key == null)
                    throw new ArgumentException("Key");

                // Create a SignedXml object.
                SignedXml signedXml = new SignedXml(LXMLDoc);

                // Add the key to the SignedXml document.
                signedXml.SigningKey = Key;

                // Create a reference to be signed.
                Reference reference = new Reference();
                //reference.Uri = txtfilepath.Text;
                reference.Uri = "";

                // Add an enveloped transformation to the reference.
                XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
                reference.AddTransform(env); // calculating Digest value

                // Add the reference to the SignedXml object.
                signedXml.AddReference(reference);

                // Add an RSAKeyValue KeyInfo (optional; helps recipient find key to validate).
                KeyInfo keyInfo = new KeyInfo();
                keyInfo.AddClause(new RSAKeyValue((RSA)Key));
                signedXml.KeyInfo = keyInfo;

                signedXml.ComputeSignature();

                string FullSignatureValue = "";
                string SignatureValue = "";
                XmlElement xmlDigitalSignature = signedXml.GetXml();
                FullSignatureValue = xmlDigitalSignature.InnerText;
                string[] Sign = FullSignatureValue.Split(new char[] { '=' }, 2);


                SignatureValue = Sign[1].ToString();

                signedXml = new SignedXml(LXMLDoc);
LXMLDoc.DocumentElement.AppendChild(LXMLDoc.ImportNode(xmlDigitalSignature, true));
}

我可以在这里签署文件，但我无法检查签名时是否附加了USB令牌。这里发生的事情是，即使没有连接USB令牌，证书也会弹出以供选择，因为证书在本地可用。当您从Internet Explorer中删除所有证书并尝试使用未附加的USB令牌进行签名时，它会要求连接DSC卡（USB令牌）。我想仅在连接DSC（USB令牌）时签署文档。如何在签名时确保连接USB？

Answer 1

CryptoAPI和CNG系统接口（以及使用这些接口的.NET类）提供高级抽象，无法检查硬件。如果您使用PKCS＃11接口，那么您可能能够实现您想要的。然而，PKCS＃11也有其缺点。

Answer 2

CryptoAPI和CNG不会公开卡状态信息，因为您想要WINSCARD。具体来说，您想要调用SCARDGetStatusChange。

Team.findOne({
    _id: req.team._id
})            
.populate({path:'students'})
.exec(function(err, team) {
    console.log(team);
});

签署文档时如何检查DSC（USB令牌）是否已附加？

2 个答案: