KeyInfoX509Data 클래스
정의
중요
일부 정보는 릴리스되기 전에 상당 부분 수정될 수 있는 시험판 제품과 관련이 있습니다. Microsoft는 여기에 제공된 정보에 대해 어떠한 명시적이거나 묵시적인 보증도 하지 않습니다.
XMLDSIG 또는 XML 암호화 <X509Data>
요소의 <KeyInfo>
하위 요소를 나타냅니다.
public ref class KeyInfoX509Data : System::Security::Cryptography::Xml::KeyInfoClause
public class KeyInfoX509Data : System.Security.Cryptography.Xml.KeyInfoClause
type KeyInfoX509Data = class
inherit KeyInfoClause
Public Class KeyInfoX509Data
Inherits KeyInfoClause
- 상속
예제
이 섹션에는 두 코드 예제가 있습니다. 첫 번째 예제에서는 분리 된 서명을 사용 하 여 XML 파일에 서명 하는 방법에 설명 합니다. 두 번째 예는 봉투 (envelope) 서명을 사용 하 여 XML 파일에 서명 하는 방법에 설명 합니다.
예 #1
//
// This example signs a file specified by a URI
// using a detached signature. It then verifies
// the signed XML.
//
#using <System.Security.dll>
#using <System.Xml.dll>
using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::Xml;
using namespace System::Security::Cryptography::X509Certificates;
using namespace System::Text;
using namespace System::Xml;
// Sign an XML file and save the signature in a new file.
void SignDetachedResource( String^ URIString, String^ XmlSigFileName, RSA^ Key, String^ Certificate )
{
// Create a SignedXml object.
SignedXml^ signedXml = gcnew SignedXml;
// Assign the key to the SignedXml object.
signedXml->SigningKey = Key;
// Create a reference to be signed.
Reference^ reference = gcnew Reference;
// Add the passed URI to the reference object.
reference->Uri = URIString;
// Add the reference to the SignedXml object.
signedXml->AddReference( reference );
// Create a new KeyInfo object.
KeyInfo^ keyInfo = gcnew KeyInfo;
// Load the X509 certificate.
X509Certificate^ MSCert = X509Certificate::CreateFromCertFile( Certificate );
// Load the certificate into a KeyInfoX509Data object
// and add it to the KeyInfo object.
keyInfo->AddClause( gcnew KeyInfoX509Data( MSCert ) );
// Add the KeyInfo object to the SignedXml object.
signedXml->KeyInfo = keyInfo;
// Compute the signature.
signedXml->ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement^ xmlDigitalSignature = signedXml->GetXml();
// Save the signed XML document to a file specified
// using the passed string.
XmlTextWriter^ xmltw = gcnew XmlTextWriter( XmlSigFileName,gcnew UTF8Encoding( false ) );
xmlDigitalSignature->WriteTo( xmltw );
xmltw->Close();
}
[STAThread]
int main()
{
array<String^>^args = Environment::GetCommandLineArgs();
// The URI to sign.
String^ resourceToSign = "http://www.microsoft.com";
// The name of the file to which to save the XML signature.
String^ XmlFileName = "xmldsig.xml";
// The name of the X509 certificate
String^ Certificate = "microsoft.cer";
try
{
// Generate a signing key. This key should match the certificate.
RSA^ Key = RSA::Create();
Console::WriteLine( "Signing: {0}", resourceToSign );
// Sign the detached resource and save the signature in an XML file.
SignDetachedResource( resourceToSign, XmlFileName, Key, Certificate );
Console::WriteLine( "XML signature was successfully computed and saved to {0}.", XmlFileName );
}
catch ( CryptographicException^ e )
{
Console::WriteLine( e->Message );
}
}
//
// This example signs a file specified by a URI
// using a detached signature. It then verifies
// the signed XML.
//
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Xml;
class XMLDSIGDetached
{
[STAThread]
static void Main(string[] args)
{
// The URI to sign.
string resourceToSign = "http://www.microsoft.com";
// The name of the file to which to save the XML signature.
string XmlFileName = "xmldsig.xml";
// The name of the X509 certificate
string Certificate = "microsoft.cer";
try
{
// Generate a signing key. This key should match the certificate.
RSA Key = RSA.Create();
Console.WriteLine("Signing: {0}", resourceToSign);
// Sign the detached resourceand save the signature in an XML file.
SignDetachedResource(resourceToSign, XmlFileName, Key, Certificate);
Console.WriteLine("XML signature was successfully computed and saved to {0}.", XmlFileName);
}
catch(CryptographicException e)
{
Console.WriteLine(e.Message);
}
}
// Sign an XML file and save the signature in a new file.
public static void SignDetachedResource(string URIString, string XmlSigFileName, RSA Key, string Certificate)
{
// Create a SignedXml object.
SignedXml signedXml = new SignedXml();
// Assign the key to the SignedXml object.
signedXml.SigningKey = Key;
// Create a reference to be signed.
Reference reference = new Reference();
// Add the passed URI to the reference object.
reference.Uri = URIString;
// Add the reference to the SignedXml object.
signedXml.AddReference(reference);
// Create a new KeyInfo object.
KeyInfo keyInfo = new KeyInfo();
// Load the X509 certificate.
X509Certificate MSCert = X509Certificate.CreateFromCertFile(Certificate);
// Load the certificate into a KeyInfoX509Data object
// and add it to the KeyInfo object.
keyInfo.AddClause(new KeyInfoX509Data(MSCert));
// Add the KeyInfo object to the SignedXml object.
signedXml.KeyInfo = keyInfo;
// Compute the signature.
signedXml.ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement xmlDigitalSignature = signedXml.GetXml();
// Save the signed XML document to a file specified
// using the passed string.
XmlTextWriter xmltw = new XmlTextWriter(XmlSigFileName, new UTF8Encoding(false));
xmlDigitalSignature.WriteTo(xmltw);
xmltw.Close();
}
}
'
' This example signs a file specified by a URI
' using a detached signature. It then verifies
' the signed XML.
'
Imports System.Security.Cryptography
Imports System.Security.Cryptography.Xml
Imports System.Security.Cryptography.X509Certificates
Imports System.Text
Imports System.Xml
Class XMLDSIGDetached
<STAThread()> _
Overloads Shared Sub Main(args() As String)
' The URI to sign.
Dim resourceToSign As String = "http://www.microsoft.com"
' The name of the file to which to save the XML signature.
Dim XmlFileName As String = "xmldsig.xml"
' The name of the X509 certificate
Dim Certificate As String = "microsoft.cer"
Try
' Generate a signing key. This key should match the
' certificate.
Dim Key As RSA = RSA.Create()
Console.WriteLine("Signing: {0}", resourceToSign)
' Sign the detached resourceand save the signature in an XML file.
SignDetachedResource(resourceToSign, XmlFileName, Key, Certificate)
Console.WriteLine("XML signature was successfully computed and saved to {0}.", XmlFileName)
Catch e As CryptographicException
Console.WriteLine(e.Message)
End Try
End Sub
' Sign an XML file and save the signature in a new file.
Public Shared Sub SignDetachedResource(URIString As String, XmlSigFileName As String, Key As RSA, Certificate As String)
' Create a SignedXml object.
Dim signedXml As New SignedXml()
' Assign the key to the SignedXml object.
signedXml.SigningKey = Key
' Create a reference to be signed.
Dim reference As New Reference()
' Add the passed URI to the reference object.
reference.Uri = URIString
' Add the reference to the SignedXml object.
signedXml.AddReference(reference)
' Create a new KeyInfo object.
Dim keyInfo As New KeyInfo()
' Load the X509 certificate.
Dim MSCert As X509Certificate = X509Certificate.CreateFromCertFile(Certificate)
' Load the certificate into a KeyInfoX509Data object
' and add it to the KeyInfo object.
keyInfo.AddClause(New KeyInfoX509Data(MSCert))
' Add the KeyInfo object to the SignedXml object.
signedXml.KeyInfo = keyInfo
' Compute the signature.
signedXml.ComputeSignature()
' Get the XML representation of the signature and save
' it to an XmlElement object.
Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
' Save the signed XML document to a file specified
' using the passed string.
Dim xmltw As New XmlTextWriter(XmlSigFileName, New UTF8Encoding(False))
xmlDigitalSignature.WriteTo(xmltw)
xmltw.Close()
End Sub
End Class
예 #2
//
// This example signs an XML file using an
// envelope signature. It then verifies the
// signed XML.
//
#using <System.Security.dll>
#using <System.Xml.dll>
using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::Xml;
using namespace System::Security::Cryptography::X509Certificates;
using namespace System::Text;
using namespace System::Xml;
// Sign an XML file and save the signature in a new file.
void SignXmlFile( String^ FileName, String^ SignedFileName, RSA^ Key, String^ Certificate )
{
// Create a new XML document.
XmlDocument^ doc = gcnew XmlDocument;
// Format the document to ignore white spaces.
doc->PreserveWhitespace = false;
// Load the passed XML file using its name.
doc->Load( gcnew XmlTextReader( FileName ) );
// Create a SignedXml object.
SignedXml^ signedXml = gcnew SignedXml( doc );
// Add the key to the SignedXml document.
signedXml->SigningKey = Key;
// Create a reference to be signed.
Reference^ reference = gcnew Reference;
reference->Uri = "";
// Add an enveloped transformation to the reference.
XmlDsigEnvelopedSignatureTransform^ env = gcnew XmlDsigEnvelopedSignatureTransform;
reference->AddTransform( env );
// Add the reference to the SignedXml object.
signedXml->AddReference( reference );
// Create a new KeyInfo object.
KeyInfo^ keyInfo = gcnew KeyInfo;
// Load the X509 certificate.
X509Certificate^ MSCert = X509Certificate::CreateFromCertFile( Certificate );
// Load the certificate into a KeyInfoX509Data object
// and add it to the KeyInfo object.
keyInfo->AddClause( gcnew KeyInfoX509Data( MSCert ) );
// Add the KeyInfo object to the SignedXml object.
signedXml->KeyInfo = keyInfo;
// Compute the signature.
signedXml->ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement^ xmlDigitalSignature = signedXml->GetXml();
// Append the element to the XML document.
doc->DocumentElement->AppendChild( doc->ImportNode( xmlDigitalSignature, true ) );
if ( (doc->FirstChild)->GetType() == XmlDeclaration::typeid )
{
doc->RemoveChild( doc->FirstChild );
}
// Save the signed XML document to a file specified
// using the passed string.
XmlTextWriter^ xmltw = gcnew XmlTextWriter( SignedFileName,gcnew UTF8Encoding( false ) );
doc->WriteTo( xmltw );
xmltw->Close();
}
// Create example data to sign.
void CreateSomeXml( String^ FileName )
{
// Create a new XmlDocument object.
XmlDocument^ document = gcnew XmlDocument;
// Create a new XmlNode object.
XmlNode^ node = document->CreateNode( XmlNodeType::Element, "", "MyElement", "samples" );
// Add some text to the node.
node->InnerText = "Example text to be signed.";
// Append the node to the document.
document->AppendChild( node );
// Save the XML document to the file name specified.
XmlTextWriter^ xmltw = gcnew XmlTextWriter( FileName,gcnew UTF8Encoding( false ) );
document->WriteTo( xmltw );
xmltw->Close();
}
int main()
{
String^ Certificate = "microsoft.cer";
try
{
// Generate a signing key.
RSA^ Key = RSA::Create();
// Create an XML file to sign.
CreateSomeXml( "Example.xml" );
Console::WriteLine( "New XML file created." );
// Sign the XML that was just created and save it in a
// new file.
SignXmlFile( "Example.xml", "SignedExample.xml", Key, Certificate );
Console::WriteLine( "XML file signed." );
}
catch ( CryptographicException^ e )
{
Console::WriteLine( e->Message );
}
return 0;
}
//
// This example signs an XML file using an
// envelope signature. It then verifies the
// signed XML.
//
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Xml;
public class SignVerifyEnvelope
{
public static void Main(String[] args)
{
string Certificate = "microsoft.cer";
try
{
// Generate a signing key.
RSA Key = RSA.Create();
// Create an XML file to sign.
CreateSomeXml("Example.xml");
Console.WriteLine("New XML file created.");
// Sign the XML that was just created and save it in a
// new file.
SignXmlFile("Example.xml", "SignedExample.xml", Key, Certificate);
Console.WriteLine("XML file signed.");
}
catch(CryptographicException e)
{
Console.WriteLine(e.Message);
}
}
// Sign an XML file and save the signature in a new file.
public static void SignXmlFile(string FileName, string SignedFileName, RSA Key, string Certificate)
{
// Create a new XML document.
XmlDocument doc = new XmlDocument();
// Format the document to ignore white spaces.
doc.PreserveWhitespace = false;
// Load the passed XML file using it's name.
doc.Load(new XmlTextReader(FileName));
// Create a SignedXml object.
SignedXml signedXml = new SignedXml(doc);
// Add the key to the SignedXml document.
signedXml.SigningKey = Key;
// Create a reference to be signed.
Reference reference = new Reference();
reference.Uri = "";
// Add an enveloped transformation to the reference.
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
// Add the reference to the SignedXml object.
signedXml.AddReference(reference);
// Create a new KeyInfo object.
KeyInfo keyInfo = new KeyInfo();
// Load the X509 certificate.
X509Certificate MSCert = X509Certificate.CreateFromCertFile(Certificate);
// Load the certificate into a KeyInfoX509Data object
// and add it to the KeyInfo object.
keyInfo.AddClause(new KeyInfoX509Data(MSCert));
// Add the KeyInfo object to the SignedXml object.
signedXml.KeyInfo = keyInfo;
// Compute the signature.
signedXml.ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement xmlDigitalSignature = signedXml.GetXml();
// Append the element to the XML document.
doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, true));
if (doc.FirstChild is XmlDeclaration)
{
doc.RemoveChild(doc.FirstChild);
}
// Save the signed XML document to a file specified
// using the passed string.
XmlTextWriter xmltw = new XmlTextWriter(SignedFileName, new UTF8Encoding(false));
doc.WriteTo(xmltw);
xmltw.Close();
}
// Create example data to sign.
public static void CreateSomeXml(string FileName)
{
// Create a new XmlDocument object.
XmlDocument document = new XmlDocument();
// Create a new XmlNode object.
XmlNode node = document.CreateNode(XmlNodeType.Element, "", "MyElement", "samples");
// Add some text to the node.
node.InnerText = "Example text to be signed.";
// Append the node to the document.
document.AppendChild(node);
// Save the XML document to the file name specified.
XmlTextWriter xmltw = new XmlTextWriter(FileName, new UTF8Encoding(false));
document.WriteTo(xmltw);
xmltw.Close();
}
}
'
' This example signs an XML file using an
' envelope signature. It then verifies the
' signed XML.
'
Imports System.Security.Cryptography
Imports System.Security.Cryptography.Xml
Imports System.Security.Cryptography.X509Certificates
Imports System.Text
Imports System.Xml
Public Class SignVerifyEnvelope
Overloads Public Shared Sub Main(args() As [String])
Dim Certificate As String = "microsoft.cer"
Try
' Generate a signing key.
Dim Key As RSA = RSA.Create()
' Create an XML file to sign.
CreateSomeXml("Example.xml")
Console.WriteLine("New XML file created.")
' Sign the XML that was just created and save it in a
' new file.
SignXmlFile("Example.xml", "SignedExample.xml", Key, Certificate)
Console.WriteLine("XML file signed.")
Catch e As CryptographicException
Console.WriteLine(e.Message)
End Try
End Sub
' Sign an XML file and save the signature in a new file.
Public Shared Sub SignXmlFile(FileName As String, SignedFileName As String, Key As RSA, Certificate As String)
' Create a new XML document.
Dim doc As New XmlDocument()
' Format the document to ignore white spaces.
doc.PreserveWhitespace = False
' Load the passed XML file using it's name.
doc.Load(New XmlTextReader(FileName))
' Create a SignedXml object.
Dim signedXml As New SignedXml(doc)
' Add the key to the SignedXml document.
signedXml.SigningKey = Key
' Create a reference to be signed.
Dim reference As New Reference()
reference.Uri = ""
' Add an enveloped transformation to the reference.
Dim env As New XmlDsigEnvelopedSignatureTransform()
reference.AddTransform(env)
' Add the reference to the SignedXml object.
signedXml.AddReference(reference)
' Create a new KeyInfo object.
Dim keyInfo As New KeyInfo()
' Load the X509 certificate.
Dim MSCert As X509Certificate = X509Certificate.CreateFromCertFile(Certificate)
' Load the certificate into a KeyInfoX509Data object
' and add it to the KeyInfo object.
keyInfo.AddClause(New KeyInfoX509Data(MSCert))
' Add the KeyInfo object to the SignedXml object.
signedXml.KeyInfo = keyInfo
' Compute the signature.
signedXml.ComputeSignature()
' Get the XML representation of the signature and save
' it to an XmlElement object.
Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
' Append the element to the XML document.
doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, True))
If TypeOf doc.FirstChild Is XmlDeclaration Then
doc.RemoveChild(doc.FirstChild)
End If
' Save the signed XML document to a file specified
' using the passed string.
Dim xmltw As New XmlTextWriter(SignedFileName, New UTF8Encoding(False))
doc.WriteTo(xmltw)
xmltw.Close()
End Sub
' Create example data to sign.
Public Shared Sub CreateSomeXml(FileName As String)
' Create a new XmlDocument object.
Dim document As New XmlDocument()
' Create a new XmlNode object.
Dim node As XmlNode = document.CreateNode(XmlNodeType.Element, "", "MyElement", "samples")
' Add some text to the node.
node.InnerText = "Example text to be signed."
' Append the node to the document.
document.AppendChild(node)
' Save the XML document to the file name specified.
Dim xmltw As New XmlTextWriter(FileName, New UTF8Encoding(False))
document.WriteTo(xmltw)
xmltw.Close()
End Sub
End Class
설명
KeyInfoX509Data 나타내는 클래스는 <X509Data>
유효성 검사 또는 암호화 키와 관련 된 X.509v3 인증서 정보를 포함 하는 요소입니다. 예를 들어는 <X509Data>
요소에는 X.509 인증서 유효성 검사 키 또는 인증서 유효성 검사 키 또는 관련 된 X.509 인증서에 대 한 다른 식별자에서 종료 되는 X.509 인증서 체인 주체 공개 키가 포함 될 수 있습니다.
사용 된 KeyInfoX509Data 암호화 되거나 서명 된 XML 문서에 X.509 인증서 데이터를 포함 해야 할 경우 클래스입니다.
요소에 <X509Data>
대한 자세한 내용은 W3C 웹 사이트에서 사용할 수 있는 XMLDSIG 사양 또는 XML 암호화 사양의 섹션 4.4.4를 참조하세요.
생성자
KeyInfoX509Data() |
KeyInfoX509Data 클래스의 새 인스턴스를 초기화합니다. |
KeyInfoX509Data(Byte[]) |
X.509v3 인증서의 지정된 ASN.1 DER 인코딩에서 KeyInfoX509Data 클래스의 새 인스턴스를 초기화합니다. |
KeyInfoX509Data(X509Certificate, X509IncludeOption) |
지정된 X.509v3 인증서에서 KeyInfoX509Data 클래스의 새 인스턴스를 초기화합니다. |
KeyInfoX509Data(X509Certificate) |
지정된 X.509v3 인증서에서 KeyInfoX509Data 클래스의 새 인스턴스를 초기화합니다. |
속성
Certificates |
KeyInfoX509Data 개체에 포함된 X.509v3 인증서 목록을 가져옵니다. |
CRL |
KeyInfoX509Data 개체 내에 포함된 CRL(인증서 해지 목록)을 가져오거나 설정합니다. |
IssuerSerials |
발급자 이름 및 일련 번호 쌍을 나타내는 X509IssuerSerial 구조체 목록을 가져옵니다. |
SubjectKeyIds |
KeyInfoX509Data 개체에 포함된 SKI(주체 키 식별자) 목록을 가져옵니다. |
SubjectNames |
KeyInfoX509Data 개체에 포함된 엔터티의 주체 이름 목록을 가져옵니다. |
메서드
AddCertificate(X509Certificate) |
지정된 X.509v3 인증서를 KeyInfoX509Data에 추가합니다. |
AddIssuerSerial(String, String) |
지정된 발급자 이름과 일련 번호 쌍을 KeyInfoX509Data 개체에 추가합니다. |
AddSubjectKeyId(Byte[]) |
지정된 SKI(주체 키 식별자) 바이트 배열을 KeyInfoX509Data 개체에 추가합니다. |
AddSubjectKeyId(String) |
지정된 SKI(주체 키 식별자) 문자열을 KeyInfoX509Data 개체에 추가합니다. |
AddSubjectName(String) |
X.509v3 인증서가 발급된 엔터티의 주체 이름을 KeyInfoX509Data 개체에 추가합니다. |
Equals(Object) |
지정된 개체가 현재 개체와 같은지 확인합니다. (다음에서 상속됨 Object) |
GetHashCode() |
기본 해시 함수로 작동합니다. (다음에서 상속됨 Object) |
GetType() |
현재 인스턴스의 Type을 가져옵니다. (다음에서 상속됨 Object) |
GetXml() |
KeyInfoX509Data 개체의 XML 표현을 반환합니다. |
LoadXml(XmlElement) |
입력 XmlElement 개체를 구문 분석하여 KeyInfoX509Data 내부 상태를 이와 일치하도록 구성합니다. |
MemberwiseClone() |
현재 Object의 단순 복사본을 만듭니다. (다음에서 상속됨 Object) |
ToString() |
현재 개체를 나타내는 문자열을 반환합니다. (다음에서 상속됨 Object) |
적용 대상
.NET