KeyInfoX509Data Classe
Definição
Importante
Algumas informações se referem a produtos de pré-lançamento que podem ser substancialmente modificados antes do lançamento. A Microsoft não oferece garantias, expressas ou implícitas, das informações aqui fornecidas.
Representa um subelemento <X509Data>
de um elemento <KeyInfo>
de Criptografia XML ou XMLDSIG.
public ref class KeyInfoX509Data : System::Security::Cryptography::Xml::KeyInfoClause
public class KeyInfoX509Data : System.Security.Cryptography.Xml.KeyInfoClause
type KeyInfoX509Data = class
inherit KeyInfoClause
Public Class KeyInfoX509Data
Inherits KeyInfoClause
- Herança
Exemplos
Esta seção contém dois exemplos de código. O primeiro exemplo demonstra como assinar um arquivo XML usando uma assinatura desanexada. O segundo exemplo demonstra como assinar um arquivo XML usando uma assinatura de envelope.
Exemplo nº 1
//
// This example signs a file specified by a URI
// using a detached signature. It then verifies
// the signed XML.
//
#using <System.Security.dll>
#using <System.Xml.dll>
using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::Xml;
using namespace System::Security::Cryptography::X509Certificates;
using namespace System::Text;
using namespace System::Xml;
// Sign an XML file and save the signature in a new file.
void SignDetachedResource( String^ URIString, String^ XmlSigFileName, RSA^ Key, String^ Certificate )
{
// Create a SignedXml object.
SignedXml^ signedXml = gcnew SignedXml;
// Assign the key to the SignedXml object.
signedXml->SigningKey = Key;
// Create a reference to be signed.
Reference^ reference = gcnew Reference;
// Add the passed URI to the reference object.
reference->Uri = URIString;
// Add the reference to the SignedXml object.
signedXml->AddReference( reference );
// Create a new KeyInfo object.
KeyInfo^ keyInfo = gcnew KeyInfo;
// Load the X509 certificate.
X509Certificate^ MSCert = X509Certificate::CreateFromCertFile( Certificate );
// Load the certificate into a KeyInfoX509Data object
// and add it to the KeyInfo object.
keyInfo->AddClause( gcnew KeyInfoX509Data( MSCert ) );
// Add the KeyInfo object to the SignedXml object.
signedXml->KeyInfo = keyInfo;
// Compute the signature.
signedXml->ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement^ xmlDigitalSignature = signedXml->GetXml();
// Save the signed XML document to a file specified
// using the passed string.
XmlTextWriter^ xmltw = gcnew XmlTextWriter( XmlSigFileName,gcnew UTF8Encoding( false ) );
xmlDigitalSignature->WriteTo( xmltw );
xmltw->Close();
}
[STAThread]
int main()
{
array<String^>^args = Environment::GetCommandLineArgs();
// The URI to sign.
String^ resourceToSign = "http://www.microsoft.com";
// The name of the file to which to save the XML signature.
String^ XmlFileName = "xmldsig.xml";
// The name of the X509 certificate
String^ Certificate = "microsoft.cer";
try
{
// Generate a signing key. This key should match the certificate.
RSA^ Key = RSA::Create();
Console::WriteLine( "Signing: {0}", resourceToSign );
// Sign the detached resource and save the signature in an XML file.
SignDetachedResource( resourceToSign, XmlFileName, Key, Certificate );
Console::WriteLine( "XML signature was successfully computed and saved to {0}.", XmlFileName );
}
catch ( CryptographicException^ e )
{
Console::WriteLine( e->Message );
}
}
//
// This example signs a file specified by a URI
// using a detached signature. It then verifies
// the signed XML.
//
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Xml;
class XMLDSIGDetached
{
[STAThread]
static void Main(string[] args)
{
// The URI to sign.
string resourceToSign = "http://www.microsoft.com";
// The name of the file to which to save the XML signature.
string XmlFileName = "xmldsig.xml";
// The name of the X509 certificate
string Certificate = "microsoft.cer";
try
{
// Generate a signing key. This key should match the certificate.
RSA Key = RSA.Create();
Console.WriteLine("Signing: {0}", resourceToSign);
// Sign the detached resourceand save the signature in an XML file.
SignDetachedResource(resourceToSign, XmlFileName, Key, Certificate);
Console.WriteLine("XML signature was successfully computed and saved to {0}.", XmlFileName);
}
catch(CryptographicException e)
{
Console.WriteLine(e.Message);
}
}
// Sign an XML file and save the signature in a new file.
public static void SignDetachedResource(string URIString, string XmlSigFileName, RSA Key, string Certificate)
{
// Create a SignedXml object.
SignedXml signedXml = new SignedXml();
// Assign the key to the SignedXml object.
signedXml.SigningKey = Key;
// Create a reference to be signed.
Reference reference = new Reference();
// Add the passed URI to the reference object.
reference.Uri = URIString;
// Add the reference to the SignedXml object.
signedXml.AddReference(reference);
// Create a new KeyInfo object.
KeyInfo keyInfo = new KeyInfo();
// Load the X509 certificate.
X509Certificate MSCert = X509Certificate.CreateFromCertFile(Certificate);
// Load the certificate into a KeyInfoX509Data object
// and add it to the KeyInfo object.
keyInfo.AddClause(new KeyInfoX509Data(MSCert));
// Add the KeyInfo object to the SignedXml object.
signedXml.KeyInfo = keyInfo;
// Compute the signature.
signedXml.ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement xmlDigitalSignature = signedXml.GetXml();
// Save the signed XML document to a file specified
// using the passed string.
XmlTextWriter xmltw = new XmlTextWriter(XmlSigFileName, new UTF8Encoding(false));
xmlDigitalSignature.WriteTo(xmltw);
xmltw.Close();
}
}
'
' This example signs a file specified by a URI
' using a detached signature. It then verifies
' the signed XML.
'
Imports System.Security.Cryptography
Imports System.Security.Cryptography.Xml
Imports System.Security.Cryptography.X509Certificates
Imports System.Text
Imports System.Xml
Class XMLDSIGDetached
<STAThread()> _
Overloads Shared Sub Main(args() As String)
' The URI to sign.
Dim resourceToSign As String = "http://www.microsoft.com"
' The name of the file to which to save the XML signature.
Dim XmlFileName As String = "xmldsig.xml"
' The name of the X509 certificate
Dim Certificate As String = "microsoft.cer"
Try
' Generate a signing key. This key should match the
' certificate.
Dim Key As RSA = RSA.Create()
Console.WriteLine("Signing: {0}", resourceToSign)
' Sign the detached resourceand save the signature in an XML file.
SignDetachedResource(resourceToSign, XmlFileName, Key, Certificate)
Console.WriteLine("XML signature was successfully computed and saved to {0}.", XmlFileName)
Catch e As CryptographicException
Console.WriteLine(e.Message)
End Try
End Sub
' Sign an XML file and save the signature in a new file.
Public Shared Sub SignDetachedResource(URIString As String, XmlSigFileName As String, Key As RSA, Certificate As String)
' Create a SignedXml object.
Dim signedXml As New SignedXml()
' Assign the key to the SignedXml object.
signedXml.SigningKey = Key
' Create a reference to be signed.
Dim reference As New Reference()
' Add the passed URI to the reference object.
reference.Uri = URIString
' Add the reference to the SignedXml object.
signedXml.AddReference(reference)
' Create a new KeyInfo object.
Dim keyInfo As New KeyInfo()
' Load the X509 certificate.
Dim MSCert As X509Certificate = X509Certificate.CreateFromCertFile(Certificate)
' Load the certificate into a KeyInfoX509Data object
' and add it to the KeyInfo object.
keyInfo.AddClause(New KeyInfoX509Data(MSCert))
' Add the KeyInfo object to the SignedXml object.
signedXml.KeyInfo = keyInfo
' Compute the signature.
signedXml.ComputeSignature()
' Get the XML representation of the signature and save
' it to an XmlElement object.
Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
' Save the signed XML document to a file specified
' using the passed string.
Dim xmltw As New XmlTextWriter(XmlSigFileName, New UTF8Encoding(False))
xmlDigitalSignature.WriteTo(xmltw)
xmltw.Close()
End Sub
End Class
Exemplo nº 2
//
// This example signs an XML file using an
// envelope signature. It then verifies the
// signed XML.
//
#using <System.Security.dll>
#using <System.Xml.dll>
using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::Xml;
using namespace System::Security::Cryptography::X509Certificates;
using namespace System::Text;
using namespace System::Xml;
// Sign an XML file and save the signature in a new file.
void SignXmlFile( String^ FileName, String^ SignedFileName, RSA^ Key, String^ Certificate )
{
// Create a new XML document.
XmlDocument^ doc = gcnew XmlDocument;
// Format the document to ignore white spaces.
doc->PreserveWhitespace = false;
// Load the passed XML file using its name.
doc->Load( gcnew XmlTextReader( FileName ) );
// Create a SignedXml object.
SignedXml^ signedXml = gcnew SignedXml( doc );
// Add the key to the SignedXml document.
signedXml->SigningKey = Key;
// Create a reference to be signed.
Reference^ reference = gcnew Reference;
reference->Uri = "";
// Add an enveloped transformation to the reference.
XmlDsigEnvelopedSignatureTransform^ env = gcnew XmlDsigEnvelopedSignatureTransform;
reference->AddTransform( env );
// Add the reference to the SignedXml object.
signedXml->AddReference( reference );
// Create a new KeyInfo object.
KeyInfo^ keyInfo = gcnew KeyInfo;
// Load the X509 certificate.
X509Certificate^ MSCert = X509Certificate::CreateFromCertFile( Certificate );
// Load the certificate into a KeyInfoX509Data object
// and add it to the KeyInfo object.
keyInfo->AddClause( gcnew KeyInfoX509Data( MSCert ) );
// Add the KeyInfo object to the SignedXml object.
signedXml->KeyInfo = keyInfo;
// Compute the signature.
signedXml->ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement^ xmlDigitalSignature = signedXml->GetXml();
// Append the element to the XML document.
doc->DocumentElement->AppendChild( doc->ImportNode( xmlDigitalSignature, true ) );
if ( (doc->FirstChild)->GetType() == XmlDeclaration::typeid )
{
doc->RemoveChild( doc->FirstChild );
}
// Save the signed XML document to a file specified
// using the passed string.
XmlTextWriter^ xmltw = gcnew XmlTextWriter( SignedFileName,gcnew UTF8Encoding( false ) );
doc->WriteTo( xmltw );
xmltw->Close();
}
// Create example data to sign.
void CreateSomeXml( String^ FileName )
{
// Create a new XmlDocument object.
XmlDocument^ document = gcnew XmlDocument;
// Create a new XmlNode object.
XmlNode^ node = document->CreateNode( XmlNodeType::Element, "", "MyElement", "samples" );
// Add some text to the node.
node->InnerText = "Example text to be signed.";
// Append the node to the document.
document->AppendChild( node );
// Save the XML document to the file name specified.
XmlTextWriter^ xmltw = gcnew XmlTextWriter( FileName,gcnew UTF8Encoding( false ) );
document->WriteTo( xmltw );
xmltw->Close();
}
int main()
{
String^ Certificate = "microsoft.cer";
try
{
// Generate a signing key.
RSA^ Key = RSA::Create();
// Create an XML file to sign.
CreateSomeXml( "Example.xml" );
Console::WriteLine( "New XML file created." );
// Sign the XML that was just created and save it in a
// new file.
SignXmlFile( "Example.xml", "SignedExample.xml", Key, Certificate );
Console::WriteLine( "XML file signed." );
}
catch ( CryptographicException^ e )
{
Console::WriteLine( e->Message );
}
return 0;
}
//
// This example signs an XML file using an
// envelope signature. It then verifies the
// signed XML.
//
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Xml;
public class SignVerifyEnvelope
{
public static void Main(String[] args)
{
string Certificate = "microsoft.cer";
try
{
// Generate a signing key.
RSA Key = RSA.Create();
// Create an XML file to sign.
CreateSomeXml("Example.xml");
Console.WriteLine("New XML file created.");
// Sign the XML that was just created and save it in a
// new file.
SignXmlFile("Example.xml", "SignedExample.xml", Key, Certificate);
Console.WriteLine("XML file signed.");
}
catch(CryptographicException e)
{
Console.WriteLine(e.Message);
}
}
// Sign an XML file and save the signature in a new file.
public static void SignXmlFile(string FileName, string SignedFileName, RSA Key, string Certificate)
{
// Create a new XML document.
XmlDocument doc = new XmlDocument();
// Format the document to ignore white spaces.
doc.PreserveWhitespace = false;
// Load the passed XML file using it's name.
doc.Load(new XmlTextReader(FileName));
// Create a SignedXml object.
SignedXml signedXml = new SignedXml(doc);
// Add the key to the SignedXml document.
signedXml.SigningKey = Key;
// Create a reference to be signed.
Reference reference = new Reference();
reference.Uri = "";
// Add an enveloped transformation to the reference.
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
// Add the reference to the SignedXml object.
signedXml.AddReference(reference);
// Create a new KeyInfo object.
KeyInfo keyInfo = new KeyInfo();
// Load the X509 certificate.
X509Certificate MSCert = X509Certificate.CreateFromCertFile(Certificate);
// Load the certificate into a KeyInfoX509Data object
// and add it to the KeyInfo object.
keyInfo.AddClause(new KeyInfoX509Data(MSCert));
// Add the KeyInfo object to the SignedXml object.
signedXml.KeyInfo = keyInfo;
// Compute the signature.
signedXml.ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement xmlDigitalSignature = signedXml.GetXml();
// Append the element to the XML document.
doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, true));
if (doc.FirstChild is XmlDeclaration)
{
doc.RemoveChild(doc.FirstChild);
}
// Save the signed XML document to a file specified
// using the passed string.
XmlTextWriter xmltw = new XmlTextWriter(SignedFileName, new UTF8Encoding(false));
doc.WriteTo(xmltw);
xmltw.Close();
}
// Create example data to sign.
public static void CreateSomeXml(string FileName)
{
// Create a new XmlDocument object.
XmlDocument document = new XmlDocument();
// Create a new XmlNode object.
XmlNode node = document.CreateNode(XmlNodeType.Element, "", "MyElement", "samples");
// Add some text to the node.
node.InnerText = "Example text to be signed.";
// Append the node to the document.
document.AppendChild(node);
// Save the XML document to the file name specified.
XmlTextWriter xmltw = new XmlTextWriter(FileName, new UTF8Encoding(false));
document.WriteTo(xmltw);
xmltw.Close();
}
}
'
' This example signs an XML file using an
' envelope signature. It then verifies the
' signed XML.
'
Imports System.Security.Cryptography
Imports System.Security.Cryptography.Xml
Imports System.Security.Cryptography.X509Certificates
Imports System.Text
Imports System.Xml
Public Class SignVerifyEnvelope
Overloads Public Shared Sub Main(args() As [String])
Dim Certificate As String = "microsoft.cer"
Try
' Generate a signing key.
Dim Key As RSA = RSA.Create()
' Create an XML file to sign.
CreateSomeXml("Example.xml")
Console.WriteLine("New XML file created.")
' Sign the XML that was just created and save it in a
' new file.
SignXmlFile("Example.xml", "SignedExample.xml", Key, Certificate)
Console.WriteLine("XML file signed.")
Catch e As CryptographicException
Console.WriteLine(e.Message)
End Try
End Sub
' Sign an XML file and save the signature in a new file.
Public Shared Sub SignXmlFile(FileName As String, SignedFileName As String, Key As RSA, Certificate As String)
' Create a new XML document.
Dim doc As New XmlDocument()
' Format the document to ignore white spaces.
doc.PreserveWhitespace = False
' Load the passed XML file using it's name.
doc.Load(New XmlTextReader(FileName))
' Create a SignedXml object.
Dim signedXml As New SignedXml(doc)
' Add the key to the SignedXml document.
signedXml.SigningKey = Key
' Create a reference to be signed.
Dim reference As New Reference()
reference.Uri = ""
' Add an enveloped transformation to the reference.
Dim env As New XmlDsigEnvelopedSignatureTransform()
reference.AddTransform(env)
' Add the reference to the SignedXml object.
signedXml.AddReference(reference)
' Create a new KeyInfo object.
Dim keyInfo As New KeyInfo()
' Load the X509 certificate.
Dim MSCert As X509Certificate = X509Certificate.CreateFromCertFile(Certificate)
' Load the certificate into a KeyInfoX509Data object
' and add it to the KeyInfo object.
keyInfo.AddClause(New KeyInfoX509Data(MSCert))
' Add the KeyInfo object to the SignedXml object.
signedXml.KeyInfo = keyInfo
' Compute the signature.
signedXml.ComputeSignature()
' Get the XML representation of the signature and save
' it to an XmlElement object.
Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
' Append the element to the XML document.
doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, True))
If TypeOf doc.FirstChild Is XmlDeclaration Then
doc.RemoveChild(doc.FirstChild)
End If
' Save the signed XML document to a file specified
' using the passed string.
Dim xmltw As New XmlTextWriter(SignedFileName, New UTF8Encoding(False))
doc.WriteTo(xmltw)
xmltw.Close()
End Sub
' Create example data to sign.
Public Shared Sub CreateSomeXml(FileName As String)
' Create a new XmlDocument object.
Dim document As New XmlDocument()
' Create a new XmlNode object.
Dim node As XmlNode = document.CreateNode(XmlNodeType.Element, "", "MyElement", "samples")
' Add some text to the node.
node.InnerText = "Example text to be signed."
' Append the node to the document.
document.AppendChild(node)
' Save the XML document to the file name specified.
Dim xmltw As New XmlTextWriter(FileName, New UTF8Encoding(False))
document.WriteTo(xmltw)
xmltw.Close()
End Sub
End Class
Comentários
A KeyInfoX509Data classe representa o <X509Data>
elemento que contém informações de certificado X.509v3 relacionadas à chave de validação ou criptografia. Por exemplo, um <X509Data>
elemento pode conter um certificado X.509 cuja chave pública da entidade é a chave de validação ou uma cadeia de certificados X.509 que terminam em um certificado para a chave de validação ou outros identificadores para certificados X.509 relacionados.
Use a KeyInfoX509Data classe sempre que precisar incluir dados de certificado X.509 em um documento XML criptografado ou assinado.
Para obter mais informações sobre o <X509Data>
elemento, consulte a Seção 4.4.4 da especificação XMLDSIG ou a especificação de Criptografia XML, que estão disponíveis no site do W3C.
Construtores
KeyInfoX509Data() |
Inicializa uma nova instância da classe KeyInfoX509Data. |
KeyInfoX509Data(Byte[]) |
Inicializa uma nova instância da classe KeyInfoX509Data da codificação DER ASN.1 especificada de um certificado X.509v3. |
KeyInfoX509Data(X509Certificate) |
Inicializa uma nova instância da classe KeyInfoX509Data do certificado X.509v3 especificado. |
KeyInfoX509Data(X509Certificate, X509IncludeOption) |
Inicializa uma nova instância da classe KeyInfoX509Data do certificado X.509v3 especificado. |
Propriedades
Certificates |
Obtém uma lista de certificados X.509v3 contidos no objeto KeyInfoX509Data. |
CRL |
Obtém ou define a CRL (Lista de Certificados Revogados) dentro do objeto KeyInfoX509Data. |
IssuerSerials |
Obtém uma lista de estruturas X509IssuerSerial que representam um par de nome e número de série do emissor. |
SubjectKeyIds |
Obtém uma lista de SKIs (identificadores de chave de assunto) contidos no objeto KeyInfoX509Data. |
SubjectNames |
Obtém uma lista dos nomes de assunto das entidades contidas no objeto KeyInfoX509Data. |
Métodos
AddCertificate(X509Certificate) |
Adiciona o certificado X.509v3 especificado ao KeyInfoX509Data. |
AddIssuerSerial(String, String) |
Adiciona o par de nome do emissor e número de série especificado ao objeto KeyInfoX509Data. |
AddSubjectKeyId(Byte[]) |
Adiciona a matriz de bytes do SKI (identificador de chave da entidade) especificada ao objeto KeyInfoX509Data. |
AddSubjectKeyId(String) |
Adiciona a cadeia de caracteres de SKI (identificador de chave da entidade) especificada ao objeto KeyInfoX509Data. |
AddSubjectName(String) |
Adiciona o nome de assunto da entidade que recebeu um certificado X.509v3 ao objeto KeyInfoX509Data. |
Equals(Object) |
Determina se o objeto especificado é igual ao objeto atual. (Herdado de Object) |
GetHashCode() |
Serve como a função de hash padrão. (Herdado de Object) |
GetType() |
Obtém o Type da instância atual. (Herdado de Object) |
GetXml() |
Retorna uma representação XML do objeto KeyInfoX509Data. |
LoadXml(XmlElement) |
Analisa o objeto XmlElement de entrada e configura o estado interno do objeto KeyInfoX509Data a corresponder. |
MemberwiseClone() |
Cria uma cópia superficial do Object atual. (Herdado de Object) |
ToString() |
Retorna uma cadeia de caracteres que representa o objeto atual. (Herdado de Object) |