我有这个代码来签署安全令牌
public static XmlElement SignDoc(XmlDocument doc, X509Certificate2 cert2, string referenceId, string referenceValue)
{
SamlSignedXml sig = new SamlSignedXml(doc, referenceId);
sig.SigningKey = cert2.PrivateKey;
Reference reference = new Reference();
reference.Uri = String.Empty;
reference.Uri = "#" + referenceValue;
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
XmlDsigC14NTransform env2 = new XmlDsigC14NTransform();
reference.AddTransform(env);
reference.AddTransform(env2);
sig.AddReference(reference);
KeyInfo keyInfo = new KeyInfo();
KeyInfoX509Data keyData = new KeyInfoX509Data(cert2);
keyInfo.AddClause(keyData);
sig.KeyInfo = keyInfo;
sig.ComputeSignature();
XmlElement xmlDigitalSignature = sig.GetXml();
return xmlDigitalSignature;
}
这给出了以下输出:
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="#_5a57c7d5-3a15-45a4-8d66-c963357450ea">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>sql/Wucg3rSaKeLU8QQgQVqktK8=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>GG3rRZzLgH9MNTXKv3Xx+o9SarLXmk9Y6QfiMB/q/dqDFLO6us03Gutb81aRY9ceW5FoXO7FsENXvS7Q5gALyJRD5FzpaI5oxUsFvLVZKWwv+DmzEHLyxuCYZwjs12gAH8dJ9TiMocRIT9FBblTRreubR3hv70V56ZtZgm10DaA=</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIIFtzCCBJ+gAwIBAgIERcSAVzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJESzEMMAoGA1UEChMDVERDMRQwEgYDVQQDEwtUREMgT0NFUyBDQTAeFw0xMjA1MjMwOTE1NTVaFw0xNDA1MjMwOTQ1NTVaMIGqMQswCQYDVQQGEwJESzE+MDwGA1UEChQ1VmVqbGUgT3BsYW5kcyBTdHL4bWZvcnN5bmluZyBBLm0uYi5hLiAvLyBDVlI6MjYwNDk5MDMxWzAgBgNVBAUTGUNWUjoyNjA0OTkwMy1VSUQ6NzI1MTc1NzgwNwYDVQQDFDBWZWpsZSBPcGxhbmRzIFN0cvhtZm9yc3luaW5nIEEubS5iLmEuIC0gVk9TIEFtYmEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM38QtJ+0vW/wyYPcie0HAIRuBzs4FfJd07TSeLQE2pr+gBLb3iFrVu3irTjk9ZW/lt8wBIPMercIzJtdGFRdpfH8suqpv8ctIjtZJXUVyhOXRqfoCw1g+sm0+M7W4OGJSmhz5IpReX4wmrYHKm2K8jXbY5PNi4Nz2jqkGiO7/3dAgMBAAGjggLfMIIC2zAOBgNVHQ8BAf8EBAMCA7gwKwYDVR0QBCQwIoAPMjAxMjA1MjMwOTE1NTVagQ8yMDE0MDUyMzA5NDU1NVowggE3BgNVHSAEggEuMIIBKjCCASYGCiqBUIEpAQEBAwMwggEWMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmNlcnRpZmlrYXQuZGsvcmVwb3NpdG9yeTCB4gYIKwYBBQUHAgIwgdUwChYDVERDMAMCAQEagcZGb3IgYW52ZW5kZWxzZSBhZiBjZXJ0aWZpa2F0ZXQgZ+ZsZGVyIE9DRVMgdmlsa+VyLCBDUFMgb2cgT0NFUyBDUCwgZGVyIGthbiBoZW50ZXMgZnJhIHd3dy5jZXJ0aWZpa2F0LmRrL3JlcG9zaXRvcnkuIEJlbeZyaywgYXQgVERDIGVmdGVyIHZpbGvlcmVuZSBoYXIgZXQgYmVncuZuc2V0IGFuc3ZhciBpZnQuIHByb2Zlc3Npb25lbGxlIHBhcnRlci4wQQYIKwYBBQUHAQEENTAzMDEGCCsGAQUFBzABhiVodHRwOi8vb2NzcC5jZXJ0aWZpa2F0LmRrL29jc3Avc3RhdHVzMDEGA1UdJQQqMCgGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEMIGEBgNVHR8EfTB7MEugSaBHpEUwQzELMAkGA1UEBhMCREsxDDAKBgNVBAoTA1REQzEUMBIGA1UEAxMLVERDIE9DRVMgQ0ExEDAOBgNVBAMTB0NSTDYxMTcwLKAqoCiGJmh0dHA6Ly9jcmwub2Nlcy5jZXJ0aWZpa2F0LmRrL29jZXMuY3JsMB8GA1UdIwQYMBaAFGC1hexWZH4SGSdnHVAVS3OuO/kSMB0GA1UdDgQWBBTSebqvOVQaqvWySI9HseingRaTtTAJBgNVHRMEAjAAMBkGCSqGSIb2fQdBAAQMMAobBFY3LjEDAgOoMA0GCSqGSIb3DQEBBQUAA4IBAQBhG6V7V/Fro6HxQYeXLzxGaqmfV1cmQ9wu38RU10iMIf8AJveOPFF/rd2ezhqgzK4z4QKC37PV5/UT/wtfoud03576q+qwNXO41fARBMhJFfrjSxSrq0iXOhLSVoTyk8W/Y8LP1mGD8qaJtrJ2ZNnWHrqhW2EvChLe1+aYGOkwylJUeJIWLdGLjA9OZ1hiA1yEhmYwhlfstV421sKKgUwVYcRBzwerQ1M+Yy438oR2+Aaa2zgteLA1wXeiE1U4K7yvbP2TgVrIeLC56K3EENkLCahpUPRzbLoQMFq2RacBuy2SFTXlXa0Bgj5ToerOH+Tnm10sFeIDjPISx978z73w</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
但正如您所看到的,这是使用 sha1 签名的,我需要使用 sha256 对其进行签名。有人能告诉我我能做些什么来使这项工作与 sha256 一起工作吗?