我想知道如何使用 USB 令牌在 ASP.NET C# 中对 XML 文件进行数字签名?
我想知道如何从 mosearbear USB 令牌中获取证书并使用其中包含的私钥对 XML 文件进行数字签名?
由于USB 在客户端机器上,我想在客户端系统上签署 XMl 文件,那么该怎么做呢?
我所知道的是,在客户端机器上访问设备并不容易,但我知道可以使用 capicom 完成,但不知道如何。
我最近知道的是,微软停止了 capicom。那么它的替代方案是什么?
我有一段代码,但这似乎不是我想要的。谁能帮我吗?
X509Store store = new X509Store(StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
X509CertificateCollection certificates = X509Certificate2UI.SelectFromCollection(store.Certificates,
"Certificados conocidos",
"Por favor seleccione el certificado con el cual desea firmar",
X509SelectionFlag.SingleSelection
);
store.Close();
X509Certificate2 certificate = null;
if (certificates.Count != 0)
{
//The selected certificate
certificate = (X509Certificate2)certificates[0];
}
else
{
//The user didn't select a certificate
//return "El usuario canceló la selección de un certificado";
}
//Check certificate's atributes to identify the type of certificate (censored)
if (certificate.Issuer != "CN=............................., OU=................., O=..., C=US")
{
//The selected certificate is not of the needed type
// return "El certificado seleccionado no corresponde a un token ...";
}
//Check if the certificate is issued to the current user
//if (!certificate.Subject.ToUpper().Contains(("E=" + pUserADLogin + "@censoreddomain.com").ToUpper()))
//{
// //return "El certificado seleccionado no corresponde al usuario actual";
//}
//Check if the token is currently plugged in
XmlDocument xmlDoc = new XmlDocument();
//XmlElement element = xmlDoc.CreateElement("Content", SignedXml.XmlDsigNamespaceUrl.ToString());
//element.InnerText = "comodin";
// xmlDoc.AppendChild(element);
SignedXml signedXml = new SignedXml();
//try
//{
// signedXml.SigningKey = certificate.PrivateKey;
//}
//catch
//{
// //USB Token is not plugged in
// // return "El token no se encuentra conectado al equipo";
//}
//DataObject dataObject = new DataObject();
//dataObject.Data = xmlDoc.ChildNodes;
//dataObject.Id = "CONTENT";
//signedXml.AddObject(dataObject);
//Reference reference = new Reference();
//reference.Uri = "#CONTENT";
//signedXml.AddReference(reference);
//Attempt to sign the data. The user will be prompted to enter his PIN
try
{
// signedXml.ComputeSignature();
}
catch
{
//User didn't enter the correct PIN
// return "Hubo un error confirmando la identidad del usuario";
}
// The user has signed with the correct token