KeyInfoX509Data Konstruktoren

Definition

Initialisiert eine neue Instanz der KeyInfoX509Data-Klasse.

Überlädt

KeyInfoX509Data()

Initialisiert eine neue Instanz der KeyInfoX509Data-Klasse.

KeyInfoX509Data(Byte[])

Initialisiert eine neue Instanz der KeyInfoX509Data-Klasse aus der angegebenen ASN.1 DER-Codierung eines X.509v3-Zertifikats.

KeyInfoX509Data(X509Certificate)

Initialisiert eine neue Instanz der KeyInfoX509Data-Klasse aus dem angegebenen X.509v3-Zertifikat.

KeyInfoX509Data(X509Certificate, X509IncludeOption)

Initialisiert eine neue Instanz der KeyInfoX509Data-Klasse aus dem angegebenen X.509v3-Zertifikat.

KeyInfoX509Data()

Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs

Initialisiert eine neue Instanz der KeyInfoX509Data-Klasse.

public:
 KeyInfoX509Data();
public KeyInfoX509Data ();
Public Sub New ()

Gilt für:

KeyInfoX509Data(Byte[])

Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs

Initialisiert eine neue Instanz der KeyInfoX509Data-Klasse aus der angegebenen ASN.1 DER-Codierung eines X.509v3-Zertifikats.

public:
 KeyInfoX509Data(cli::array <System::Byte> ^ rgbCert);
public KeyInfoX509Data (byte[] rgbCert);
new System.Security.Cryptography.Xml.KeyInfoX509Data : byte[] -> System.Security.Cryptography.Xml.KeyInfoX509Data
Public Sub New (rgbCert As Byte())

Parameter

rgbCert
Byte[]

Die ASN.1 DER-Codierung eines X509Certificate-Objekts, aus dem die neue Instanz von KeyInfoX509Data initialisiert werden soll.

Gilt für:

KeyInfoX509Data(X509Certificate)

Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs

Initialisiert eine neue Instanz der KeyInfoX509Data-Klasse aus dem angegebenen X.509v3-Zertifikat.

public:
 KeyInfoX509Data(System::Security::Cryptography::X509Certificates::X509Certificate ^ cert);
public KeyInfoX509Data (System.Security.Cryptography.X509Certificates.X509Certificate cert);
new System.Security.Cryptography.Xml.KeyInfoX509Data : System.Security.Cryptography.X509Certificates.X509Certificate -> System.Security.Cryptography.Xml.KeyInfoX509Data
Public Sub New (cert As X509Certificate)

Parameter

cert
X509Certificate

Das X509Certificate-Objekt, aus dem die neue Instanz von KeyInfoX509Data initialisiert werden soll.

Ausnahmen

Der cert-Parameter ist null.

Beispiele

Dieser Abschnitt enthält zwei Codebeispiele. Im ersten Beispiel wird veranschaulicht, wie eine XML-Datei mit einer getrennten Signatur signiert wird. Im zweiten Beispiel wird veranschaulicht, wie eine XML-Datei mit einer Umschlagsignatur signiert wird.

Beispiel Nr. 1

// Sign an XML file and save the signature in a new file.
void SignDetachedResource( String^ URIString, String^ XmlSigFileName, RSA^ Key, String^ Certificate )
{
   
   // Create a SignedXml object.
   SignedXml^ signedXml = gcnew SignedXml;
   
   // Assign the key to the SignedXml object.
   signedXml->SigningKey = Key;
   
   // Create a reference to be signed.
   Reference^ reference = gcnew Reference;
   
   // Add the passed URI to the reference object.
   reference->Uri = URIString;
   
   // Add the reference to the SignedXml object.
   signedXml->AddReference( reference );
   
   // Create a new KeyInfo object.
   KeyInfo^ keyInfo = gcnew KeyInfo;
   
   // Load the X509 certificate.
   X509Certificate^ MSCert = X509Certificate::CreateFromCertFile( Certificate );
   
   // Load the certificate into a KeyInfoX509Data object
   // and add it to the KeyInfo object.
   keyInfo->AddClause( gcnew KeyInfoX509Data( MSCert ) );
   
   // Add the KeyInfo object to the SignedXml object.
   signedXml->KeyInfo = keyInfo;
   
   // Compute the signature.
   signedXml->ComputeSignature();
   
   // Get the XML representation of the signature and save
   // it to an XmlElement object.
   XmlElement^ xmlDigitalSignature = signedXml->GetXml();
   
   // Save the signed XML document to a file specified
   // using the passed string.
   XmlTextWriter^ xmltw = gcnew XmlTextWriter( XmlSigFileName,gcnew UTF8Encoding( false ) );
   xmlDigitalSignature->WriteTo( xmltw );
   xmltw->Close();
}
   // Sign an XML file and save the signature in a new file.
   public static void SignDetachedResource(string URIString, string XmlSigFileName, RSA Key, string Certificate)
   {
       // Create a SignedXml object.
       SignedXml signedXml = new SignedXml();

       // Assign the key to the SignedXml object.
       signedXml.SigningKey = Key;

       // Create a reference to be signed.
       Reference reference = new Reference();

       // Add the passed URI to the reference object.
       reference.Uri = URIString;
       
       // Add the reference to the SignedXml object.
       signedXml.AddReference(reference);

       // Create a new KeyInfo object.
       KeyInfo keyInfo = new KeyInfo();

       // Load the X509 certificate.
       X509Certificate MSCert = X509Certificate.CreateFromCertFile(Certificate);

       // Load the certificate into a KeyInfoX509Data object
       // and add it to the KeyInfo object.
       keyInfo.AddClause(new KeyInfoX509Data(MSCert));
 
       // Add the KeyInfo object to the SignedXml object.
       signedXml.KeyInfo = keyInfo;

       // Compute the signature.
       signedXml.ComputeSignature();

       // Get the XML representation of the signature and save
       // it to an XmlElement object.
       XmlElement xmlDigitalSignature = signedXml.GetXml();

       // Save the signed XML document to a file specified
       // using the passed string.
       XmlTextWriter xmltw = new XmlTextWriter(XmlSigFileName, new UTF8Encoding(false));
       xmlDigitalSignature.WriteTo(xmltw);
       xmltw.Close();
   }
   ' Sign an XML file and save the signature in a new file.
   Public Shared Sub SignDetachedResource(URIString As String, XmlSigFileName As String, Key As RSA, Certificate As String)
      ' Create a SignedXml object.
      Dim signedXml As New SignedXml()
      
      ' Assign the key to the SignedXml object.
      signedXml.SigningKey = Key
      
      ' Create a reference to be signed.
      Dim reference As New Reference()
      
      ' Add the passed URI to the reference object.
      reference.Uri = URIString
      
      ' Add the reference to the SignedXml object.
      signedXml.AddReference(reference)
      
      ' Create a new KeyInfo object.
      Dim keyInfo As New KeyInfo()
      
      ' Load the X509 certificate.
      Dim MSCert As X509Certificate = X509Certificate.CreateFromCertFile(Certificate)
      
      ' Load the certificate into a KeyInfoX509Data object
      ' and add it to the KeyInfo object.
      keyInfo.AddClause(New KeyInfoX509Data(MSCert))
      
      ' Add the KeyInfo object to the SignedXml object.
      signedXml.KeyInfo = keyInfo
      
      ' Compute the signature.
      signedXml.ComputeSignature()
      
      ' Get the XML representation of the signature and save
      ' it to an XmlElement object.
      Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
      
      ' Save the signed XML document to a file specified
      ' using the passed string.
      Dim xmltw As New XmlTextWriter(XmlSigFileName, New UTF8Encoding(False))
      xmlDigitalSignature.WriteTo(xmltw)
      xmltw.Close()
   End Sub  
End Class

Beispiel Nr. 2

// Sign an XML file and save the signature in a new file.
void SignXmlFile( String^ FileName, String^ SignedFileName, RSA^ Key, String^ Certificate )
{
   
   // Create a new XML document.
   XmlDocument^ doc = gcnew XmlDocument;
   
   // Format the document to ignore white spaces.
   doc->PreserveWhitespace = false;
   
   // Load the passed XML file using its name.
   doc->Load( gcnew XmlTextReader( FileName ) );
   
   // Create a SignedXml object.
   SignedXml^ signedXml = gcnew SignedXml( doc );
   
   // Add the key to the SignedXml document. 
   signedXml->SigningKey = Key;
   
   // Create a reference to be signed.
   Reference^ reference = gcnew Reference;
   reference->Uri = "";
   
   // Add an enveloped transformation to the reference.
   XmlDsigEnvelopedSignatureTransform^ env = gcnew XmlDsigEnvelopedSignatureTransform;
   reference->AddTransform( env );
   
   // Add the reference to the SignedXml object.
   signedXml->AddReference( reference );
   
   // Create a new KeyInfo object.
   KeyInfo^ keyInfo = gcnew KeyInfo;
   
   // Load the X509 certificate.
   X509Certificate^ MSCert = X509Certificate::CreateFromCertFile( Certificate );
   
   // Load the certificate into a KeyInfoX509Data object
   // and add it to the KeyInfo object.
   keyInfo->AddClause( gcnew KeyInfoX509Data( MSCert ) );
   
   // Add the KeyInfo object to the SignedXml object.
   signedXml->KeyInfo = keyInfo;
   
   // Compute the signature.
   signedXml->ComputeSignature();
   
   // Get the XML representation of the signature and save
   // it to an XmlElement object.
   XmlElement^ xmlDigitalSignature = signedXml->GetXml();
   
   // Append the element to the XML document.
   doc->DocumentElement->AppendChild( doc->ImportNode( xmlDigitalSignature, true ) );
   if ( (doc->FirstChild)->GetType() == XmlDeclaration::typeid )
   {
      doc->RemoveChild( doc->FirstChild );
   }

   
   // Save the signed XML document to a file specified
   // using the passed string.
   XmlTextWriter^ xmltw = gcnew XmlTextWriter( SignedFileName,gcnew UTF8Encoding( false ) );
   doc->WriteTo( xmltw );
   xmltw->Close();
}
   // Sign an XML file and save the signature in a new file.
   public static void SignXmlFile(string FileName, string SignedFileName, RSA Key, string Certificate)
   {
       // Create a new XML document.
       XmlDocument doc = new XmlDocument();

       // Format the document to ignore white spaces.
       doc.PreserveWhitespace = false;

       // Load the passed XML file using it's name.
       doc.Load(new XmlTextReader(FileName));

       // Create a SignedXml object.
       SignedXml signedXml = new SignedXml(doc);

       // Add the key to the SignedXml document. 
       signedXml.SigningKey = Key;

       // Create a reference to be signed.
       Reference reference = new Reference();
       reference.Uri = "";

       // Add an enveloped transformation to the reference.
       XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
       reference.AddTransform(env);

       // Add the reference to the SignedXml object.
       signedXml.AddReference(reference);

       // Create a new KeyInfo object.
       KeyInfo keyInfo = new KeyInfo();

       // Load the X509 certificate.
       X509Certificate MSCert = X509Certificate.CreateFromCertFile(Certificate);

       // Load the certificate into a KeyInfoX509Data object
       // and add it to the KeyInfo object.
       keyInfo.AddClause(new KeyInfoX509Data(MSCert));
 
       // Add the KeyInfo object to the SignedXml object.
       signedXml.KeyInfo = keyInfo;

       // Compute the signature.
       signedXml.ComputeSignature();

       // Get the XML representation of the signature and save
       // it to an XmlElement object.
       XmlElement xmlDigitalSignature = signedXml.GetXml();

       // Append the element to the XML document.
       doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, true));

       if (doc.FirstChild is XmlDeclaration)  
       {
           doc.RemoveChild(doc.FirstChild);
       }

       // Save the signed XML document to a file specified
       // using the passed string.
       XmlTextWriter xmltw = new XmlTextWriter(SignedFileName, new UTF8Encoding(false));
       doc.WriteTo(xmltw);
       xmltw.Close();
   }
' Sign an XML file and save the signature in a new file.
Public Shared Sub SignXmlFile(FileName As String, SignedFileName As String, Key As RSA, Certificate As String)
   ' Create a new XML document.
   Dim doc As New XmlDocument()
   
   ' Format the document to ignore white spaces.
   doc.PreserveWhitespace = False
   
   ' Load the passed XML file using it's name.
   doc.Load(New XmlTextReader(FileName))
   
   ' Create a SignedXml object.
   Dim signedXml As New SignedXml(doc)
   
   ' Add the key to the SignedXml document. 
   signedXml.SigningKey = Key
   
   ' Create a reference to be signed.
   Dim reference As New Reference()
   reference.Uri = ""
   
   ' Add an enveloped transformation to the reference.
   Dim env As New XmlDsigEnvelopedSignatureTransform()
   reference.AddTransform(env)
   
   ' Add the reference to the SignedXml object.
   signedXml.AddReference(reference)
   
   ' Create a new KeyInfo object.
   Dim keyInfo As New KeyInfo()
   
   ' Load the X509 certificate.
   Dim MSCert As X509Certificate = X509Certificate.CreateFromCertFile(Certificate)
   
   ' Load the certificate into a KeyInfoX509Data object
   ' and add it to the KeyInfo object.
   keyInfo.AddClause(New KeyInfoX509Data(MSCert))
   
   ' Add the KeyInfo object to the SignedXml object.
   signedXml.KeyInfo = keyInfo
   
   ' Compute the signature.
   signedXml.ComputeSignature()
   
   ' Get the XML representation of the signature and save
   ' it to an XmlElement object.
   Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()
   
   ' Append the element to the XML document.
   doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, True))
   
   
   If TypeOf doc.FirstChild Is XmlDeclaration Then
      doc.RemoveChild(doc.FirstChild)
   End If
   
   ' Save the signed XML document to a file specified
   ' using the passed string.
   Dim xmltw As New XmlTextWriter(SignedFileName, New UTF8Encoding(False))
   doc.WriteTo(xmltw)
   xmltw.Close()
End Sub

Gilt für:

KeyInfoX509Data(X509Certificate, X509IncludeOption)

Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs
Quelle:
KeyInfoX509Data.cs

Initialisiert eine neue Instanz der KeyInfoX509Data-Klasse aus dem angegebenen X.509v3-Zertifikat.

public:
 KeyInfoX509Data(System::Security::Cryptography::X509Certificates::X509Certificate ^ cert, System::Security::Cryptography::X509Certificates::X509IncludeOption includeOption);
public KeyInfoX509Data (System.Security.Cryptography.X509Certificates.X509Certificate cert, System.Security.Cryptography.X509Certificates.X509IncludeOption includeOption);
new System.Security.Cryptography.Xml.KeyInfoX509Data : System.Security.Cryptography.X509Certificates.X509Certificate * System.Security.Cryptography.X509Certificates.X509IncludeOption -> System.Security.Cryptography.Xml.KeyInfoX509Data
Public Sub New (cert As X509Certificate, includeOption As X509IncludeOption)

Parameter

cert
X509Certificate

Das X509Certificate-Objekt, aus dem die neue Instanz von KeyInfoX509Data initialisiert werden soll.

includeOption
X509IncludeOption

Einer der X509IncludeOption-Werte, die angeben, wie groß der einzuschließende Anteil der Zertifikatskette ist.

Ausnahmen

Der cert-Parameter ist null.

Das Zertifikat besitzt nur eine partielle Zertifikatskette.

Beispiele

Im folgenden Codebeispiel wird veranschaulicht, wie Sie das KeyInfoX509Data -Objekt beim Signieren und Überprüfen eines XML-Dokuments verwenden.

//
// This example signs an XML file using an
// envelope signature. It then verifies the 
// signed XML.
//
// You must have a certificate with a subject name
// of "CN=XMLDSIG_Test" in the "My" certificate store. 
//
// Run the following command to create a certificate
// and place it in the store.
// makecert -r -pe -n "CN=XMLDSIG_Test" -b 01/01/2005 -e 01/01/2010 -sky signing -ss my

using System;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Xml;

public class SignVerifyEnvelope
{

    public static void Main(String[] args)
    {

        string Certificate = "CN=XMLDSIG_Test";

        try
        {

            // Create an XML file to sign.
            CreateSomeXml("Example.xml");
            Console.WriteLine("New XML file created.");

            // Sign the XML that was just created and save it in a 
            // new file.
            SignXmlFile("Example.xml", "SignedExample.xml", Certificate);
            Console.WriteLine("XML file signed.");

            if (VerifyXmlFile("SignedExample.xml", Certificate))
            {
                Console.WriteLine("The XML signature is valid.");
            }
            else
            {
                Console.WriteLine("The XML signature is not valid.");
            }
        }
        catch (CryptographicException e)
        {
            Console.WriteLine(e.Message);
        }
    }

    // Sign an XML file and save the signature in a new file.
    public static void SignXmlFile(string FileName, string SignedFileName, string SubjectName)
    {
        if (null == FileName)
            throw new ArgumentNullException("FileName");
        if (null == SignedFileName)
            throw new ArgumentNullException("SignedFileName");
        if (null == SubjectName)
            throw new ArgumentNullException("SubjectName");

        // Load the certificate from the certificate store.
        X509Certificate2 cert = GetCertificateBySubject(SubjectName);

        // Create a new XML document.
        XmlDocument doc = new XmlDocument();

        // Format the document to ignore white spaces.
        doc.PreserveWhitespace = false;

        // Load the passed XML file using it's name.
        doc.Load(new XmlTextReader(FileName));

        // Create a SignedXml object.
        SignedXml signedXml = new SignedXml(doc);

        // Add the key to the SignedXml document. 
        signedXml.SigningKey = cert.GetRSAPrivateKey();

        // Create a reference to be signed.
        Reference reference = new Reference();
        reference.Uri = "";

        // Add an enveloped transformation to the reference.
        XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
        reference.AddTransform(env);

        // Add the reference to the SignedXml object.
        signedXml.AddReference(reference);

        // Create a new KeyInfo object.
        KeyInfo keyInfo = new KeyInfo();

        // Load the certificate into a KeyInfoX509Data object
        // and add it to the KeyInfo object.
        KeyInfoX509Data X509KeyInfo = new KeyInfoX509Data(cert, X509IncludeOption.WholeChain);

        keyInfo.AddClause(X509KeyInfo);

        // Add the KeyInfo object to the SignedXml object.
        signedXml.KeyInfo = keyInfo;

        // Compute the signature.
        signedXml.ComputeSignature();

        // Get the XML representation of the signature and save
        // it to an XmlElement object.
        XmlElement xmlDigitalSignature = signedXml.GetXml();

        // Append the element to the XML document.
        doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, true));

        if (doc.FirstChild is XmlDeclaration)
        {
            doc.RemoveChild(doc.FirstChild);
        }

        // Save the signed XML document to a file specified
        // using the passed string.
        using (XmlTextWriter xmltw = new XmlTextWriter(SignedFileName, new UTF8Encoding(false)))
        {
            doc.WriteTo(xmltw);
            xmltw.Close();
        }
    }

    // Verify the signature of an XML file against an asymmetric 
    // algorithm and return the result.
    public static Boolean VerifyXmlFile(String FileName, String CertificateSubject)
    {
        // Check the args.
        if (null == FileName)
            throw new ArgumentNullException("FileName");
        if (null == CertificateSubject)
            throw new ArgumentNullException("CertificateSubject");

        // Load the certificate from the store.
        X509Certificate2 cert = GetCertificateBySubject(CertificateSubject);

        // Create a new XML document.
        XmlDocument xmlDocument = new XmlDocument();

        // Load the passed XML file into the document. 
        xmlDocument.Load(FileName);

        // Create a new SignedXml object and pass it
        // the XML document class.
        SignedXml signedXml = new SignedXml(xmlDocument);

        // Find the "Signature" node and create a new
        // XmlNodeList object.
        XmlNodeList nodeList = xmlDocument.GetElementsByTagName("Signature");

        // Load the signature node.
        signedXml.LoadXml((XmlElement)nodeList[0]);

        // Check the signature and return the result.
        return signedXml.CheckSignature(cert, true);
    }

    public static X509Certificate2 GetCertificateBySubject(string CertificateSubject)
    {
        // Check the args.
        if (null == CertificateSubject)
            throw new ArgumentNullException("CertificateSubject");

        // Load the certificate from the certificate store.
        X509Certificate2 cert = null;

        X509Store store = new X509Store("My", StoreLocation.CurrentUser);

        try
        {
            // Open the store.
            store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

            // Get the certs from the store.
            X509Certificate2Collection CertCol = store.Certificates;

            // Find the certificate with the specified subject.
            foreach (X509Certificate2 c in CertCol)
            {
                if (c.Subject == CertificateSubject)
                {
                    cert = c;
                    break;
                }
            }

            // Throw an exception of the certificate was not found.
            if (cert == null)
            {
                throw new CryptographicException("The certificate could not be found.");
            }
        }
        finally
        {
            // Close the store even if an exception was thrown.
            store.Close();
        }

        return cert;
    }

    // Create example data to sign.
    public static void CreateSomeXml(string FileName)
    {
        // Check the args.
        if (null == FileName)
            throw new ArgumentNullException("FileName");

        // Create a new XmlDocument object.
        XmlDocument document = new XmlDocument();

        // Create a new XmlNode object.
        XmlNode node = document.CreateNode(XmlNodeType.Element, "", "MyElement", "samples");

        // Add some text to the node.
        node.InnerText = "Example text to be signed.";

        // Append the node to the document.
        document.AppendChild(node);

        // Save the XML document to the file name specified.
        using (XmlTextWriter xmltw = new XmlTextWriter(FileName, new UTF8Encoding(false)))
        {
            document.WriteTo(xmltw);

            xmltw.Close();
        }
    }
}
// This code example displays the following to the console:
//
// New XML file created.
// XML file signed.
// The XML signature is valid.
'
' This example signs an XML file using an
' envelope signature. It then verifies the 
' signed XML.
'
' You must have a certificate with a subject name
' of "CN=XMLDSIG_Test" in the "My" certificate store. 
'
' Run the following command to create a certificate
' and place it in the store.
' makecert -r -pe -n "CN=XMLDSIG_Test" -b 01/01/2005 -e 01/01/2010 -sky signing -ss my
Imports System.Security.Cryptography
Imports System.Security.Cryptography.Xml
Imports System.Security.Cryptography.X509Certificates
Imports System.Text
Imports System.Xml



Module SignVerifyEnvelope


    Sub Main(ByVal args() As String)

        Dim Certificate As String = "CN=XMLDSIG_Test"

        Try

            ' Create an XML file to sign.
            CreateSomeXml("Example.xml")
            Console.WriteLine("New XML file created.")

            ' Sign the XML that was just created and save it in a 
            ' new file.
            SignXmlFile("Example.xml", "SignedExample.xml", Certificate)
            Console.WriteLine("XML file signed.")

            If VerifyXmlFile("SignedExample.xml", Certificate) Then
                Console.WriteLine("The XML signature is valid.")
            Else
                Console.WriteLine("The XML signature is not valid.")
            End If
        Catch e As CryptographicException
            Console.WriteLine(e.Message)
        End Try

    End Sub


    ' Sign an XML file and save the signature in a new file.
    Sub SignXmlFile(ByVal FileName As String, ByVal SignedFileName As String, ByVal SubjectName As String)
        If Nothing = FileName Then
            Throw New ArgumentNullException("FileName")
        End If
        If Nothing = SignedFileName Then
            Throw New ArgumentNullException("SignedFileName")
        End If
        If Nothing = SubjectName Then
            Throw New ArgumentNullException("SubjectName")
        End If
        ' Load the certificate from the certificate store.
        Dim cert As X509Certificate2 = GetCertificateBySubject(SubjectName)

        ' Create a new XML document.
        Dim doc As New XmlDocument()

        ' Format the document to ignore white spaces.
        doc.PreserveWhitespace = False

        ' Load the passed XML file using it's name.
        doc.Load(New XmlTextReader(FileName))

        ' Create a SignedXml object.
        Dim signedXml As New SignedXml(doc)

        ' Add the key to the SignedXml document. 
        signedXml.SigningKey = cert.GetRSAPrivateKey()

        ' Create a reference to be signed.
        Dim reference As New Reference()
        reference.Uri = ""

        ' Add an enveloped transformation to the reference.
        Dim env As New XmlDsigEnvelopedSignatureTransform()
        reference.AddTransform(env)

        ' Add the reference to the SignedXml object.
        signedXml.AddReference(reference)

        ' Create a new KeyInfo object.
        Dim keyInfo As New KeyInfo()

        ' Load the certificate into a KeyInfoX509Data object
        ' and add it to the KeyInfo object.
        Dim X509KeyInfo As New KeyInfoX509Data(cert, X509IncludeOption.WholeChain)

        keyInfo.AddClause(X509KeyInfo)

        ' Add the KeyInfo object to the SignedXml object.
        signedXml.KeyInfo = keyInfo

        ' Compute the signature.
        signedXml.ComputeSignature()

        ' Get the XML representation of the signature and save
        ' it to an XmlElement object.
        Dim xmlDigitalSignature As XmlElement = signedXml.GetXml()

        ' Append the element to the XML document.
        doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, True))


        If TypeOf doc.FirstChild Is XmlDeclaration Then
            doc.RemoveChild(doc.FirstChild)
        End If

        ' Save the signed XML document to a file specified
        ' using the passed string.
        Dim xmltw As New XmlTextWriter(SignedFileName, New UTF8Encoding(False))
        Try
            doc.WriteTo(xmltw)

        Finally
            xmltw.Close()
        End Try

    End Sub

    ' Verify the signature of an XML file against an asymmetric 
    ' algorithm and return the result.
    Function VerifyXmlFile(ByVal FileName As String, ByVal CertificateSubject As String) As [Boolean]
        ' Check the args.
        If Nothing = FileName Then
            Throw New ArgumentNullException("FileName")
        End If
        If Nothing = CertificateSubject Then
            Throw New ArgumentNullException("CertificateSubject")
        End If
        ' Load the certificate from the store.
        Dim cert As X509Certificate2 = GetCertificateBySubject(CertificateSubject)

        ' Create a new XML document.
        Dim xmlDocument As New XmlDocument()

        ' Load the passed XML file into the document. 
        xmlDocument.Load(FileName)

        ' Create a new SignedXml object and pass it
        ' the XML document class.
        Dim signedXml As New SignedXml(xmlDocument)

        ' Find the "Signature" node and create a new
        ' XmlNodeList object.
        Dim nodeList As XmlNodeList = xmlDocument.GetElementsByTagName("Signature")

        ' Load the signature node.
        signedXml.LoadXml(CType(nodeList(0), XmlElement))

        ' Check the signature and return the result.
        Return signedXml.CheckSignature(cert, True)

    End Function



    Function GetCertificateBySubject(ByVal CertificateSubject As String) As X509Certificate2
        ' Check the args.
        If Nothing = CertificateSubject Then
            Throw New ArgumentNullException("CertificateSubject")
        End If

        ' Load the certificate from the certificate store.
        Dim cert As X509Certificate2 = Nothing

        Dim store As New X509Store("My", StoreLocation.CurrentUser)

        Try
            ' Open the store.
            store.Open(OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly)

            ' Get the certs from the store.
            Dim CertCol As X509Certificate2Collection = store.Certificates

            ' Find the certificate with the specified subject.
            Dim c As X509Certificate2
            For Each c In CertCol
                If c.Subject = CertificateSubject Then
                    cert = c
                    Exit For
                End If
            Next c

            ' Throw an exception of the certificate was not found.
            If cert Is Nothing Then
                Throw New CryptographicException("The certificate could not be found.")
            End If
        Finally
            ' Close the store even if an exception was thrown.
            store.Close()
        End Try

        Return cert

    End Function


    ' Create example data to sign.
    Sub CreateSomeXml(ByVal FileName As String)
        ' Check the args.
        If Nothing = FileName Then
            Throw New ArgumentNullException("FileName")
        End If
        ' Create a new XmlDocument object.
        Dim document As New XmlDocument()

        ' Create a new XmlNode object.
        Dim node As XmlNode = document.CreateNode(XmlNodeType.Element, "", "MyElement", "samples")

        ' Add some text to the node.
        node.InnerText = "Example text to be signed."

        ' Append the node to the document.
        document.AppendChild(node)

        ' Save the XML document to the file name specified.
        Dim xmltw As New XmlTextWriter(FileName, New UTF8Encoding(False))
        Try
            document.WriteTo(xmltw)

        Finally
            xmltw.Close()
        End Try

    End Sub
End Module
' This code example displays the following to the console:
'
' New XML file created.
' XML file signed.
' The XML signature is valid.

Gilt für: