Good morning,
I have an application developed in C #, installed on several clients.
I've developed the code snippet below for signing on SHA256 and it works great with the latest .NET FRAMEWORKS:
class Assinatura
{
public string AssinarSHA256(Int32 lnEvento,
string arqXMLAssinar,
string tagAssinatura,
string tagAtributoId,
X509Certificate2 x509Cert,
string lxURI)
{
try
{
string xmlString;
xmlString = arqXMLAssinar;
XmlDocument doc = new XmlDocument();
// Format the document to ignore white spaces.
doc.PreserveWhitespace = false;
doc.LoadXml(xmlString);
XmlElement xmlDigitalSignature = null;
// Load the passed XML file using it’s name.
if (doc.GetElementsByTagName(tagAssinatura).Count == 0)
{
throw new Exception("A tag de assinatura " + tagAssinatura.Trim() + " não existe no XML. (Código do Erro: 5)");
}
else if (doc.GetElementsByTagName(tagAtributoId).Count == 0)
{
throw new Exception("A tag de assinatura " + tagAtributoId.Trim() + " não existe no XML. (Código do Erro: 4)");
}
// Existe mais de uma tag a ser assinada
else
{
XmlNodeList lists = doc.GetElementsByTagName(tagAssinatura);
if (lists.Count != 1)
{
MessageBox.Show("Existe mais de uma TAG definida como tag da assinatura");
throw new Exception("Existe mais de uma tag de assinatura " + tagAtributoId.Trim() + " não existe no XML. (Código do Erro: 6)");
}
#region assinatura sha256 funcionando
foreach (XmlNode nodes in lists)
{
foreach (XmlNode childNodes in nodes.ChildNodes)
{
if (!childNodes.Name.Equals(tagAtributoId))
continue;
// Create a reference to be signed
Reference reference = new Reference();
reference.Uri = lxURI;
// Create a SignedXml object.
SignedXml signedXml = new SignedXml(doc);
signedXml.SigningKey = x509Cert.GetRSAPrivateKey();
signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
// Add an enveloped transformation to the reference.
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
XmlDsigC14NTransform c14 = new XmlDsigC14NTransform();
reference.AddTransform(c14);
reference.DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256";
// Add the reference to the SignedXml object.
signedXml.AddReference(reference);
// Create a new KeyInfo object
KeyInfo keyInfo = new KeyInfo();
// Load the certificate into a KeyInfoX509Data object
// and add it to the KeyInfo object.
keyInfo.AddClause(new KeyInfoX509Data(x509Cert));
// Add the KeyInfo object to the SignedXml object.
signedXml.KeyInfo = keyInfo;
signedXml.ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
xmlDigitalSignature = signedXml.GetXml();
// Gravar o elemento no documento XML
nodes.AppendChild(doc.ImportNode(xmlDigitalSignature, true));
}
}
#endregion
// Atualizar a string do XML já assinada
return doc.OuterXml;
}
}
catch (System.Security.Cryptography.CryptographicException ex)
{
throw new Exception("Mensagem:" + ex.Message + "\n" +
"Trace:" + ex.StackTrace + "\n" +
"Dados" + ex.Data + "\n" +
ex.ToString());// #12342 concatenar com a mensagem original
}
finally
{
}
}
}
My problem is that some clients have the Windows XP operating system, which limits the use of .NET frameworks prior to or equal to 4.6 and could not find anything similar to replace the function:
signedXml.SigningKey = x509Cert.GetRSAPrivateKey();
That is only present in the most current versions of the .NET framework
Could someone help me with this?!