Skip to content

XML Signature and XML Encryption using Bouncy Castle (C#)

License

Notifications You must be signed in to change notification settings

kmvi/bc-xml-security

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

86 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

bc-xml-security

Implementation of the XML Security standards using Bouncy Castle:

  • XML Signature Syntax and Processing
  • XML Encryption Syntax and Processing

Adapted from .NET Core sources.

Example

See samples folder

// Load certificate and private key form PKCS12 container
Pkcs12Store store = new Pkcs12StoreBuilder().Build();
using (FileStream strm = File.OpenRead(@"d:\123.pfx"))
	store.Load(strm, new [] { '1' });
string alias = store.Aliases.First();
X509Certificate cert = store.GetCertificate(alias).Certificate;
AsymmetricKeyParameter privKey = store.GetKey(alias).Key;

// Element to sign
var doc = new XmlDocument();
doc.LoadXml("<a id=\"test\">some test node</a>");

var sgn = new SignedXml(doc);
var rf = new Reference();
rf.AddTransform(new XmlDsigEnvelopedSignatureTransform());
rf.AddTransform(new XmlDsigC14NTransform());
rf.DigestMethod = SignedXml.XmlDsigSHA1Url;
rf.Uri = "#test";

sgn.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
sgn.AddReference(rf);
sgn.KeyInfo = new KeyInfo();
sgn.KeyInfo.AddClause(new KeyInfoX509Data(cert));
sgn.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA1Url;
sgn.SigningKey = privKey;

sgn.ComputeSignature();
XmlElement signature = sgn.GetXml(); // <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> ...

// Check signature
var sgn2 = new SignedXml(doc);
sgn2.LoadXml(signature);
sgn2.CheckSignature(cert, true);