KeyInfoX509Data クラス
XMLDSIG または XML Encryption <KeyInfo> 要素の <X509Data> サブ要素を表します。
名前空間: System.Security.Cryptography.Xml
アセンブリ: System.Security (system.security.dll 内)
構文
解説
使用例
継承階層
スレッド セーフ
プラットフォーム
バージョン情報
参照
アセンブリ: System.Security (system.security.dll 内)
構文解説KeyInfoX509Data クラスは、検証キーまたは暗号化キーに関連付けられている X.509v3 証明書情報を含む <X509Data> 要素を表します。たとえば、<X509Data> 要素には、サブジェクト公開キーが検証キーである X.509 証明書、検証キーの証明書で終了している X.509 証明書のチェーン、または関連付けられている X.509 証明書のその他の識別子を格納する場合があります。
KeyInfoX509Data クラスは、X.509 証明書データを暗号化または署名された XML ドキュメントに含める必要がある場合に必ず使用します。
<X509Data> 要素の詳細については、W3C (World Wide Web Consortium) (www.w3.org/TR/xmldsig-core/) から入手できる XMLDSIG 仕様のセクション 4.4.4 を参照するか、または W3C から入手できる XML Encryption 仕様 (www.w3.org/TR/xmlenc-core/) を参照してください。
使用例このセクションには、2 つのコード例が含まれています。最初の例では、デタッチ シグネチャを使用して XML ファイルに署名する方法を示します。2 番目の例では、エンベロープ シグネチャを使用して XML ファイルに署名する方法を示します。
' ' This example signs a file specified by a URI ' using a detached signature. It then verifies ' the signed XML. ' Imports System Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Imports System.Security.Cryptography.X509Certificates Imports System.Text Imports System.Xml Class XMLDSIGDetached <STAThread()> _ Overloads Shared Sub Main(args() As String) ' The URI to sign. Dim resourceToSign As String = "http://www.microsoft.com" ' The name of the file to which to save the XML signature. Dim XmlFileName As String = "xmldsig.xml" ' The name of the X509 certificate Dim Certificate As String = "microsoft.cer" Try ' Generate a signing key. This key should match the ' certificate. Dim Key As New RSACryptoServiceProvider() Console.WriteLine("Signing: {0}", resourceToSign) ' Sign the detached resourceand save the signature in an XML file. SignDetachedResource(resourceToSign, XmlFileName, Key, Certificate) Console.WriteLine("XML signature was succesfully computed and saved to {0}.", XmlFileName) Catch e As CryptographicException Console.WriteLine(e.Message) End Try End Sub ' Sign an XML file and save the signature in a new file. Public Shared Sub SignDetachedResource(URIString As String, XmlSigFileName As String, Key As RSA, Certificate As String) ' Create a SignedXml object. Dim signedXml As New SignedXml() ' Assign the key to the SignedXml object. signedXml.SigningKey = Key ' Create a reference to be signed. Dim reference As New Reference() ' Add the passed URI to the reference object. reference.Uri = URIString ' Add the reference to the SignedXml object. signedXml.AddReference(reference) ' Create a new KeyInfo object. Dim keyInfo As New KeyInfo() ' Load the X509 certificate. Dim MSCert As X509Certificate = X509Certificate.CreateFromCertFile(Certificate) ' Load the certificate into a KeyInfoX509Data object ' and add it to the KeyInfo object. keyInfo.AddClause(New KeyInfoX509Data(MSCert)) ' Add the KeyInfo object to the SignedXml object. signedXml.KeyInfo = keyInfo ' Compute the signature. signedXml.ComputeSignature() ' Get the XML representation of the signature and save ' it to an XmlElement object. Dim xmlDigitalSignature As XmlElement = signedXml.GetXml() ' Save the signed XML document to a file specified ' using the passed string. Dim xmltw As New XmlTextWriter(XmlSigFileName, New UTF8Encoding(False)) xmlDigitalSignature.WriteTo(xmltw) xmltw.Close() End Sub End Class
// // This example signs a file specified by a URI // using a detached signature. It then verifies // the signed XML. // using System; using System.Security.Cryptography; using System.Security.Cryptography.Xml; using System.Security.Cryptography.X509Certificates; using System.Text; using System.Xml; class XMLDSIGDetached { [STAThread] static void Main(string[] args) { // The URI to sign. string resourceToSign = "http://www.microsoft.com"; // The name of the file to which to save the XML signature. string XmlFileName = "xmldsig.xml"; // The name of the X509 certificate string Certificate = "microsoft.cer"; try { // Generate a signing key. This key should match the certificate. RSACryptoServiceProvider Key = new RSACryptoServiceProvider(); Console.WriteLine("Signing: {0}", resourceToSign); // Sign the detached resourceand save the signature in an XML file. SignDetachedResource(resourceToSign, XmlFileName, Key, Certificate); Console.WriteLine("XML signature was succesfully computed and saved to {0}.", XmlFileName); } catch(CryptographicException e) { Console.WriteLine(e.Message); } } // Sign an XML file and save the signature in a new file. public static void SignDetachedResource(string URIString, string XmlSigFileName, RSA Key, string Certificate) { // Create a SignedXml object. SignedXml signedXml = new SignedXml(); // Assign the key to the SignedXml object. signedXml.SigningKey = Key; // Create a reference to be signed. Reference reference = new Reference(); // Add the passed URI to the reference object. reference.Uri = URIString; // Add the reference to the SignedXml object. signedXml.AddReference(reference); // Create a new KeyInfo object. KeyInfo keyInfo = new KeyInfo(); // Load the X509 certificate. X509Certificate MSCert = X509Certificate.CreateFromCertFile(Certificate); // Load the certificate into a KeyInfoX509Data object // and add it to the KeyInfo object. keyInfo.AddClause(new KeyInfoX509Data(MSCert)); // Add the KeyInfo object to the SignedXml object. signedXml.KeyInfo = keyInfo; // Compute the signature. signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); // Save the signed XML document to a file specified // using the passed string. XmlTextWriter xmltw = new XmlTextWriter(XmlSigFileName, new UTF8Encoding(false)); xmlDigitalSignature.WriteTo(xmltw); xmltw.Close(); } }
// // This example signs a file specified by a URI // using a detached signature. It then verifies // the signed XML. // #using <System.Security.dll> #using <System.Xml.dll> using namespace System; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; using namespace System::Security::Cryptography::X509Certificates; using namespace System::Text; using namespace System::Xml; // Sign an XML file and save the signature in a new file. void SignDetachedResource( String^ URIString, String^ XmlSigFileName, RSA^ Key, String^ Certificate ) { // Create a SignedXml object. SignedXml^ signedXml = gcnew SignedXml; // Assign the key to the SignedXml object. signedXml->SigningKey = Key; // Create a reference to be signed. Reference^ reference = gcnew Reference; // Add the passed URI to the reference object. reference->Uri = URIString; // Add the reference to the SignedXml object. signedXml->AddReference( reference ); // Create a new KeyInfo object. KeyInfo^ keyInfo = gcnew KeyInfo; // Load the X509 certificate. X509Certificate^ MSCert = X509Certificate::CreateFromCertFile( Certificate ); // Load the certificate into a KeyInfoX509Data object // and add it to the KeyInfo object. keyInfo->AddClause( gcnew KeyInfoX509Data( MSCert ) ); // Add the KeyInfo object to the SignedXml object. signedXml->KeyInfo = keyInfo; // Compute the signature. signedXml->ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement^ xmlDigitalSignature = signedXml->GetXml(); // Save the signed XML document to a file specified // using the passed string. XmlTextWriter^ xmltw = gcnew XmlTextWriter( XmlSigFileName,gcnew UTF8Encoding( false ) ); xmlDigitalSignature->WriteTo( xmltw ); xmltw->Close(); } [STAThread] int main() { array<String^>^args = Environment::GetCommandLineArgs(); // The URI to sign. String^ resourceToSign = "http://www.microsoft.com"; // The name of the file to which to save the XML signature. String^ XmlFileName = "xmldsig.xml"; // The name of the X509 certificate String^ Certificate = "microsoft.cer"; try { // Generate a signing key. This key should match the certificate. RSACryptoServiceProvider^ Key = gcnew RSACryptoServiceProvider; Console::WriteLine( "Signing: {0}", resourceToSign ); // Sign the detached resource and save the signature in an XML file. SignDetachedResource( resourceToSign, XmlFileName, Key, Certificate ); Console::WriteLine( "XML signature was succesfully computed and saved to {0}.", XmlFileName ); } catch ( CryptographicException^ e ) { Console::WriteLine( e->Message ); } }
// // This example signs a file specified by a URI // using a detached signature. It then verifies // the signed XML. // import System.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; import System.Security.Cryptography.X509Certificates.*; import System.Text.*; import System.Xml.*; class XMLDSIGDetached { /** @attribute STAThread() */ public static void main(String[] args) { // The URI to sign. String resourceToSign = "http://www.microsoft.com"; // The name of the file to which to save the XML signature. String xmlFileName = "xmldsig.xml"; // The name of the X509 certificate String certificate = "microsoft.cer"; try { // Generate a signing key. This key should match the certificate. RSACryptoServiceProvider key = new RSACryptoServiceProvider(); Console.WriteLine("Signing: {0}", resourceToSign); // Sign the detached resourceand save the signature in an XML file. SignDetachedResource(resourceToSign, xmlFileName, key, certificate); Console.WriteLine("XML signature was succesfully " + "computed and saved to {0}.", xmlFileName); } catch (CryptographicException e) { Console.WriteLine(e.get_Message()); } } //main // Sign an XML file and save the signature in a new file. public static void SignDetachedResource(String uriString, String xmlSigFileName, RSA key, String certificate) { // Create a SignedXml object. SignedXml signedXml = new SignedXml(); // Assign the key to the SignedXml object. signedXml.set_SigningKey(key); // Create a reference to be signed. Reference reference = new Reference(); // Add the passed URI to the reference object. reference.set_Uri(uriString); // Add a transformation if the URI is an XML file. if (uriString.EndsWith("xml")) { reference.AddTransform(new XmlDsigC14NTransform()); } // Add the reference to the SignedXml object. signedXml.AddReference(reference); // Create a new KeyInfo object. KeyInfo keyInfo = new KeyInfo(); // Load the X509 certificate. X509Certificate msCert = X509Certificate.CreateFromCertFile(certificate); // Load the certificate into a KeyInfoX509Data object // and add it to the KeyInfo object. keyInfo.AddClause(new KeyInfoX509Data(msCert)); // Add the KeyInfo object to the SignedXml object. signedXml.set_KeyInfo(keyInfo); // Compute the signature. signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); // Save the signed XML document to a file specified // using the passed string. XmlTextWriter xmlTW = new XmlTextWriter(xmlSigFileName, new UTF8Encoding(false)); xmlDigitalSignature.WriteTo(xmlTW); xmlTW.Close(); } //SignDetachedResource } //XMLDSIGDetached
' ' This example signs an XML file using an ' envelope signature. It then verifies the ' signed XML. ' Imports System Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Imports System.Security.Cryptography.X509Certificates Imports System.Text Imports System.Xml Public Class SignVerifyEnvelope Overloads Public Shared Sub Main(args() As [String]) Dim Certificate As String = "microsoft.cer" Try ' Generate a signing key. Dim Key As New RSACryptoServiceProvider() ' Create an XML file to sign. CreateSomeXml("Example.xml") Console.WriteLine("New XML file created.") ' Sign the XML that was just created and save it in a ' new file. SignXmlFile("Example.xml", "SignedExample.xml", Key, Certificate) Console.WriteLine("XML file signed.") Catch e As CryptographicException Console.WriteLine(e.Message) End Try End Sub ' Sign an XML file and save the signature in a new file. Public Shared Sub SignXmlFile(FileName As String, SignedFileName As String, Key As RSA, Certificate As String) ' Create a new XML document. Dim doc As New XmlDocument() ' Format the document to ignore white spaces. doc.PreserveWhitespace = False ' Load the passed XML file using it's name. doc.Load(New XmlTextReader(FileName)) ' Create a SignedXml object. Dim signedXml As New SignedXml(doc) ' Add the key to the SignedXml document. signedXml.SigningKey = Key ' Create a reference to be signed. Dim reference As New Reference() reference.Uri = "" ' Add an enveloped transformation to the reference. Dim env As New XmlDsigEnvelopedSignatureTransform() reference.AddTransform(env) ' Add the reference to the SignedXml object. signedXml.AddReference(reference) ' Create a new KeyInfo object. Dim keyInfo As New KeyInfo() ' Load the X509 certificate. Dim MSCert As X509Certificate = X509Certificate.CreateFromCertFile(Certificate) ' Load the certificate into a KeyInfoX509Data object ' and add it to the KeyInfo object. keyInfo.AddClause(New KeyInfoX509Data(MSCert)) ' Add the KeyInfo object to the SignedXml object. signedXml.KeyInfo = keyInfo ' Compute the signature. signedXml.ComputeSignature() ' Get the XML representation of the signature and save ' it to an XmlElement object. Dim xmlDigitalSignature As XmlElement = signedXml.GetXml() ' Append the element to the XML document. doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, True)) If TypeOf doc.FirstChild Is XmlDeclaration Then doc.RemoveChild(doc.FirstChild) End If ' Save the signed XML document to a file specified ' using the passed string. Dim xmltw As New XmlTextWriter(SignedFileName, New UTF8Encoding(False)) doc.WriteTo(xmltw) xmltw.Close() End Sub ' Create example data to sign. Public Shared Sub CreateSomeXml(FileName As String) ' Create a new XmlDocument object. Dim document As New XmlDocument() ' Create a new XmlNode object. Dim node As XmlNode = document.CreateNode(XmlNodeType.Element, "", "MyElement", "samples") ' Add some text to the node. node.InnerText = "Example text to be signed." ' Append the node to the document. document.AppendChild(node) ' Save the XML document to the file name specified. Dim xmltw As New XmlTextWriter(FileName, New UTF8Encoding(False)) document.WriteTo(xmltw) xmltw.Close() End Sub End Class
// // This example signs an XML file using an // envelope signature. It then verifies the // signed XML. // using System; using System.Security.Cryptography; using System.Security.Cryptography.Xml; using System.Security.Cryptography.X509Certificates; using System.Text; using System.Xml; public class SignVerifyEnvelope { public static void Main(String[] args) { string Certificate = "microsoft.cer"; try { // Generate a signing key. RSACryptoServiceProvider Key = new RSACryptoServiceProvider(); // Create an XML file to sign. CreateSomeXml("Example.xml"); Console.WriteLine("New XML file created."); // Sign the XML that was just created and save it in a // new file. SignXmlFile("Example.xml", "SignedExample.xml", Key, Certificate); Console.WriteLine("XML file signed."); } catch(CryptographicException e) { Console.WriteLine(e.Message); } } // Sign an XML file and save the signature in a new file. public static void SignXmlFile(string FileName, string SignedFileName, RSA Key, string Certificate) { // Create a new XML document. XmlDocument doc = new XmlDocument(); // Format the document to ignore white spaces. doc.PreserveWhitespace = false; // Load the passed XML file using it's name. doc.Load(new XmlTextReader(FileName)); // Create a SignedXml object. SignedXml signedXml = new SignedXml(doc); // Add the key to the SignedXml document. signedXml.SigningKey = Key; // Create a reference to be signed. Reference reference = new Reference(); reference.Uri = ""; // Add an enveloped transformation to the reference. XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(env); // Add the reference to the SignedXml object. signedXml.AddReference(reference); // Create a new KeyInfo object. KeyInfo keyInfo = new KeyInfo(); // Load the X509 certificate. X509Certificate MSCert = X509Certificate.CreateFromCertFile(Certificate); // Load the certificate into a KeyInfoX509Data object // and add it to the KeyInfo object. keyInfo.AddClause(new KeyInfoX509Data(MSCert)); // Add the KeyInfo object to the SignedXml object. signedXml.KeyInfo = keyInfo; // Compute the signature. signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); // Append the element to the XML document. doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, true)); if (doc.FirstChild is XmlDeclaration) { doc.RemoveChild(doc.FirstChild); } // Save the signed XML document to a file specified // using the passed string. XmlTextWriter xmltw = new XmlTextWriter(SignedFileName, new UTF8Encoding(false)); doc.WriteTo(xmltw); xmltw.Close(); } // Create example data to sign. public static void CreateSomeXml(string FileName) { // Create a new XmlDocument object. XmlDocument document = new XmlDocument(); // Create a new XmlNode object. XmlNode node = document.CreateNode(XmlNodeType.Element, "", "MyElement", "samples"); // Add some text to the node. node.InnerText = "Example text to be signed."; // Append the node to the document. document.AppendChild(node); // Save the XML document to the file name specified. XmlTextWriter xmltw = new XmlTextWriter(FileName, new UTF8Encoding(false)); document.WriteTo(xmltw); xmltw.Close(); } }
// // This example signs an XML file using an // envelope signature. It then verifies the // signed XML. // #using <System.Security.dll> #using <System.Xml.dll> using namespace System; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; using namespace System::Security::Cryptography::X509Certificates; using namespace System::Text; using namespace System::Xml; // Sign an XML file and save the signature in a new file. void SignXmlFile( String^ FileName, String^ SignedFileName, RSA^ Key, String^ Certificate ) { // Create a new XML document. XmlDocument^ doc = gcnew XmlDocument; // Format the document to ignore white spaces. doc->PreserveWhitespace = false; // Load the passed XML file using its name. doc->Load( gcnew XmlTextReader( FileName ) ); // Create a SignedXml object. SignedXml^ signedXml = gcnew SignedXml( doc ); // Add the key to the SignedXml document. signedXml->SigningKey = Key; // Create a reference to be signed. Reference^ reference = gcnew Reference; reference->Uri = ""; // Add an enveloped transformation to the reference. XmlDsigEnvelopedSignatureTransform^ env = gcnew XmlDsigEnvelopedSignatureTransform; reference->AddTransform( env ); // Add the reference to the SignedXml object. signedXml->AddReference( reference ); // Create a new KeyInfo object. KeyInfo^ keyInfo = gcnew KeyInfo; // Load the X509 certificate. X509Certificate^ MSCert = X509Certificate::CreateFromCertFile( Certificate ); // Load the certificate into a KeyInfoX509Data object // and add it to the KeyInfo object. keyInfo->AddClause( gcnew KeyInfoX509Data( MSCert ) ); // Add the KeyInfo object to the SignedXml object. signedXml->KeyInfo = keyInfo; // Compute the signature. signedXml->ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement^ xmlDigitalSignature = signedXml->GetXml(); // Append the element to the XML document. doc->DocumentElement->AppendChild( doc->ImportNode( xmlDigitalSignature, true ) ); if ( (doc->FirstChild)->GetType() == XmlDeclaration::typeid ) { doc->RemoveChild( doc->FirstChild ); } // Save the signed XML document to a file specified // using the passed string. XmlTextWriter^ xmltw = gcnew XmlTextWriter( SignedFileName,gcnew UTF8Encoding( false ) ); doc->WriteTo( xmltw ); xmltw->Close(); } // Create example data to sign. void CreateSomeXml( String^ FileName ) { // Create a new XmlDocument object. XmlDocument^ document = gcnew XmlDocument; // Create a new XmlNode object. XmlNode^ node = document->CreateNode( XmlNodeType::Element, "", "MyElement", "samples" ); // Add some text to the node. node->InnerText = "Example text to be signed."; // Append the node to the document. document->AppendChild( node ); // Save the XML document to the file name specified. XmlTextWriter^ xmltw = gcnew XmlTextWriter( FileName,gcnew UTF8Encoding( false ) ); document->WriteTo( xmltw ); xmltw->Close(); } int main() { String^ Certificate = "microsoft.cer"; try { // Generate a signing key. RSACryptoServiceProvider^ Key = gcnew RSACryptoServiceProvider; // Create an XML file to sign. CreateSomeXml( "Example.xml" ); Console::WriteLine( "New XML file created." ); // Sign the XML that was just created and save it in a // new file. SignXmlFile( "Example.xml", "SignedExample.xml", Key, Certificate ); Console::WriteLine( "XML file signed." ); } catch ( CryptographicException^ e ) { Console::WriteLine( e->Message ); } return 0; }
継承階層
System.Object
System.Security.Cryptography.Xml.KeyInfoClause
System.Security.Cryptography.Xml.KeyInfoX509Data
System.Security.Cryptography.Xml.KeyInfoClause
System.Security.Cryptography.Xml.KeyInfoX509Data
スレッド セーフプラットフォームWindows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
開発プラットフォームの中には、.NET Framework によってサポートされていないバージョンがあります。サポートされているバージョンについては、「システム要件」を参照してください。
バージョン情報参照- KeyInfoX509Data クラスのページへのリンク
