问题
I need to sign (and verify eventually) one of the nodes of an XML document using RSA-SHA1 algorithm. w3.org link
RSA-SHA1 URI:
http://www.w3.org/2000/09/xmldsig#rsa-sha1
Specified in:
section 6.4.2 of [XMLDSIG-CORE2002]
I am following this example, however cannot figure how to change the algorithm to required.
The signature generation happens here:
signedXml.ComputeSignature();
The only override with a parameter expects KeyedHashAlgorithm:
public void ComputeSignature(KeyedHashAlgorithm macAlg); (link)
KeyedHashAlgorithm (link) in turn only allows creating HMAC* and MAC* algorithms and has no RSA-SHA1.
What is the most painless way of signing an XML with RSA-SHA1 in .Net?
Edit:
I'm trying to use a X509 certificate to extract the key. Certificate's signature algorithm property is sha1RSA.
This is how I'm assigning it:
var signedXml = new SignedXml(xmlDoc);
...
signedXml.SigningKey = (RSACryptoServiceProvider)cert.PrivateKey;
...
signedXml.ComputeSignature();
The resulting signature xml format matches expected one, however digest and signature values are invalid.
回答1:
In .NET Framework 1.1 through .NET Framework 4.7 you get RSA-SHA-1 by simply setting signedXml.SigningKey to an RSA key object.
If .NET 4.7.1 (currently in preview) is installed the default for RSA will change to RSA-SHA-2-256, per https://github.com/Microsoft/dotnet/blob/master/releases/net471/dotnet471-changes.md.
So, if you really want a RSA-SHA-1 signature you need to
a) set signedXml.SigningKey to an RSA key
b) set signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA1Url
(both before calling signedXml.ComputeSignature())
Conversely, if you want to do something better than RSA-SHA-1 on current versions, set signedXml.SignedInfo.SignatureMethod to SignedXml.XmlDsigSHA256Url or better.
Word of warning: SHA-1 is considered broken for cryptographic purposes now that a collision has been found. While it's not generalized enough (at this point) to attack arbitrary XML, it may well grow up to that point. You really shouldn't be using SHA-1 in anything new, and should consider validating that your signature method is something better than SHA-1 based when deciding whether to accept a signed document.
来源:https://stackoverflow.com/questions/46074784/how-to-sign-xml-element-using-rsa-sha1-algorithm