如何使用 PFX 憑證在 C# 中對 SAML 斷言和 SOAP 訊息進行數位簽章？

這個問題特別需要範例 C# 程式碼才能解決問題陳述。提供的回應應包含 C# 程式碼，即使它與提示中提供的程式碼相同。

正確格式的回應應如下所示：

「嘗試執行以下操作：

<br> 使用System;<br> 使用System.Collections。通用；<br> 使用System.IO；<br> 使用System.Linq；<br>使用System.Net;<br> 使用 System.Security.Cryptography.X509Certificates;<br> 使用 System.Security.Cryptography.Xml;<br> 使用 System.Text;<br> 使用 System.Threading.Tasks;<br> 使用 System.Text; 使用 System.Threading.Tasks;<p> 使用 System.Text;<br> 使用 System.Threading.Tasks;</p> 使用 System.Text;<pre class="brush:php;toolbar:false">class Program
{
    const string FILENAME = @"c:\temp\test.xml";
    static void Main(string[] args)
    {
        XmlDocument doc = new XmlDocument();
        CreateSoap(doc);
        XmlElement assertion = (XmlElement)(doc.GetElementsByTagName("saml2:Assertion")[0]);
        XmlElement security = (XmlElement)(doc.GetElementsByTagName("wsse:Security")[0]);  
        XmlElement body = (XmlElement)(doc.GetElementsByTagName("soap:Body")[0]);
        
        
        using (WebClient client = new WebClient())
        {
            byte[] xmlBytes = client.DownloadData(FILENAME);

使用 System.Threading.Tasks;

使用 System.Text;

使用 System.Threading.Tasks;

        }
        string pfxpath = @"D:\Certificate\Private-cert.pfx";
        X509Certificate2 cert = new X509Certificate2(File.ReadAllBytes(pfxpath), "123456789");


        SignXmlWithCertificate(assertion, cert);
        SignXmlWithCertificate(security, cert);   //added 10-20-17

        XmlElement subject = doc.CreateElement("Subject", "saml2");
        assertion.AppendChild(subject);

        CreateSubject(subject);

        File.WriteAllText(@"D:\Certificate\digitallysigned.xml", doc.OuterXml);
    }
    public static void CreateSoap(XmlDocument doc)
    {
        DateTime date = DateTime.Now;
        string soap = string.Format(
            "<?xml version=\"1.0\"?>" +
            "<envelope xmlns:soap='\"http://www.w3.org/2003/05/soap-envelope\""' xmlns:wsse11='\"http://docs.oasisopen.org/wss/oasis-wss-wssecurity-secext-1.1.xsd\""' xmlns:wsse='\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\""' xmlns:wsu='\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-utility-1.0.xsd\""' xmlns:xs='\"http://www.w3.org/2001/XMLSchema\""' xmlns:ds='\"http://www.w3.org/2000/09/xmldsig#\""' xmlns:saml='\"urn:oasis:names:tc:SAML:1.0:assertion\""' xmlns:exc14n='\"http://www.w3.org/2001/10/xml-exc-c14n#\"'>" +

                       "<header>" +
                              "<to mustunderstand='\"true\""' xmlns='\"http://www.w3.org/2005/08/addressing\"'>https://localhost:443/Gateway/PatientDiscovery/1_0/NwHINService/NwHINPatientDiscovery" +
                              "</to>" +
                              "<action mustunderstand='\"true\""' xmlns='\"http://www.w3.org/2005/08/addressing\"'>urn:hl7-org:v3:PRPA_IN201305UV02:CrossGatewayPatientDiscovery" +
                              "</action>" +
                              "<replyto mustunderstand='\"true\""' xmlns='\"http://www.w3.org/2005/08/addressing\"'>" +
                                 "<address>http://www.w3.org/2005/08/addressing/anonymous</address>" +
                              "</replyto>" +
                              "<messageid mustunderstand='\"true\""' xmlns='\"http://www.w3.org/2005/08/addressing\"'>461433e3-4591-453b-9eb6-791c7f5ff882" +
                              "</messageid>" +
                              "<security soap:mustunderstand='\"true\"'>" +
                                 "<timestamp wsu:id='\"_1\""' xmlns:ns17='\"http://docs.oasis-open.org/ws-sx/wssecureconversation/200512\""' xmlns:ns16='\"http://schemas.xmlsoap.org/soap/envelope/\"'>" +
                                    "<created>2012-06-08T18:31:44Z</created>" +
                                    "<expires>2012-06-08T18:36:44Z</expires>" +
                                 "</timestamp>" +
                                 "<assertion id='\"_883e64a747a5449b83821913a2b189e6\"' issueinstant='\"{0}\"' version='\"2.0\""' xmlns:ds='\"http://www.w3.org/2000/09/xmldsig#\""' xmlns:exc14n='\"http://www.w3.org/2001/10/xml-excc14n#\""' xmlns:saml2='\"urn:oasis:names:tc:SAML:2.0:assertion\""' xmlns:xenc='\"http://www.w3.org/2001/04/xmlenc#\""' xmlns:xs='\"http://www.w3.org/2001/XMLSchema\"'>" +
                                    "<issuer format='\"urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName\"'>CN=SAML User,OU=SU,O=SAML User,L=Los Angeles,ST=CA,C=US" +
                                    "</issuer>" +
                                 "</assertion>" +
                              "</security>" +

                            "</header>" +
                            "<body>" +
                            "</body>" +
                         "</envelope>",
                         date.ToUniversalTime().ToString("yyyy-MM-ddThh:mm:ss.fffZ")); 
        doc.LoadXml(soap);

    }
    public static void SignXmlWithCertificate(XmlElement assertion, X509Certificate2 cert)
    {
        SignedXml signedXml = new SignedXml(assertion);
        signedXml.SigningKey = cert.PrivateKey;
        Reference reference = new Reference();
        reference.Uri = "";
        reference.AddTransform(new XmlDsigEnvelopedSignatureTransform());
        signedXml.AddReference(reference);

        KeyInfo keyInfo = new KeyInfo();
        keyInfo.AddClause(new KeyInfoX509Data(cert));

        signedXml.KeyInfo = keyInfo;
        signedXml.ComputeSignature();
        XmlElement xmlsig = signedXml.GetXml();

        assertion.AppendChild(xmlsig);
    }
    public static void CreateSubject(XmlElement xSubject)
    {
        string subject = "<nameid format='\"urn:oasis:names:tc:SAML:1.1:nameidformat:X509SubjectName\"'>UID=WilmaAnderson</nameid>" +
                          "<saml> 使用 System.Text; 使用 System.Threading.Tasks; 使用 System.Text; 使用 System.Threading.Tasks; 用 System.使用System.Xml;命名空間憑證{body.InnerXml = Encoding.UTF8.GetString(xmlBytes);</saml>

以上是如何使用 PFX 憑證在 C# 中對 SAML 斷言和 SOAP 訊息進行數位簽章？的詳細內容。更多資訊請關注PHP中文網其他相關文章！