Click here to Skip to main content
15,305,969 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more: , +
I want to know how to digitally sign a XML file in ASP.NET C# using USB token?

I want to know how to get certificates from the mosearbear USB token and using the private key contained in it digitally sign a XML file?

As the USB is on client machine and i want to sign the XMl file on client system so how to do that?

What i know is that it is not easy to access a device on client machine but i have come to know that it can be done with capicom but don't know how.

What i have come to know recently is that microsoft discontinued capicom. So what's its alternative?

I have got a peice of code but that doesn't seems to what i am looking for. Can anyone help me out?


X509Store store = new X509Store(StoreLocation.CurrentUser);
        store.Open(OpenFlags.ReadOnly);
        X509CertificateCollection certificates =  X509Certificate2UI.SelectFromCollection(store.Certificates,
                                                                                        "Certificados conocidos",
                                                                                        "Por favor seleccione el certificado con el cual desea firmar",
                                                                                        X509SelectionFlag.SingleSelection
                                                                                        );
        store.Close();
        X509Certificate2 certificate = null;
        if (certificates.Count != 0)
        {
            //The selected certificate
            certificate = (X509Certificate2)certificates[0];
        }
        else
        {
            //The user didn't select a certificate
            //return "El usuario canceló la selección de un certificado";
        }
        //Check certificate's atributes to identify the type of certificate (censored)
        if (certificate.Issuer != "CN=............................., OU=................., O=..., C=US")
        {
            //The selected certificate is not of the needed type
           // return "El certificado seleccionado no corresponde a un token ...";
        }
        //Check if the certificate is issued to the current user
        //if (!certificate.Subject.ToUpper().Contains(("E=" + pUserADLogin + "@censoreddomain.com").ToUpper()))
        //{
        //    //return "El certificado seleccionado no corresponde al usuario actual";
        //}
        //Check if the token is currently plugged in
        XmlDocument xmlDoc = new XmlDocument();
        //XmlElement element = xmlDoc.CreateElement("Content", SignedXml.XmlDsigNamespaceUrl.ToString());
        //element.InnerText = "comodin";
       // xmlDoc.AppendChild(element);
        SignedXml signedXml = new SignedXml();
        //try
        //{
        //    signedXml.SigningKey = certificate.PrivateKey;
        //}
        //catch
        //{
        //    //USB Token is not plugged in
        //   // return "El token no se encuentra conectado al equipo";
        //}
        //DataObject dataObject = new DataObject();
        //dataObject.Data = xmlDoc.ChildNodes;
        //dataObject.Id = "CONTENT";
        //signedXml.AddObject(dataObject);
        //Reference reference = new Reference();
        //reference.Uri = "#CONTENT";
        //signedXml.AddReference(reference);
        //Attempt to sign the data. The user will be prompted to enter his PIN
        try
        {
           // signedXml.ComputeSignature();
        }
        catch
        {
            //User didn't enter the correct PIN
           // return "Hubo un error confirmando la identidad del usuario";
        }
        // The user has signed with the correct token
Posted
Comments
Nathan Minier 30-Jan-15 7:30am
   
At the moment some sort of middleware is required to do this. Upcoming specifications for HTML5 include a window.crypto library, but that is not an accepted standard yet, so you can't lean on the browser to provide access to cryptographic resources.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900