0

I try to sign a Xml file. This is the code (from MSDN):

RSACryptoServiceProvider Key = new RSACryptoServiceProvider();
SignXmlFile(XmlStart, XmlEnd, Key);

How can i send as Key a X509Certificate2? Tanks! Francesco

Infoservice
  • 107
  • 4
  • 16
  • I believe a bare `RSACryptoServiceProvider` is way too less to have a `X509Certificate2`. Could you possibly expand your question and add details on how you actually acquire the crypto provider and if there is a way your `SignXmlFile` expects less than the fully fledged `X509Certificate2`? – Wiktor Zychla Feb 02 '16 at 12:23
  • Duplicate of https://stackoverflow.com/questions/1195728/in-c-sign-an-xml-with-a-x-509-certificate-and-check-the-signature – Matt Kerr Feb 19 '18 at 18:06

1 Answers1

0

Here you would be using the key (Public / Private Key) from the certificate.

Option 1)

X509Certificate2 cert = RetrieveCertificate("abcd");
var key = cert.PrivateKey;

private static X509Certificate2 RetrieveCertificateFromStore(string certificateName)
{
    X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
    store.Open(OpenFlags.OpenExistingOnly);
    var cert = store.Certificates.OfType<X509Certificate2>().AsEnumerable().FirstOrDefault(c => c.FriendlyName == certificateName);
    return cert;
}

Or Retrieve Certificate from file:

    private static X509Certificate2 RetrieveCertificateFromFile(string certPath)
    {
        // string certPath = @"C:\Certificates\myCert.pfx";
        string certPass = "mycertPass";
        // Create a collection object and populate it using the PFX file
        X509Certificate2Collection collection = new X509Certificate2Collection();
        collection.Import(certPath, certPass, X509KeyStorageFlags.PersistKeySet);
        // Instead of foreach you can directly retrieve the certificate from collection as well.
        foreach (X509Certificate2 cert in collection)
        {
            // Import the certificates into X509Store objects
            return cert;
        }
        return null;
    }

Option 2) 

RSACryptoServiceProvider key = RetrieveKey(cert, EnumKeyType.Private);
Habeeb
  • 7,601
  • 1
  • 30
  • 33
  • I believe the question is the other way around - he has the `RSACryptoServiceProvider` and he would like to make the `X509Certificate2` out of it. What you show is how to have `RSACryptoServiceProvider` when you first have the `X509Certificate2`. – Wiktor Zychla Feb 02 '16 at 12:19
  • From RSACryptoServiceProvider, we cannot have a Certificate. I believe, he is looking a way to get the key from X509Certificate2 instance. – Habeeb Feb 02 '16 at 13:13
  • I know we can't, that's why I asked a question below his comment. I still believe he wants to do have the cert out of a key and he just doesn't know it's not gonna work. You, on the other hand, assumed he wants something that is easy and achievable, despite his question is clear. Let's wait for any activity of the OP but if I am not mistaken, your answer is not what he asked for. – Wiktor Zychla Feb 02 '16 at 13:52
  • Yes, Wiktor, you are right, i need to sign a xml file with a X509Certificate2 stored in a pfx file ano NOT in the machine. On the web only find the SignXml on MSDN, but tha sample using a RSACryptoServiceProvider but i need a X509Certificate2 for the sign. – Infoservice Feb 03 '16 at 14:06
  • Hi @Infoservice, Please find the updated answer to retrieve certificate from pfx file. – Habeeb Feb 04 '16 at 17:34
  • Thanks Habeeb, I'll try and write the results soon. – Infoservice Feb 04 '16 at 18:07