我已经发布了关于此的信息,但从那以后就没有运气了,我有更多信息,我想我会再试一次,我真的希望有人能提供帮助。基本上我正在读取一个 XML 文件并验证它已被签名的事实。此代码在以管理员身份而非网络服务运行时完美运行,最后一行解析为“true”,但在未以管理员身份运行时则不会。
注意:这不是读取打开的 XML 文件的问题。问题出在内存中的对象之一。我“认为”问题与 CryptoKeyRights 对象上的访问控制列表有关。
我已使用以下代码(在下面的代码中)尝试授予每个人访问 CspParams 对象的权限:
CryptoKeyRights rightsForall = CryptoKeyRights.FullControl;
CryptoKeyAccessRule everyone = new CryptoKeyAccessRule(@"Everyone", CryptoKeyRights.FullControl, AccessControlType.Allow);
cspParams.CryptoKeySecurity = new CryptoKeySecurity();
cspParams.CryptoKeySecurity.AddAccessRule(everyone);
上面的代码
代码是:
// Verify the signature of an XML file against an asymmetric
// algorithm and return the result.XmlDocument Doc, RSA Key
public static Boolean VerifyLicenceFile(string xmlLicFilePathArg)
{
bool isVerified = false;
try
{
CspParameters cspParams = new CspParameters();
cspParams.KeyContainerName = containerName;
RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(cspParams);
// Create a new XML document.
XmlDocument xmlDoc = new XmlDocument();
// Load an XML file into the XmlDocument object.
xmlDoc.PreserveWhitespace = true;
xmlDoc.Load(xmlLicFilePathArg);
// Check arguments.
if (xmlDoc == null)
throw new ArgumentException("Doc");
if (rsaKey == null)
throw new ArgumentException("Key");
// Create a new SignedXml object and pass it
// the XML document class.
SignedXml signedXml = new SignedXml(xmlDoc);
// Find the "Signature" node and create a new
// XmlNodeList object.
XmlNodeList nodeList = xmlDoc.GetElementsByTagName("Signature");
// Throw an exception if no signature was found.
if (nodeList.Count <= 0)
{
throw new CryptographicException("Verification failed: No Signature was found in the document.");
}
// This example only supports one signature for
// the entire XML document. Throw an exception
// if more than one signature was found.
if (nodeList.Count >= 2)
{
throw new CryptographicException("Verification failed: More that one signature was found for the document.");
}
// Load the first <signature> node.
signedXml.LoadXml((XmlElement)nodeList[0]);
// Check the signature and return the result.
isVerified = signedXml.CheckSignature(rsaKey);
}
catch (Exception ex)
{
}
return isVerified;
}
这听起来更像是对根 CA 或签名证书的权限。所以我要检查的是链中的证书在证书存储中的位置 - 如果它们在用户存储中(这将解释它在管理员下工作)或机器存储(它们应该为每个人工作)
我是一名优秀的程序员,十分优秀!