#眉標=XML
#副標=.NET Framework開發環境
#大標=製作一份安全的XML文件
#作者=文／張明哲


===========box 程式1=================
using Microsoft.Web.Services.Security.X509;
using System.Security.Cryptography.Xml;
// 開啟本機的憑證儲存庫
X509CertificateStore store 
	=X509CertificateStore.LocalMachineStore 
　　(X509CertificateStore.MyStore);
	bool open = store.OpenRead();
// 使用作業系統的金鑰名稱KeyName
// 與Key ID以連結私密金鑰的權限
	byte[] keyId = Convert.FromBase64String(KeyName);
	X509CertificateCollection certs = 
		store.FindCertificateByKeyIdentifier(keyId);
	store.Close();
// 找出此Key ID所對應的憑證
// 並取出簽章用的公開金鑰
	X509Certificate cert = certs[0];
	RSA rsakey = cert.Key;
// 以待簽文件doc建立並設定簽章之類別
	SignedXml signedXml = 
		new Xml.SignedXml(doc);
	signedXml.SigningKey = rsakey;
// 將簽章物件之Reference指向要簽署的元素ID
//  signingUri字串陣列是儲存待簽署的元素ID
	for(i=0;i<signingUri.Length;i++)
	{
Reference reference = new Reference();
		reference.Uri = "#"+signingUri[i];
		signedXml.AddReference(reference);
	}
// 設定XML簽章的KeyInfo類別為此一憑證金鑰
KeyInfo keyInfo = new KeyInfo();
	keyInfo.AddClause
     (new KeyInfoX509Data(cert));
	signedXml.KeyInfo = keyInfo;
// 計算簽章值
	signedXml.ComputeSignature();
	// 取得最終的XML簽章元素字串
　　String XmlSignature = signedXml.GetXml().OuterXml
　　===============END============




=============Box 程式2==============
     string xmlstring = doc.OuterXml;
	// 先取得XML簽章元素
     XmlNodeList nodeList = 
		doc.GetElementsByTagName
     ("Signature","http://www.w3.org/...");
	// 再以SignedXml元素進行驗證
	SignedXml signedXml = new SignedXml(doc);
	signedXml.LoadXml( (XmlElement)nodeList.Item(i) );
// 驗證簽章值
	if(!signedXml.CheckSignature())		return false;
     else			return true;
====================END========================





===============BOX 程式3==============
// 預備一個符合W3C標準的加密元素字串
	String xmlstring = 
"<EncryptedKey xmlns=…>
<EncryptionMethod Algorithm=… />
<KeyInfo xmlns=…><X509Data><X509Certificate>";
　　然後再以前述開啟本機憑證的方式(即FindCertificateByKeyIdentifier)查詢與取得相關金鑰。
// 準備一個X509型式的KeyInfo
	xmlstring = xmlstring + certs[0].ToBase64String() + 
		"</X509Certificate></X509Data></KeyInfo>";
	// Get the public key
	RSA rsakey = cert.Key;
// 建立加密元素
	SymmetricAlgorithm sa = 
     SymmetricAlgorithm.Create ("TripleDES"); 
	sa.GenerateIV();
	ICryptoTransform ct = sa.CreateEncryptor (); 
// 以公開金鑰加密這把Session Key
	RSAPKCS1KeyExchangeFormatter fmt =
     new RSAPKCS1KeyExchangeFormatter (rsakey); 
	byte[] keyex = fmt.CreateKeyExchange (sa.Key); 
	xmlstring = xmlstring + "<CipherData><CipherValue>" + 
		Convert.ToBase64String(keyex) + 
     "</CipherValue></CipherData><ReferenceList>";
=====================END====================





=============BOX 程式4============
// 先取出已加密的KeyInfo元素
	XmlNodeList nodeList = 
		doc.GetElementsByTagName
     ("EncryptedKey","http://www.w3.org/...");
=====================END=======================