0

I have one certificate file and assign to X509Certificate2 class,

cert = New X509Certificate2("mycertificate.cer")

This cert only have public key that I will use to sign my xml file.

And then i do this,

dim doc as New XmlDocument
doc.PreserveWhitespace = True
doc.Load("myxmlfile.xml")
signedXml = New SignedXml(doc)
signedXml.SigningKey = cert.publickey.key
dim reference as New Reference
reference.Uri = ""
dim trns as New XmlDsigC14NTransform
reference.AddTransform(trns)
signedXml.AddReference(reference)
keyInfo = New KeyInfo()
keyInfo.AddClause(New KeyInfoX509Data(cert))
signedXml.KeyInfo = keyInfo
signedXml.ComputeSignature()
xmlDigitalSignature = signedXml.GetXml()

At line signedXml.ComputeSignature() there is something wrong.

"keyset does not exist".

I have no idea for this case. How can I solve this?

Sam
  • 7,252
  • 16
  • 46
  • 65
Daniel Nababan
  • 1
  • 3

2 Answers2

1

This may have already been covered - Check out the answer here:

https://stackoverflow.com/a/6799315/2319909

Obviously you probably wont be using IIS, but the permissions might still be a problem.

Community
  • 1
  • 1
Sam Makin
  • 1,526
  • 8
  • 23
0

To do a signature you need private key that corresponds to the certificate. You have loaded only the certificate therefore you received this exception.

Either load certificate and private key from a p12 file or select a certificate from windows store. Either way PrivateKey property has to be set.

pepo
  • 8,644
  • 2
  • 27
  • 42
  • but i only have public key from other side. and i have to sign using public key and they read in their private key. – Daniel Nababan Aug 21 '14 at 11:51
  • Then you do not need to do a signature but you probably want to encrypt the xml. Then only holder of private key can read it. – pepo Aug 21 '14 at 14:52
  • this is asymetric sir.. i think it does not matter about private to enc and public to decrypt or public to encrypt and private to decrypt.. the main problem is i want to encrypt with public key but it does not work. – Daniel Nababan Aug 21 '14 at 15:36
  • Computesignature will always do encrypt with private key which you do not have. In asymmetric cryptography when you encrypt with one part you can decrypt only with the other. And signature is encryption using private key. – pepo Aug 21 '14 at 18:07
  • 1
    i think you miss something sir.. it is possible if we encypt with public key and decrypte it with private key. but in this case, i already have the public key but the respon is still 'keyset does not exist' – Daniel Nababan Aug 25 '14 at 04:16