Is it possible to sign an xml document without having to use KeyContainerName?

Question

I want to create 2 really simple dlls:

1) that will sign an xml document 2) that will check that the xml document hasnt been modified.

I tried using the RSACryptoServiceProvider and a key container. But when I move to a different machine this does not work as the key is being stored in the machine.

I want to store the key in the dlls im creating (I know this is not reccomended) but I just cannot work out how to write some code to simply sign an xml document and then verify that it hasn't been changed.

So do I need to use symmetric key to do what I want is this possible?

Pete

Answer 1

You already mention the problems with storing the private key in the dll, so I won't repeat that.

Do this:

On your own machine run this code:

var key = new RSACryptoServiceProvider(2048);
string publicKey = key.ToXmlString(false);
string privateKey = key.ToXmlString(true);
Console.WriteLine(publicKey);
Console.WriteLine(privateKey);

this outputs two (long) lines. Copy those into your code:

Sign:

var privateKey = new RSACryptoServiceProvider();
privateKey.FromXmlString(/* insert the private-key XML string here */ );
privateKey.SignData(/*...*/);

Verify:

var publicKey = new RSACryptoServiceProvider();
publicKey.FromXmlString(/* insert the public-key XML string here */ );
publicKey.VerifyData(/*...*/);

Answer 2

If it is just about to verify that your xml document hasn't been modified a simple MD5 checksum (or any other good hashing algorithm) would be easier to implement and is what you need. It would be also verifyable on different machines.