assinar xml

Boa dia a todos, por favor estou tentando fazer uma assinatura digital em um XML, e esta dando super certo com a ajuda do exemples que Chris Glazier e Altair Borges me enviaram, porem esta assinando com o algoritimo RSA-SHA1 mas eu preciso assinar com algoritimo RSA-SHA256, eu achei um exemplo que eu acredite que seja o que eu preciso conforme esta abaixo em C#, mas não estou conseguindo converter o Visual COBOL for Visual Studio, se alguém conseguir me ajudar ficarei muito agradecido.




Renato Soares Vieira


using System; using System.Security.Cryptography; class RSASample { static void Main() { try { //Create a new instance of RSACryptoServiceProvider. using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider()) { //The hash to sign. byte[] hash; using (SHA256 sha256 = SHA256.Create()) { byte[] data = new byte[] { 59, 4, 248, 102, 77, 97, 142, 201, 210, 12, 224, 93, 25, 41, 100, 197, 213, 134, 130, 135 }; hash = sha256.ComputeHash(data); } //Create an RSASignatureFormatter object and pass it the //RSACryptoServiceProvider to transfer the key information. RSAPKCS1SignatureFormatter RSAFormatter = new RSAPKCS1SignatureFormatter(rsa); //Set the hash algorithm to SHA256. RSAFormatter.SetHashAlgorithm("SHA256"); //Create a signature for HashValue and return it. byte[] SignedHash = RSAFormatter.CreateSignature(hash); } } catch (CryptographicException e) { Console.WriteLine(e.Message); } } }

  • For your second question about displaying the Certificate selection screen only for the first invocation, I would think that you could control this by passing a flag as a parameter to the method which could be set by the client which would indicate whether or not the selection screen should be shown. Then the code logic in the server could bypass that function if required.

    For your first question regarding registering the server on a client machine on which Visual Studio is not installed, you would have a couple of options.

    1.  Register the assembly using the regasm.exe tool.
         You can find out more on the Microsoft site here:

    2. Use Reg-free COM. This involves creating a manifest file for the client and server containing information about the properties of the COM component. If you use this approach then you do not have to use regasm.exe to register your COM server in production. I have uploaded an example Visual COBOL solution that contains a client and a server project along with instructions within a readme file for setting this up. You can also find out more information about this by Googling regfree COM.
    One such link you will find is here.


  • Thank you Mr. Glazier, but I continue with two doubts.

    In the first question, I understand that I can pass parameter, but I need to know if the instace can save the chosen certificate the first time I call it to use in the others, because I do not know how to process to save this certificate, so that in other times I just sign with the same certificate you chose the first time.

    In the second second question, the question is, I need to do this process even if the calling program is compiled by the same compiler, ie I have this routine that subscribes to .NET which is a project, but the caller is a native cobol (no project ) but compiled by the same "Visual Cobol for Visual Studio" compiler.

    Thank you.

  • Verified Answer

    For the first question, do you wish to save the certificate for long-term storage on disk or in memory for the next invocation of the method from the same instance of the application?

    If you store the certificate in the working-storage of the class then this is instance data and will be available to all methods and all invocations of this instance.

    If you wish to store it on disk so that you can access it again, you might look at using the export and import methods of the X509Certificate class. The docs can be found here:

    I am not an expert on certificates or how to manipulate them so I will not comment further on how to achieve this.

    On your second question, the requirement to call managed code from a native application using COM has nothing to do with the product version being used. It is part of the Interop functionality of using native and managed code together in the same application. You would need to do this if NX was used to compile the client or Visual COBOL was used.

  • Thank you very much Mr. Glazier, with your help and dedication, we were able to complete our signature project with digital certificate of the XMLs.

    If you need anything, we are at your disposal.