MessageSigner Class
Properties Methods Events Configuration Settings Errors
The MessageSigner class digitally signs data and stores it in the PKCS#7 format.
Syntax
SecureBlackboxMessageSigner
SecureBlackboxMessageSignerSwift
Remarks
PKCS#7 (Public Key Cryptography Standard #7) is a common format used to store encrypted and signed data. It is used by a variety of protocols, including S/MIME and CMS.
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
- claimedSigningTime | The signing time from the signer's computer. |
- externalCryptoCustomParams | Custom parameters to be passed to the signing service (uninterpreted). |
- externalCryptoData | Additional data to be included in the async state and mirrored back by the requestor. |
- externalCryptoExternalHashCalculation | Specifies whether the message hash is to be calculated at the external endpoint. |
- externalCryptoHashAlgorithm | Specifies the request's signature hash algorithm. |
- externalCryptoKeyID | The ID of the pre-shared key used for DC request authentication. |
- externalCryptoKeySecret | The pre-shared key used for DC request authentication. |
- externalCryptoMethod | Specifies the asynchronous signing method. |
- externalCryptoMode | Specifies the external cryptography mode. |
- externalCryptoPublicKeyAlgorithm | Provide public key algorithm here if the certificate is not available on the pre-signing stage. |
- hashAlgorithm | Specifies the hash algorithm to be used. |
- inputBytes | Use this property to pass the input to class in the byte array form. |
- inputFile | A path to the source file. |
- outputBytes | Use this property to read the output the class object has produced. |
- outputFile | A path to the output file. |
- proxyAddress | The IP address of the proxy server. |
- proxyAuthentication | The authentication type used by the proxy server. |
- proxyPassword | The password to authenticate to the proxy server. |
- proxyPort | The port on the proxy server to connect to. |
- proxyProxyType | The type of the proxy server. |
- proxyRequestHeaders | Contains HTTP request headers for WebTunnel and HTTP proxy. |
- proxyResponseBody | Contains the HTTP or HTTPS (WebTunnel) proxy response body. |
- proxyResponseHeaders | Contains response headers received from an HTTP or HTTPS (WebTunnel) proxy server. |
- proxyUseIPv6 | Specifies whether IPv6 should be used when connecting through the proxy. |
- proxyUseProxy | Enables or disables proxy-driven connection. |
- proxyUsername | Specifies the username credential for proxy authentication. |
- signatureType | Specifies the kind of signature to create. |
- signedAttributeCount | The number of records in the SignedAttribute arrays. |
- signedAttributeOID:(int)signedAttributeIndex | The object identifier of the attribute. |
- signedAttributeValue:(int)signedAttributeIndex | The value of the attribute. |
- signingCertBytes | Returns raw certificate data in DER format. |
- signingCertHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
- signingChainCount | The number of records in the SigningChain arrays. |
- signingChainBytes:(int)signingChainIndex | Returns raw certificate data in DER format. |
- signingChainHandle:(int)signingChainIndex | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
- socketDNSMode | Selects the DNS resolver to use: the class's (secure) built-in one, or the one provided by the system. |
- socketDNSPort | Specifies the port number to be used for sending queries to the DNS server. |
- socketDNSQueryTimeout | The timeout (in milliseconds) for each DNS query. |
- socketDNSServers | The addresses of DNS servers to use for address resolution, separated by commas or semicolons. |
- socketDNSTotalTimeout | The timeout (in milliseconds) for the whole resolution process. |
- socketIncomingSpeedLimit | The maximum number of bytes to read from the socket, per second. |
- socketLocalAddress | The local network interface to bind the socket to. |
- socketLocalPort | The local port number to bind the socket to. |
- socketOutgoingSpeedLimit | The maximum number of bytes to write to the socket, per second. |
- socketTimeout | The maximum period of waiting, in milliseconds, after which the socket operation is considered unsuccessful. |
- socketUseIPv6 | Enables or disables IP protocol version 6. |
- timestampServer | The address of the timestamping server. |
- TLSClientCertCount | The number of records in the TLSClientCert arrays. |
- TLSClientCertBytes:(int)tLSClientCertIndex | Returns raw certificate data in DER format. |
- TLSClientCertHandle:(int)tLSClientCertIndex | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
- TLSServerCertCount | The number of records in the TLSServerCert arrays. |
- TLSServerCertBytes:(int)tLSServerCertIndex | Returns raw certificate data in DER format. |
- TLSServerCertHandle:(int)tLSServerCertIndex | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
- TLSAutoValidateCertificates | Specifies whether server-side TLS certificates should be validated automatically using internal validation rules. |
- TLSBaseConfiguration | Selects the base configuration for the TLS settings. |
- TLSCiphersuites | A list of ciphersuites separated with commas or semicolons. |
- TLSECCurves | Defines the elliptic curves to enable. |
- TLSForceResumeIfDestinationChanges | Whether to force TLS session resumption when the destination address changes. |
- TLSPreSharedIdentity | Defines the identity used when the PSK (Pre-Shared Key) key-exchange mechanism is negotiated. |
- TLSPreSharedKey | Contains the pre-shared for the PSK (Pre-Shared Key) key-exchange mechanism, encoded with base16. |
- TLSPreSharedKeyCiphersuite | Defines the ciphersuite used for PSK (Pre-Shared Key) negotiation. |
- TLSRenegotiationAttackPreventionMode | Selects renegotiation attack prevention mechanism. |
- TLSRevocationCheck | Specifies the kind(s) of revocation check to perform. |
- TLSSSLOptions | Various SSL (TLS) protocol options, set of cssloExpectShutdownMessage 0x001 Wait for the close-notify message when shutting down the connection cssloOpenSSLDTLSWorkaround 0x002 (DEPRECATED) Use a DTLS version workaround when talking to very old OpenSSL versions cssloDisableKexLengthAlignment 0x004 Do not align the client-side PMS by the RSA modulus size. |
- TLSTLSMode | Specifies the TLS mode to use. |
- TLSUseExtendedMasterSecret | Enables Extended Master Secret Extension, as defined in RFC 7627. |
- TLSUseSessionResumption | Enables or disables TLS session resumption capability. |
- TLSVersions | Th SSL/TLS versions to enable by default. |
- unsignedAttributeCount | The number of records in the UnsignedAttribute arrays. |
- unsignedAttributeOID:(int)unsignedAttributeIndex | The object identifier of the attribute. |
- unsignedAttributeValue:(int)unsignedAttributeIndex | The value of the attribute. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
- config | Sets or retrieves a configuration setting. |
- countersign | Countersigns an existing signature. |
- extractAsyncData | Extracts user data from the DC signing service response. |
- sign | Signs the data. |
- signAsyncBegin | Initiates the asynchronous signing operation. |
- signAsyncEnd | Completes the asynchronous signing operation. |
- timestamp | Timestamps a signature. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
- onError | Information about errors during PKCS#7 message signing. |
- onExternalSign | Handles remote or external signing initiated by the SignExternal method or other source. |
- onNotification | This event notifies the application about an underlying control flow event. |
- onTLSCertValidate | This event is fired upon receipt of the TLS server's certificate, allowing the user to control its acceptance. |
Configuration Settings
The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.
ContentType | Content type of the message. |
TempPath | Path for storing temporary files. |
TLSChainValidationDetails | Contains the advanced details of the TLS server certificate validation. |
TLSChainValidationResult | Contains the result of the TLS server certificate validation. |
TLSClientAuthRequested | Indicates whether the TLS server requests client authentication. |
TLSValidationLog | Contains the log of the TLS server certificate validation. |
TspHashAlgorithm | Sets a specific hash algorithm for use with the timestamping service. |
TspReqPolicy | Sets a request policy ID to include in the timestamping request. |
UsePSS | Whether to use RSASSA-PSS algorithm. |
UseUndefSize | Allows or forbids the use of ASN.1 tags of undefined size. |
CheckKeyIntegrityBeforeUse | Enables or disable private key integrity check before use. |
CookieCaching | Specifies whether a cookie cache should be used for HTTP(S) transports. |
Cookies | Gets or sets local cookies for the class (supported for HTTPClient, RESTClient and SOAPClient only). |
DefDeriveKeyIterations | Specifies the default key derivation algorithm iteration count. |
EnableClientSideSSLFFDHE | Enables or disables finite field DHE key exchange support in TLS clients. |
GlobalCookies | Gets or sets global cookies for all the HTTP transports. |
HttpUserAgent | Specifies the user agent name to be used by all HTTP clients. |
LogDestination | Specifies the debug log destination. |
LogDetails | Specifies the debug log details to dump. |
LogFile | Specifies the debug log filename. |
LogFilters | Specifies the debug log filters. |
LogFlushMode | Specifies the log flush mode. |
LogLevel | Specifies the debug log level. |
LogMaxEventCount | Specifies the maximum number of events to cache before further action is taken. |
LogRotationMode | Specifies the log rotation mode. |
MaxASN1BufferLength | Specifies the maximal allowed length for ASN.1 primitive tag data. |
MaxASN1TreeDepth | Specifies the maximal depth for processed ASN.1 trees. |
OCSPHashAlgorithm | Specifies the hash algorithm to be used to identify certificates in OCSP requests. |
UseOwnDNSResolver | Specifies whether the client classes should use own DNS resolver. |
UseSharedSystemStorages | Specifies whether the validation engine should use a global per-process copy of the system certificate stores. |
UseSystemOAEPAndPSS | Enforces or disables the use of system-driven RSA OAEP and PSS computations. |
UseSystemRandom | Enables or disables the use of the OS PRNG. |