Sign Method
Signs the current message.
procedure Sign();
Remarks
Sign digitally signs the input data with the the specified certificate(s). Certificates are specified by calling AddCertificate or setting the Certificates property.
OutputFormat specifies the encoding of the output message. Valid values are PEM, DER, and SMIME. IncludeCertificates specifies whether the public certificate is included in the signed message. Additional settings allow further configuration. The following properties are applicable when calling this method:
- Certificates (required)
- DetachedSignature
- EnableCompression
- GenerateSignatureTimestamp
- IncludeCertificates
- OutputFormat
- SignatureHashAlgorithm
- UsePSS
Input and Output Properties
The component will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found the search stops. The order in which the output properties are checked is as follows:
- SetOutputStream
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
When using streams you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.
Sign and Verify a message
Cms cms = new Cms();cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test.pfx", "password", "*"));cms.InputMessage = "My Data";cms.Sign();string signedMessage = cms.OutputMessage;cms = new Cms();cms.InputMessage = signedMessage;cms.VerifySignature();string plaintextMessage = cms.OutputMessage;Cms cms = new Cms();cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test.pfx", "password", "*"));cms.InputMessage = "My Data";cms.OutputFormat = "DER";cms.Sign();byte[] signedMessage = cms.OutputMessageB; //Binary outputcms = new Cms();cms.InputMessageB = signedMessage;cms.VerifySignature();string plaintextMessage = cms.OutputMessage;Cms cms = new Cms();cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test.pfx", "password", "*"));cms.InputMessage = "My Data";cms.DetachedSignature = true;cms.Sign();string signature = cms.OutputMessage;cms = new Cms();cms.InputMessage = "My Data";cms.DetachedSignatureData = signature;cms.DetachedSignature = true;cms.VerifySignature();Cms cms = new Cms();cms.InputMessage = "My Data";cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test.pfx", "password", "*"));cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test2.pfx", "password2", "*"));cms.Sign();string signedMessage = cms.OutputMessage;cms = new Cms();cms.InputMessage = signedMessage;cms.VerifySignature();string plaintextMessage = cms.OutputMessage;Cms cms = new Cms();cms.InputMessage = "My Data";cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test.pfx", "password", "*"));cms.IncludeCertificates = CmsIncludeCertificates.icsNone;cms.Sign();string signedMessage = cms.OutputMessage;cms = new Cms();cms.OnSignerCertInfo += (s, e) => { Console.WriteLine(e.Issuer); Console.WriteLine(e.SerialNumber); if (e.Issuer == "CN=100") //Identify the certificate to load based on event params { //Load the correct signer certificate. cms.SignerCerts.Add(new Certificate(CertStoreTypes.cstPublicKeyFile, @"C:\temp\test.cer", "", "*")); }};cms.InputMessage = signedMessage;cms.VerifySignature();string plaintextMessage = cms.OutputMessage;