Sign Method
Signs the current message.
Syntax
int Sign();
Remarks
Sign digitally signs the input data with the the specified certificate(s). Certificates are specified by calling AddCertificate or setting the Certificates property.
OutputFormat specifies the encoding of the output message. Valid values are PEM, DER, and SMIME. IncludeCertificates specifies whether the public certificate is included in the signed message. Additional settings allow further configuration. The following properties are applicable when calling this method:
- Certificates (required)
- DetachedSignature
- EnableCompression
- GenerateSignatureTimestamp
- IncludeCertificates
- OutputFormat
- SignatureHashAlgorithm
- UsePSS
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found the search stops. The order in which the output properties are checked is as follows:
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
Sign and Verify a message
Cms cms = new Cms();
cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test.pfx", "password", "*"));
cms.InputMessage = "My Data";
cms.Sign();
string signedMessage = cms.OutputMessage;
cms = new Cms();
cms.InputMessage = signedMessage;
cms.VerifySignature();
string plaintextMessage = cms.OutputMessage;
Sign and Verify a message - DER Output Format
Cms cms = new Cms();
cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test.pfx", "password", "*"));
cms.InputMessage = "My Data";
cms.OutputFormat = "DER";
cms.Sign();
byte[] signedMessage = cms.OutputMessageB; //Binary output
cms = new Cms();
cms.InputMessageB = signedMessage;
cms.VerifySignature();
string plaintextMessage = cms.OutputMessage;
Sign and Verify a message - Detached Signature
Cms cms = new Cms();
cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test.pfx", "password", "*"));
cms.InputMessage = "My Data";
cms.DetachedSignature = true;
cms.Sign();
string signature = cms.OutputMessage;
cms = new Cms();
cms.InputMessage = "My Data";
cms.DetachedSignatureData = signature;
cms.DetachedSignature = true;
cms.VerifySignature();
Sign and Verify a message - Multiple Signatures
Cms cms = new Cms();
cms.InputMessage = "My Data";
cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test.pfx", "password", "*"));
cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test2.pfx", "password2", "*"));
cms.Sign();
string signedMessage = cms.OutputMessage;
cms = new Cms();
cms.InputMessage = signedMessage;
cms.VerifySignature();
string plaintextMessage = cms.OutputMessage;
Sign and Verify a message - No Included Certificate
Cms cms = new Cms();
cms.InputMessage = "My Data";
cms.Certificates.Add(new Certificate(CertStoreTypes.cstPFXFile, @"C:\temp\test.pfx", "password", "*"));
cms.IncludeCertificates = CmsIncludeCertificates.icsNone;
cms.Sign();
string signedMessage = cms.OutputMessage;
cms = new Cms();
cms.OnSignerCertInfo += (s, e) => {
Console.WriteLine(e.Issuer);
Console.WriteLine(e.SerialNumber);
if (e.Issuer == "CN=100") //Identify the certificate to load based on event params
{
//Load the correct signer certificate.
cms.SignerCerts.Add(new Certificate(CertStoreTypes.cstPublicKeyFile, @"C:\temp\test.cer", "", "*"));
}
};
cms.InputMessage = signedMessage;
cms.VerifySignature();
string plaintextMessage = cms.OutputMessage;
Error Handling
This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)