DSA Control

Properties   Methods   Events   Config Settings   Errors  

The DSA (Digital Signature Algorithm) control enables users to generate DSA hash signatures.

Syntax

DSA

Remarks

The DSA (Digital Signature Algorithm) control enables users to generate DSA hash signatures.

To begin you must either specify an existing key or create a new key. Existing private keys may be specified by setting Key. To create a new key call CreateKey. Alternatively an existing certificate may be specified by setting Certificate

Signing

To sign data first set Key or Certificate. Select the input file by setting InputFile or InputMessage. Next call Sign. The Sign method will automatically compute the hash, and then sign the hash with the specified key.

Send the public key (see CreateKey for details), file, and HashSignature to the recipient.

To sign a hash without recomputing the hash simply set HashValue to the pre-computed hash value before calling Sign.

Signature Verification

To verify a signature specify the input data using InputFile or InputMessage. Set SignerKey or SignerCert. Next set HashSignature and call VerifySignature. The VerifySignature method will return True if the signature was successfully verified.

To verify a hash signature without recomputing the hash simply set HashValue to the pre-computed hash value before calling VerifySignature.

Hash Notes

The control will determine whether or not to recompute the hash based on the properties that are set. If a file is specified by InputFile or InputMessage, the hash will be recomputed when calling Sign or VerifySignature. If the HashValue property is set, the control will only sign the hash or verify the hash signature. Setting InputFile or InputMessage clears the HashValue property. Setting the HashValue property clears the input file selection.

DSA Key Notes

A DSA key is made up of a number of individual parameters. When calling CreateKey the Key property is populated with a new private and public key.

After calling Sign the public key must be sent to the recipient along with HashSignature so they may perform signature verification. Likewise you must obtain the public key along with HashSignature in order to perform signature verification.

The public key consists of the following parameters:

• KeyP
• KeyQ
• KeyG
• KeyY

The control also includes the KeyPublicKey property which holds the PEM formatted public key for ease of use. This is helpful if you are in control of both signature creation and verification process. When sending the public key to a recipient note that not all implementations will support using the PEM formatted value in KeyPublicKey in which case the individual parameters must be sent.

The private key consists of the following parameters:

• KeyP
• KeyQ
• KeyG
• KeyY
• KeyX

The control also include the KeyPrivateKey property which holds the PEM formatted private key for ease of use. This is helpful for storing the private key more easily..

Property List

---

The following is the full list of the properties of the control with short descriptions. Click on the links for further details.

Method List

---

The following is the full list of the methods of the control with short descriptions. Click on the links for further details.

Event List

---

The following is the full list of the events fired by the control with short descriptions. Click on the links for further details.

Config Settings

---

The following is a list of config settings for the control with short descriptions. Click on the links for further details.

CertEffectiveDate Property (DSA Control)

The date on which this certificate becomes valid.

Syntax

dsacontrol.CertEffectiveDate

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

Data Type

String

CertExpirationDate Property (DSA Control)

The date on which the certificate expires.

Syntax

dsacontrol.CertExpirationDate

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

Data Type

String

CertExtendedKeyUsage Property (DSA Control)

A comma-delimited list of extended key usage identifiers.

Syntax

dsacontrol.CertExtendedKeyUsage

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

Data Type

String

CertFingerprint Property (DSA Control)

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

dsacontrol.CertFingerprint

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

Data Type

String

CertFingerprintSHA1 Property (DSA Control)

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

dsacontrol.CertFingerprintSHA1

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

Data Type

String

CertFingerprintSHA256 Property (DSA Control)

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

dsacontrol.CertFingerprintSHA256

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

Data Type

String

CertIssuer Property (DSA Control)

The issuer of the certificate.

Syntax

dsacontrol.CertIssuer

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

Data Type

String

CertPrivateKey Property (DSA Control)

The private key of the certificate (if available).

Syntax

dsacontrol.CertPrivateKey

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The CertPrivateKey may be available but not exportable. In this case, CertPrivateKey returns an empty string.

This property is read-only.

Data Type

String

CertPrivateKeyAvailable Property (DSA Control)

Whether a PrivateKey is available for the selected certificate.

Syntax

dsacontrol.CertPrivateKeyAvailable

Default Value

False

Remarks

Whether a CertPrivateKey is available for the selected certificate. If CertPrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

Data Type

Boolean

CertPrivateKeyContainer Property (DSA Control)

The name of the PrivateKey container for the certificate (if available).

Syntax

dsacontrol.CertPrivateKeyContainer

Default Value

""

Remarks

The name of the CertPrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

Data Type

String

CertPublicKey Property (DSA Control)

The public key of the certificate.

Syntax

dsacontrol.CertPublicKey

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

Data Type

String

CertPublicKeyAlgorithm Property (DSA Control)

The textual description of the certificate's public key algorithm.

Syntax

dsacontrol.CertPublicKeyAlgorithm

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

Data Type

String

CertPublicKeyLength Property (DSA Control)

The length of the certificate's public key (in bits).

Syntax

dsacontrol.CertPublicKeyLength

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

Data Type

Integer

CertSerialNumber Property (DSA Control)

The serial number of the certificate encoded as a string.

Syntax

dsacontrol.CertSerialNumber

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

Data Type

String

CertSignatureAlgorithm Property (DSA Control)

The text description of the certificate's signature algorithm.

Syntax

dsacontrol.CertSignatureAlgorithm

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

Data Type

String

CertStore Property (DSA Control)

The name of the certificate store for the client certificate.

Syntax

dsacontrol.CertStore[=string]

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The CertStoreType property denotes the type of the certificate store specified by CertStore. If the store is password-protected, specify the password in CertStorePassword.

CertStore is used in conjunction with the CertSubject property to specify client certificates. If CertStore has a value, and CertSubject or CertEncoded is set, a search for a certificate is initiated. Please see the CertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

To read or write binary data to the property, a Variant (Byte Array) version is provided in .CertStoreB.

Data Type

Binary String

CertStorePassword Property (DSA Control)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

dsacontrol.CertStorePassword[=string]

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Data Type

String

CertStoreType Property (DSA Control)

The type of certificate store for this certificate.

Syntax

dsacontrol.CertStoreType[=integer]

Possible Values

cstUser(0), 
cstMachine(1), 
cstPFXFile(2), 
cstPFXBlob(3), 
cstJKSFile(4), 
cstJKSBlob(5), 
cstPEMKeyFile(6), 
cstPEMKeyBlob(7), 
cstPublicKeyFile(8), 
cstPublicKeyBlob(9), 
cstSSHPublicKeyBlob(10), 
cstP7BFile(11), 
cstP7BBlob(12), 
cstSSHPublicKeyFile(13), 
cstPPKFile(14), 
cstPPKBlob(15), 
cstXMLFile(16), 
cstXMLBlob(17), 
cstJWKFile(18), 
cstJWKBlob(19), 
cstSecurityKey(20), 
cstBCFKSFile(21), 
cstBCFKSBlob(22), 
cstPKCS11(23), 
cstAuto(99)

Default Value

0

Remarks

The type of certificate store for this certificate.

The control supports both public and private keys in a variety of formats. When the cstAuto value is used, the control will automatically determine the type. This property can take one of the following values:

Data Type

Integer

CertSubjectAltNames Property (DSA Control)

Comma-separated lists of alternative subject names for the certificate.

Syntax

dsacontrol.CertSubjectAltNames

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

Data Type

String

CertThumbprintMD5 Property (DSA Control)

The MD5 hash of the certificate.

Syntax

dsacontrol.CertThumbprintMD5

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

CertThumbprintSHA1 Property (DSA Control)

The SHA-1 hash of the certificate.

Syntax

dsacontrol.CertThumbprintSHA1

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

CertThumbprintSHA256 Property (DSA Control)

The SHA-256 hash of the certificate.

Syntax

dsacontrol.CertThumbprintSHA256

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

CertUsage Property (DSA Control)

The text description of UsageFlags .

Syntax

dsacontrol.CertUsage

Default Value

""

Remarks

The text description of CertUsageFlags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

Data Type

String

CertUsageFlags Property (DSA Control)

The flags that show intended use for the certificate.

Syntax

dsacontrol.CertUsageFlags

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of CertUsageFlags is a combination of the following flags:

Please see the CertUsage property for a text representation of CertUsageFlags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

Data Type

Integer

CertVersion Property (DSA Control)

The certificate's version number.

Syntax

dsacontrol.CertVersion

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

Data Type

String

CertSubject Property (DSA Control)

The subject of the certificate used for client authentication.

Syntax

dsacontrol.CertSubject[=string]

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

Data Type

String

CertEncoded Property (DSA Control)

The certificate (PEM/Base64 encoded).

Syntax

dsacontrol.CertEncoded[=string]

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The CertStore and CertSubject properties also may be used to specify a certificate.

When CertEncoded is set, a search is initiated in the current CertStore for the private key of the certificate. If the key is found, CertSubject is updated to reflect the full subject of the selected certificate; otherwise, CertSubject is set to an empty string.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .CertEncodedB.

This property is not available at design time.

Data Type

Binary String

HashAlgorithm Property (DSA Control)

The hash algorithm used for hash computation.

Syntax

dsacontrol.HashAlgorithm[=integer]

Possible Values

dhaSHA1(0), 
dhaSHA224(1), 
dhaSHA256(2), 
dhaSHA384(3), 
dhaSHA512(4), 
dhaRIPEMD160(5)

Default Value

2

Remarks

This property specifies the hash algorithm used for hash computation. This is only applicable when calling Sign or VerifySignature and HashValue is computed. Possible values are:

Data Type

Integer

HashSignature Property (DSA Control)

The hash signature.

Syntax

dsacontrol.HashSignature[=string]

Default Value

""

Remarks

This property holds the computed hash signature. This is populated after calling Sign. This must be set before calling VerifySignature.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .HashSignatureB.

Data Type

Binary String

HashValue Property (DSA Control)

The hash value of the data.

Syntax

dsacontrol.HashValue[=string]

Default Value

""

Remarks

This property holds the computed hash value for the specified data. This is populated when calling Sign or VerifySignature when an input file is specified by setting InputFile or InputMessage.

If you know the hash value prior to using the control you may specify the pre-computed hash value here.

Hash Notes

The control will determine whether or not to recompute the hash based on the properties that are set. If a file is specified by InputFile or InputMessage, the hash will be recomputed when calling Sign or VerifySignature. If the HashValue property is set, the control will only sign the hash or verify the hash signature. Setting InputFile or InputMessage clears the HashValue property. Setting the HashValue property clears the input file selection.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .HashValueB.

Data Type

Binary String

InputFile Property (DSA Control)

The file to process.

Syntax

dsacontrol.InputFile[=string]

Default Value

""

Remarks

This property specifies the file to be processed. Set this property to the full or relative path to the file which will be processed.

Input and Output Properties

The control will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

• InputFile
• InputMessage

When a valid source is found, the search stops. The order in which the output properties are checked is as follows:

• OutputFile
• OutputMessage: The output data is written to this property if no other destination is specified.

Data Type

String

InputMessage Property (DSA Control)

The message to process.

Syntax

dsacontrol.InputMessage[=string]

Default Value

""

Remarks

This property specifies the message to be processed.

Input and Output Properties

The control will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

• InputFile
• InputMessage

When a valid source is found, the search stops. The order in which the output properties are checked is as follows:

• OutputFile
• OutputMessage: The output data is written to this property if no other destination is specified.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .InputMessageB.

Data Type

Binary String

KeyG Property (DSA Control)

Represents the G parameter for the DSA algorithm.

Syntax

dsacontrol.KeyG[=string]

Default Value

""

Remarks

Represents the G parameter for the DSA algorithm.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .KeyGB.

Data Type

Binary String

KeyP Property (DSA Control)

Represents the P parameter for the DSA algorithm.

Syntax

dsacontrol.KeyP[=string]

Default Value

""

Remarks

Represents the P parameter for the DSA algorithm.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .KeyPB.

Data Type

Binary String

KeyPrivateKey Property (DSA Control)

This property is a PEM formatted private key.

Syntax

dsacontrol.KeyPrivateKey[=string]

Default Value

""

Remarks

This property is a PEM formatted private key. The purpose of this property is to allow easier management of the private key parameters by using only a single value.

Data Type

String

KeyPublicKey Property (DSA Control)

This property is a PEM formatted public key.

Syntax

dsacontrol.KeyPublicKey[=string]

Default Value

""

Remarks

This property is a PEM formatted public key. The purpose of this property is to allow easier management of the public key parameters by using only a single value.

Data Type

String

KeyQ Property (DSA Control)

Represents the Q parameter for the DSA algorithm.

Syntax

dsacontrol.KeyQ[=string]

Default Value

""

Remarks

Represents the Q parameter for the DSA algorithm.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .KeyQB.

Data Type

Binary String

KeyX Property (DSA Control)

Represents the X parameter for the DSA algorithm.

Syntax

dsacontrol.KeyX[=string]

Default Value

""

Remarks

Represents the X parameter for the DSA algorithm.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .KeyXB.

Data Type

Binary String

KeyY Property (DSA Control)

Represents the Y parameter for the DSA algorithm.

Syntax

dsacontrol.KeyY[=string]

Default Value

""

Remarks

Represents the Y parameter for the DSA algorithm.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .KeyYB.

Data Type

Binary String

SignerCertEffectiveDate Property (DSA Control)

The date on which this certificate becomes valid.

Syntax

dsacontrol.SignerCertEffectiveDate

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

Data Type

String

SignerCertExpirationDate Property (DSA Control)

The date on which the certificate expires.

Syntax

dsacontrol.SignerCertExpirationDate

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

Data Type

String

SignerCertExtendedKeyUsage Property (DSA Control)

A comma-delimited list of extended key usage identifiers.

Syntax

dsacontrol.SignerCertExtendedKeyUsage

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

Data Type

String

SignerCertFingerprint Property (DSA Control)

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

dsacontrol.SignerCertFingerprint

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

Data Type

String

SignerCertFingerprintSHA1 Property (DSA Control)

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

dsacontrol.SignerCertFingerprintSHA1

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

Data Type

String

SignerCertFingerprintSHA256 Property (DSA Control)

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

dsacontrol.SignerCertFingerprintSHA256

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

Data Type

String

SignerCertIssuer Property (DSA Control)

The issuer of the certificate.

Syntax

dsacontrol.SignerCertIssuer

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

Data Type

String

SignerCertPrivateKey Property (DSA Control)

The private key of the certificate (if available).

Syntax

dsacontrol.SignerCertPrivateKey

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The SignerCertPrivateKey may be available but not exportable. In this case, SignerCertPrivateKey returns an empty string.

This property is read-only.

Data Type

String

SignerCertPrivateKeyAvailable Property (DSA Control)

Whether a PrivateKey is available for the selected certificate.

Syntax

dsacontrol.SignerCertPrivateKeyAvailable

Default Value

False

Remarks

Whether a SignerCertPrivateKey is available for the selected certificate. If SignerCertPrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

Data Type

Boolean

SignerCertPrivateKeyContainer Property (DSA Control)

The name of the PrivateKey container for the certificate (if available).

Syntax

dsacontrol.SignerCertPrivateKeyContainer

Default Value

""

Remarks

The name of the SignerCertPrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

Data Type

String

SignerCertPublicKey Property (DSA Control)

The public key of the certificate.

Syntax

dsacontrol.SignerCertPublicKey

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

Data Type

String

SignerCertPublicKeyAlgorithm Property (DSA Control)

The textual description of the certificate's public key algorithm.

Syntax

dsacontrol.SignerCertPublicKeyAlgorithm

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

Data Type

String

SignerCertPublicKeyLength Property (DSA Control)

The length of the certificate's public key (in bits).

Syntax

dsacontrol.SignerCertPublicKeyLength

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

Data Type

Integer

SignerCertSerialNumber Property (DSA Control)

The serial number of the certificate encoded as a string.

Syntax

dsacontrol.SignerCertSerialNumber

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

Data Type

String

SignerCertSignatureAlgorithm Property (DSA Control)

The text description of the certificate's signature algorithm.

Syntax

dsacontrol.SignerCertSignatureAlgorithm

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

Data Type

String

SignerCertStore Property (DSA Control)

The name of the certificate store for the client certificate.

Syntax

dsacontrol.SignerCertStore[=string]

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The SignerCertStoreType property denotes the type of the certificate store specified by SignerCertStore. If the store is password-protected, specify the password in SignerCertStorePassword.

SignerCertStore is used in conjunction with the SignerCertSubject property to specify client certificates. If SignerCertStore has a value, and SignerCertSubject or SignerCertEncoded is set, a search for a certificate is initiated. Please see the SignerCertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SignerCertStoreB.

Data Type

Binary String

SignerCertStorePassword Property (DSA Control)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

dsacontrol.SignerCertStorePassword[=string]

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Data Type

String

SignerCertStoreType Property (DSA Control)

The type of certificate store for this certificate.

Syntax

dsacontrol.SignerCertStoreType[=integer]

Possible Values

cstUser(0), 
cstMachine(1), 
cstPFXFile(2), 
cstPFXBlob(3), 
cstJKSFile(4), 
cstJKSBlob(5), 
cstPEMKeyFile(6), 
cstPEMKeyBlob(7), 
cstPublicKeyFile(8), 
cstPublicKeyBlob(9), 
cstSSHPublicKeyBlob(10), 
cstP7BFile(11), 
cstP7BBlob(12), 
cstSSHPublicKeyFile(13), 
cstPPKFile(14), 
cstPPKBlob(15), 
cstXMLFile(16), 
cstXMLBlob(17), 
cstJWKFile(18), 
cstJWKBlob(19), 
cstSecurityKey(20), 
cstBCFKSFile(21), 
cstBCFKSBlob(22), 
cstPKCS11(23), 
cstAuto(99)

Default Value

0

Remarks

The type of certificate store for this certificate.

The control supports both public and private keys in a variety of formats. When the cstAuto value is used, the control will automatically determine the type. This property can take one of the following values:

Data Type

Integer

SignerCertSubjectAltNames Property (DSA Control)

Comma-separated lists of alternative subject names for the certificate.

Syntax

dsacontrol.SignerCertSubjectAltNames

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

Data Type

String

SignerCertThumbprintMD5 Property (DSA Control)

The MD5 hash of the certificate.

Syntax

dsacontrol.SignerCertThumbprintMD5

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SignerCertThumbprintSHA1 Property (DSA Control)

The SHA-1 hash of the certificate.

Syntax

dsacontrol.SignerCertThumbprintSHA1

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SignerCertThumbprintSHA256 Property (DSA Control)

The SHA-256 hash of the certificate.

Syntax

dsacontrol.SignerCertThumbprintSHA256

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SignerCertUsage Property (DSA Control)

The text description of UsageFlags .

Syntax

dsacontrol.SignerCertUsage

Default Value

""

Remarks

The text description of SignerCertUsageFlags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

Data Type

String

SignerCertUsageFlags Property (DSA Control)

The flags that show intended use for the certificate.

Syntax

dsacontrol.SignerCertUsageFlags

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of SignerCertUsageFlags is a combination of the following flags:

Please see the SignerCertUsage property for a text representation of SignerCertUsageFlags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

Data Type

Integer

SignerCertVersion Property (DSA Control)

The certificate's version number.

Syntax

dsacontrol.SignerCertVersion

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

Data Type

String

SignerCertSubject Property (DSA Control)

The subject of the certificate used for client authentication.

Syntax

dsacontrol.SignerCertSubject[=string]

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

Data Type

String

SignerCertEncoded Property (DSA Control)

The certificate (PEM/Base64 encoded).

Syntax

dsacontrol.SignerCertEncoded[=string]

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The SignerCertStore and SignerCertSubject properties also may be used to specify a certificate.

When SignerCertEncoded is set, a search is initiated in the current SignerCertStore for the private key of the certificate. If the key is found, SignerCertSubject is updated to reflect the full subject of the selected certificate; otherwise, SignerCertSubject is set to an empty string.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SignerCertEncodedB.

This property is not available at design time.

Data Type

Binary String

SignerKeyG Property (DSA Control)

Represents the G parameter for the DSA algorithm.

Syntax

dsacontrol.SignerKeyG[=string]

Default Value

""

Remarks

Represents the G parameter for the DSA algorithm.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SignerKeyGB.

Data Type

Binary String

SignerKeyP Property (DSA Control)

Represents the P parameter for the DSA algorithm.

Syntax

dsacontrol.SignerKeyP[=string]

Default Value

""

Remarks

Represents the P parameter for the DSA algorithm.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SignerKeyPB.

Data Type

Binary String

SignerKeyPublicKey Property (DSA Control)

This property is a PEM formatted public key.

Syntax

dsacontrol.SignerKeyPublicKey[=string]

Default Value

""

Remarks

This property is a PEM formatted public key. The purpose of this property is to allow easier management of the public key parameters by using only a single value.

Data Type

String

SignerKeyQ Property (DSA Control)

Represents the Q parameter for the DSA algorithm.

Syntax

dsacontrol.SignerKeyQ[=string]

Default Value

""

Remarks

Represents the Q parameter for the DSA algorithm.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SignerKeyQB.

Data Type

Binary String

SignerKeyY Property (DSA Control)

Represents the Y parameter for the DSA algorithm.

Syntax

dsacontrol.SignerKeyY[=string]

Default Value

""

Remarks

Represents the Y parameter for the DSA algorithm.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SignerKeyYB.

Data Type

Binary String

UseHex Property (DSA Control)

Whether HashValue and HashSignature are hex encoded.

Syntax

dsacontrol.UseHex[=boolean]

Default Value

False

Remarks

This property specifies whether HashValue and HashSignature are hex encoded.

If set to True, when Sign is called the control will compute the hash for the specified file and populate HashValue with the hex encoded hash value. It will then create the hash signature and populate HashSignature with the hex encoded hash signature value. If HashValue is specified directly, it must be a hex encoded value.

If set to True, when VerifySignature is called the control will compute the hash value for the specified file and populate HashValue with the hex encoded hash value. It will then hex decode HashSignature and verify the signature. HashSignature must hold a hex encoded value. If HashValue is specified directly, it must be a hex encoded value.

Data Type

Boolean

Config Method (DSA Control)

Sets or retrieves a configuration setting.

Syntax

dsacontrol.Config ConfigurationString

Remarks

Config is a generic method available in every control. It is used to set and retrieve configuration settings for the control.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the control, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

CreateKey Method (DSA Control)

Creates a new key.

Syntax

dsacontrol.CreateKey 

Remarks

This method creates a new public and private key.

DSA Key Notes

A DSA key is made up of a number of individual parameters. When calling CreateKey the Key property is populated with a new private and public key.

After calling Sign the public key must be sent to the recipient along with HashSignature so they may perform signature verification. Likewise you must obtain the public key along with HashSignature in order to perform signature verification.

The public key consists of the following parameters:

• KeyP
• KeyQ
• KeyG
• KeyY

The control also includes the KeyPublicKey property which holds the PEM formatted public key for ease of use. This is helpful if you are in control of both signature creation and verification process. When sending the public key to a recipient note that not all implementations will support using the PEM formatted value in KeyPublicKey in which case the individual parameters must be sent.

The private key consists of the following parameters:

• KeyP
• KeyQ
• KeyG
• KeyY
• KeyX

The control also include the KeyPrivateKey property which holds the PEM formatted private key for ease of use. This is helpful for storing the private key more easily.

Reset Method (DSA Control)

Resets the control.

Syntax

dsacontrol.Reset 

Remarks

When called, the control will reset all of its properties to their default values.

Sign Method (DSA Control)

Creates a hash signature.

Syntax

dsacontrol.Sign 

Remarks

This method will create a hash signature.

Before calling this method specify the input file by setting InputFile or InputMessage.

A key is required to create the hash signature. You may create a new key by calling CreateKey, or specify an existing key pair in Key. Alternatively, a certificate may be specified by setting Certificate. When this method is called the control will compute the hash for the specified file and populate HashValue. It will then create the hash signature using the specified Key and populate HashSignature.

To create the hash signature without first computing the hash simply specify HashValue before calling this method.

The Progress event will fire with updates for the hash computation progress only. The hash signature creation process is quick and does not require progress updates.

VerifySignature Method (DSA Control)

Verifies the signature for the specified data.

Syntax

dsacontrol.VerifySignature 

Remarks

This method will verify a hash signature.

Before calling this method specify the input file by setting InputFile or InputMessage.

A public key and the hash signature are required to perform the signature verification. Specify the public key in SignerKey. Alternatively, a certificate may be specified by setting SignerCert. Specify the hash signature in HashSignature.

When this method is called the control will compute the hash for the specified file and populate HashValue. It will verify the signature using the specified SignerKey and HashSignature.

To verify the hash signature without first computing the hash simply specify HashValue before calling this method.

The Progress event will fire with updates for the hash computation progress only. The hash signature verification process is quick and does not require progress updates.

Error Event (DSA Control)

Fired when information is available about errors during data delivery.

Syntax

Sub dsacontrol_Error(ErrorCode As Integer, Description As String)

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the control fails with an error.

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

Progress Event (DSA Control)

Fired as progress is made.

Syntax

Sub dsacontrol_Progress(BytesProcessed As Long64, PercentProcessed As Integer)

Remarks

This event is fired automatically as data is processed by the control.

The PercentProcessed parameter indicates the current status of the operation.

The BytesProcessed parameter holds the total number of bytes processed so far.

Config Settings (DSA Control)

The control accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the control, access to these internal properties is provided through the Config method.

DSA Config Settings

Base Config Settings

Trappable Errors (DSA Control)

DSA Errors