SignedCms.CheckSignature Method (Boolean) (System.Security.Cryptography.Pkcs)

Microsoft Developer Network

CheckSignature Method (Boolean)

.NET Framework Class Library

SignedCms..::.CheckSignature Method (Boolean)

The CheckSignature(Boolean) method verifies the digital signatures on the signed CMS/PKCS #7 message and, optionally, validates the signers' certificates.

Namespace: System.Security.Cryptography.Pkcs
Assembly: System.Security (in System.Security.dll)

Syntax

Visual Basic (Declaration)

Public Sub CheckSignature ( _
    verifySignatureOnly As Boolean _
)

Visual Basic (Usage)

Dim instance As SignedCms
Dim verifySignatureOnly As Boolean

instance.CheckSignature(verifySignatureOnly)

public void CheckSignature(
    bool verifySignatureOnly
)

Visual C++

public:
void CheckSignature(
    bool verifySignatureOnly
)

JScript

public function CheckSignature(
    verifySignatureOnly : boolean
)

Parameters

verifySignatureOnly: Type: System..::.Boolean
A Boolean value that specifies whether only the digital signatures are verified without the signers' certificates being validated.
If verifySignatureOnly is true, only the digital signatures are verified. If it is false, the digital signatures are verified, the signers' certificates are validated, and the purposes of the certificates are validated. The purposes of a certificate are considered valid if the certificate has no key usage or if the key usage supports digital signatures or nonrepudiation.

Exceptions

Exception	Condition
ArgumentNullException	A null reference was passed to a method that does not accept it as a valid argument.
CryptographicException	A cryptographic operation could not be completed.
InvalidOperationException	A method call was invalid for the object's current state.

Remarks

This method verifies all signatures, including countersignatures, on the CMS/PKCS #7 message. If there are signed attributes included with the message, these attributes are also verified. If the option is chosen to validate certificates, the entire included portion of the certificate chain is validated.

This method throws an exception if the verification of a digital signature fails or any validation requirements are not met.

Examples

The following example shows the placement of CheckSignature(Boolean) among the steps necessary to verify the signatures on a SignedCms message. In this example, the message content is not detached. The message content is included in the SignedCms message.

Visual Basic

' Create a new, nondetached SignedCms message.
Dim signedCms As New SignedCms()

' encodedMessage is the encoded message received from 
' the sender.
signedCms.Decode(encodedMessage)

' Verify the signature without validating the 
' certificate.
signedCms.CheckSignature(True)

// Create a new, nondetached SignedCms message.
SignedCms signedCms = new SignedCms();

// encodedMessage is the encoded message received from 
// the sender.
signedCms.Decode(encodedMessage);

// Verify the signature without validating the 
// certificate.
signedCms.CheckSignature(true);

The following example shows the placement of CheckSignature(Boolean) among the steps necessary to verify the signatures on a SignedCms message. In this example, the message content is detached, so the message content must verified independently of the SignedCms message.

Visual Basic

' Create a ContentInfo object from the inner content obtained 
' independently from encodedMessage.
Dim contentInfo As New ContentInfo(innerContent)

' Create a new, detached SignedCms message.
Dim signedCms As New SignedCms(contentInfo, True)

' encodedMessage is the encoded message received from 
' the sender.
signedCms.Decode(encodedMessage)

' Verify the signature without validating the 
' certificate.
signedCms.CheckSignature(True)

// Create a ContentInfo object from the inner content obtained 
// independently from encodedMessage.
ContentInfo contentInfo = new ContentInfo(innerContent);

// Create a new, detached SignedCms message.
SignedCms signedCms = new SignedCms(contentInfo, true);

// encodedMessage is the encoded message received from 
// the sender.
signedCms.Decode(encodedMessage);

// Verify the signature without validating the 
// certificate.
signedCms.CheckSignature(true);

Platforms

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Version Information

.NET Framework

Supported in: 3.5, 3.0, 2.0

Reference

SignedCms Class

SignedCms Members

CheckSignature Overload

System.Security.Cryptography.Pkcs Namespace