This topic has not yet been rated Rate this topic

SignedCms Class

.NET Framework 4

Other Versions

The SignedCms class enables signing and verifying of CMS/PKCS #7 messages.

Inheritance Hierarchy

System.Object
System.Security.Cryptography.Pkcs.SignedCms

Namespace: System.Security.Cryptography.Pkcs
Assembly: System.Security (in System.Security.dll)

Syntax

C++

Copy

[HostProtectionAttribute(SecurityAction.LinkDemand, MayLeakOnAbort = true)]
public sealed class SignedCms

The SignedCms type exposes the following members.

Constructors

	Name	Description
	SignedCms	The SignedCms constructor creates an instance of the SignedCms class.
	SignedCms(ContentInfo)	The SignedCms(ContentInfo) constructor creates an instance of the SignedCms class by using the specified content information as the inner content.
	SignedCms(SubjectIdentifierType)	The SignedCms(SubjectIdentifierType) constructor creates an instance of the SignedCms class by using the specified subject identifier type as the default subject identifier type for signers.
	SignedCms(ContentInfo, Boolean)	The SignedCms(ContentInfo, Boolean) constructor creates an instance of the SignedCms class by using the specified content information as the inner content and by using the detached state.
	SignedCms(SubjectIdentifierType, ContentInfo)	The SignedCms(SubjectIdentifierType, ContentInfo) constructor creates an instance of the SignedCms class by using the specified subject identifier type as the default subject identifier type for signers and content information as the inner content.
	SignedCms(SubjectIdentifierType, ContentInfo, Boolean)	The SignedCms(SubjectIdentifierType, ContentInfo, Boolean) constructor creates an instance of the SignedCms class by using the specified subject identifier type as the default subject identifier type for signers, the content information as the inner content, and by using the detached state.

Top

Properties

	Name	Description
	Certificates	The Certificates property retrieves the certificates associated with the encoded CMS/PKCS #7 message.
	ContentInfo	The ContentInfo property retrieves the inner contents of the encoded CMS/PKCS #7 message.
	Detached	The Detached property retrieves whether the SignedCms object is for a detached signature.
	SignerInfos	The SignerInfos property retrieves the SignerInfoCollection collection associated with the CMS/PKCS #7 message.
	Version	The Version property retrieves the version of the CMS/PKCS #7 message.

Top

Methods

	Name	Description
	CheckHash	The CheckHash method verifies the data integrity of the CMS/PKCS #7 message. CheckHash is a specialized method used in specific security infrastructure applications that only wish to check the hash of the CMS message, rather than perform a full digital signature verification. CheckHash does not authenticate the author nor sender of the message because this method does not involve verifying a digital signature. For general-purpose checking of the integrity and authenticity of a CMS/PKCS #7 message, use the CheckSignature(Boolean) or CheckSignature(X509Certificate2Collection, Boolean) methods.
	CheckSignature(Boolean)	The CheckSignature(Boolean) method verifies the digital signatures on the signed CMS/PKCS #7 message and, optionally, validates the signers' certificates.
	CheckSignature(X509Certificate2Collection, Boolean)	The CheckSignature(X509Certificate2Collection, Boolean) method verifies the digital signatures on the signed CMS/PKCS #7 message by using the specified collection of certificates and, optionally, validates the signers' certificates.
	ComputeSignature	The ComputeSignature method prompts the user to select a signing certificate, creates a signature, and adds the signature to the CMS/PKCS #7 message.
	ComputeSignature(CmsSigner)	The ComputeSignature(CmsSigner) method creates a signature using the specified signer and adds the signature to the CMS/PKCS #7 message.
	ComputeSignature(CmsSigner, Boolean)	Creates a signature using the specified signer and adds the signature to the CMS/PKCS #7 message. If the value of the silent parameter is false and the Certificate property of the CmsSigner object specified by the signer parameter is not set to a valid certificate, this method prompts the user to select a signing certificate.
	Decode	The Decode method decodes an encoded SignedCms message. Upon successful decoding, the decoded information can be retrieved from the properties of the SignedCms object.
	Encode	The Encode method encodes the information in the object into a CMS/PKCS #7 message.
	Equals(Object)	Determines whether the specified Object is equal to the current Object. (Inherited from Object.)
	Finalize	Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
	GetHashCode	Serves as a hash function for a particular type. (Inherited from Object.)
	GetType	Gets the Type of the current instance. (Inherited from Object.)
	MemberwiseClone	Creates a shallow copy of the current Object. (Inherited from Object.)
	RemoveSignature(Int32)	Removes the signature at the specified index of the SignerInfos collection.
	RemoveSignature(SignerInfo)	The RemoveSignature method removes the signature for the specified SignerInfo object.
	ToString	Returns a string that represents the current object. (Inherited from Object.)

Top

Remarks

The Cryptographic Message Syntax RFC specifies the following MIME types and file name extensions for CMS/PKCS #7 messages with these content types.

Content type	MIME type	Extension
envelopedData	application/pkcs7-mime	.p7m
signedData	application/pkcs7-signature	.p7s.p7c

Note
The HostProtectionAttribute attribute applied to this type or member has the following Resources property value: MayLeakOnAbort. The HostProtectionAttribute does not affect desktop applications (which are typically started by double-clicking an icon, typing a command, or entering a URL in a browser). For more information, see the HostProtectionAttribute class or SQL Server Programming and Host Protection Attributes.

Note

The HostProtectionAttribute attribute applied to this type or member has the following Resources property value: MayLeakOnAbort. The HostProtectionAttribute does not affect desktop applications (which are typically started by double-clicking an icon, typing a command, or entering a URL in a browser). For more information, see the HostProtectionAttribute class or SQL Server Programming and Host Protection Attributes.

Version Information

.NET Framework

Supported in: 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Platforms

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Reference

System.Security.Cryptography.Pkcs Namespace

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(2000 characters remaining)

Community Content Add

FAQ

How to create only PKCS#7 rather than a CMS?

Hi,

In the above document PKCS#7 and CMS is used interchangeably. I know that there are some minor differences between PKCS#7 and CMS and for that reason I might have to create a pure PKCS#7 rather a CMS. I couldn't figure out how to create one using SignedCms, couldn't find the param for any function for that. Reason is that there could be clients who can only parse PKCS#7 so using SignedCms will break their code as SignedCms is churning out CMS and not a PKCS#7.

Is it possible to create PKCS#7 using SignedCms or I have to rely on other 3rd party crypto toolkits lik Bouncy Castle?

History

11/24/2011
WahajK