SignedData.Verify method

[The Verify method is available for use in the operating systems specified in the Requirements section. Instead, use the SignedCms Class in the System.Security.Cryptography.Pkcs namespace.]

The Verify method determines whether the signatures on signed data in the SignedData object are valid. To verify a signature, the encrypted hash of the contents is decrypted by using the signer's public key from the signer's certificate. The decrypted hash is compared to a new hash of the data content. A signature is valid if the hashes match. In addition, this method also builds a certificate chain to determine the validity of the certificate that provides the public key used to decrypt the hash.

Syntax


SignedData.Verify( _
  ByVal SignedMessage, _
  [ ByVal bDetached ], _
  [ ByVal VerifyFlag ] _
)

Parameters

SignedMessage [in]

A string that contains the signed message to be verified.

bDetached [in, optional]

If True, the data to be signed is detached; that is, the content that is signed is not included as part of the signed object. To verify the signature on detached content, an application must have a copy of the original content. Detached content is often used to decrease the size of a signed object to be sent across the web, if the recipient of the signed message has an original copy of the signed data. The default value is False.

VerifyFlag [in, optional]

A value of the CAPICOM_SIGNED_DATA_VERIFY_FLAG enumeration that indicates the verification policy. The default value is CAPICOM_VERIFY_SIGNATURE_AND_CERTIFICATE. Using this value, both the validity of the certificate and the validity of the signature are checked. This parameter may be set to verify the signature and not the certificate. This parameter can be one of the following values.

ValueMeaning
CAPICOM_VERIFY_SIGNATURE_ONLY

Only the signature is checked.

CAPICOM_VERIFY_SIGNATURE_AND_CERTIFICATE

Both the signature and the validity of the certificate used to create the signature are checked.

 

Return value

This method returns a string that contains the encoded, signed data.

If this method fails, an error will be thrown. The Err object will contain additional information about the error.

Requirements

Redistributable

CAPICOM 2.0 or later on Windows Server 2003 and Windows XP

DLL

Capicom.dll

See also

Cryptography Objects
SignedData

 

 

Show: