This documentation is archived and is not being maintained.

SignatureVerificationResult Enumeration

Specifies most of the result codes for signature verification.

Namespace:  System.Security.Cryptography
Assembly:  System.Core (in System.Core.dll)

public enum class SignatureVerificationResult

Member nameDescription
ValidThe certificate verification result is valid.
AssemblyIdentityMismatchThe identity of the assembly specified in the /asm:assembly/asm:assemblyIdentity node of the manifest does not match the identity of the assembly in the Authenticode signature in the /asm:assembly/ds:signature/ds:KeyInfo/msrel:RelData/r:license/r:grant/as:ManifestInformation/as:assemblyIdentity node.
ContainingSignatureInvalidThe strong name signature does not verify in the AuthenticodeSignatureInformation object. Because the strong name signature wraps the Authenticode signature, someone could replace the Authenticode signature with a signature of their choosing. To prevent this, this error code is returned if the strong name does not verify because substituting a part of the strong name signature will invalidate it.
PublicKeyTokenMismatchThe public key token from the manifest identity in the /asm:assembly/asm:AssemblyIdentity node does not match the public key token of the key that is used to sign the manifest.
PublisherMismatchThe publisher name from /asm:assembly/asmv2:publisherIdentity does not match the subject name of the signing certificate, or the issuer key hash from the same publisherIdentity node does not match the key hash of the signing certificate.
SystemErrorA system-level error occurred while verifying trust.
InvalidSignerCertificateThe certificate for the signer of the message is invalid or not found.
InvalidCountersignatureOne of the counter signatures is invalid.
InvalidCertificateSignatureThe signature of the certificate cannot be verified.
InvalidTimestampThe time stamp signature or certificate could not be verified or is malformed.
BadDigestThe digital signature of the object did not verify.
BasicConstraintsNotObservedThe basic constraint extension of a certificate has not been observed.
UnknownTrustProviderThe certificate has an unknown trust provider.
UnknownVerificationActionThe certificate has an unknown verification action.
BadSignatureFormatThe signature format is invalid.
CertificateNotExplicitlyTrustedThe certificate is not trusted explicitly.
MissingSignatureThe signature is missing.
CertificateExpiredThe certificate has expired.
InvalidTimePeriodNestingA certificate was issued after the issuing certificate has expired.
InvalidCertificateRoleThe certificate has an invalid role.
PathLengthConstraintViolatedA path length constraint in the certification chain has been violated.
UnknownCriticalExtensionA certificate contains an unknown extension that is marked critical.
CertificateUsageNotAllowedThe certificate cannot be used for signing and verification.
IssuerChainingErrorA parent of a given certificate did not issue that child certificate.
CertificateMalformedThe certificate is missing or has an empty value for an important field, such as a subject or issuer name.
UntrustedRootCertificateThe root certificate is not trusted.
CouldNotBuildChainThe chain could not be built.
GenericTrustFailureThere is a general trust failure with the certificate.
CertificateRevokedThe certificate has been revoked.
UntrustedTestRootCertificateThe test root certificate is not trusted.
RevocationCheckFailureThe revocation check failed.
InvalidCertificateUsageThe certificate has an invalid usage.
CertificateExplicitlyDistrustedThe certificate was explicitly marked as not trusted by the user.
UntrustedCertificationAuthorityThe certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
InvalidCertificatePolicyThe certificate has an invalid policy.
InvalidCertificateNameThe certificate has an invalid name. The name is either not included in the permitted list or is explicitly excluded.

A successful verification returns the Valid result.

HRESULT values are generally returned by the unmanaged Microsoft Cryptographic API (CAPI); the other values are set by managed verification. This enumeration is not comprehensive of all possible HRESULT values and is subject to change.

.NET Framework

Supported in: 4, 3.5

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.