PackageDigitalSignatureManager.Sign Method (IEnumerable<Uri>)


Prompts the user for an X.509 certificate, which is then used to digitally sign a specified list of package parts.

Namespace:   System.IO.Packaging
Assembly:  WindowsBase (in WindowsBase.dll)

public PackageDigitalSignature Sign(
	IEnumerable<Uri> parts


Type: System.Collections.Generic.IEnumerable<Uri>

The list of uniform resource identifiers (URIs) for the PackagePart elements to sign.

Return Value

Type: System.IO.Packaging.PackageDigitalSignature

The digital signature used to sign the list of parts.

To make the certificate selection dialog modal to a particular window, set the ParentWindow property before calling Sign.

Sign will not prompt for certificates if there are none in the default certificate store.

The following example shows how to digitally sign a list of package parts. For the complete sample, see the Creating a Package with a Digital Signature Sample.

private static void SignAllParts(Package package)
    if (package == null)
        throw new ArgumentNullException("SignAllParts(package)");

    // Create the DigitalSignature Manager
    PackageDigitalSignatureManager dsm =
        new PackageDigitalSignatureManager(package);
    dsm.CertificateOption =

    // Create a list of all the part URIs in the package to sign
    // (GetParts() also includes PackageRelationship parts).
    System.Collections.Generic.List<Uri> toSign =
        new System.Collections.Generic.List<Uri>();
    foreach (PackagePart packagePart in package.GetParts())
        // Add all package parts to the list for signing.

    // Add the URI for SignatureOrigin PackageRelationship part.
    // The SignatureOrigin relationship is created when Sign() is called.
    // Signing the SignatureOrigin relationship disables counter-signatures.

    // Also sign the SignatureOrigin part.

    // Add the package relationship to the signature origin to be signed.
    toSign.Add(PackUriHelper.GetRelationshipPartUri(new Uri("/", UriKind.RelativeOrAbsolute)));

    // Sign() will prompt the user to select a Certificate to sign with.

    // If there are no certificates or the SmartCard manager is
    // not running, catch the exception and show an error message.
    catch (CryptographicException ex)
            "Cannot Sign\n" + ex.Message,
            "No Digital Certificates Available",

}// end:SignAllParts()

.NET Framework
Available since 3.0
Return to top