PackageDigitalSignatureManager.Sign Method


Signs a list of package parts with a specified X.509 certificate.

Namespace:   System.IO.Packaging
Assembly:  WindowsBase (in WindowsBase.dll)


Prompts the user for an X.509 certificate, which is then used to digitally sign a specified list of package parts.

System_CAPS_pubmethodSign(IEnumerable<Uri>, X509Certificate)

Signs a list of package parts with a given X.509 certificate.

System_CAPS_pubmethodSign(IEnumerable<Uri>, X509Certificate, IEnumerable<PackageRelationshipSelector>)

Signs a list of package parts and package relationships with a given X.509 certificate.

System_CAPS_pubmethodSign(IEnumerable<Uri>, X509Certificate, IEnumerable<PackageRelationshipSelector>, String)

Signs a list of package parts and package relationships with a given X.509 certificate and identifier (ID).

System_CAPS_pubmethodSign(IEnumerable<Uri>, X509Certificate, IEnumerable<PackageRelationshipSelector>, String, IEnumerable<DataObject>, IEnumerable<Reference>)

Signs a list of package parts, package relationships, or custom objects with a specified X.509 certificate and signature identifier (ID).

The following example shows the steps to digitally sign a list of parts within a Package. For the complete sample, see Creating a Package with a Digital Signature Sample.

private static void SignAllParts(Package package)
    if (package == null)
        throw new ArgumentNullException("SignAllParts(package)");

    // Create the DigitalSignature Manager
    PackageDigitalSignatureManager dsm =
        new PackageDigitalSignatureManager(package);
    dsm.CertificateOption =

    // Create a list of all the part URIs in the package to sign
    // (GetParts() also includes PackageRelationship parts).
    System.Collections.Generic.List<Uri> toSign =
        new System.Collections.Generic.List<Uri>();
    foreach (PackagePart packagePart in package.GetParts())
        // Add all package parts to the list for signing.

    // Add the URI for SignatureOrigin PackageRelationship part.
    // The SignatureOrigin relationship is created when Sign() is called.
    // Signing the SignatureOrigin relationship disables counter-signatures.

    // Also sign the SignatureOrigin part.

    // Add the package relationship to the signature origin to be signed.
    toSign.Add(PackUriHelper.GetRelationshipPartUri(new Uri("/", UriKind.RelativeOrAbsolute)));

    // Sign() will prompt the user to select a Certificate to sign with.

    // If there are no certificates or the SmartCard manager is
    // not running, catch the exception and show an error message.
    catch (CryptographicException ex)
            "Cannot Sign\n" + ex.Message,
            "No Digital Certificates Available",

}// end:SignAllParts()

Return to top