PackageDigitalSignatureManager.Sign Method (IEnumerable<Uri>)

Prompts the user for an X.509 certificate, which is then used to digitally sign a specified list of package parts.

Namespace:  System.IO.Packaging
Assembly:  WindowsBase (in WindowsBase.dll)

public PackageDigitalSignature Sign(
	IEnumerable<Uri> parts
)

Parameters

parts
Type: System.Collections.Generic.IEnumerable<Uri>

The list of uniform resource identifiers (URIs) for the PackagePart elements to sign.

Return Value

Type: System.IO.Packaging.PackageDigitalSignature
The digital signature used to sign the list of parts.

To make the certificate selection dialog modal to a particular window, set the ParentWindow property before calling Sign.

Sign will not prompt for certificates if there are none in the default certificate store.

The following example shows how to digitally sign a list of package parts. For the complete sample, see the Creating a Package with a Digital Signature Sample.

        private static void SignAllParts(Package package)
        {
            if (package == null)
                throw new ArgumentNullException("SignAllParts(package)");

            // Create the DigitalSignature Manager
            PackageDigitalSignatureManager dsm =
                new PackageDigitalSignatureManager(package);
            dsm.CertificateOption =
                CertificateEmbeddingOption.InSignaturePart;

            // Create a list of all the part URIs in the package to sign 
            // (GetParts() also includes PackageRelationship parts).
            System.Collections.Generic.List<Uri> toSign =
                new System.Collections.Generic.List<Uri>();
            foreach (PackagePart packagePart in package.GetParts())
            {
                // Add all package parts to the list for signing.
                toSign.Add(packagePart.Uri);
            }

            // Add the URI for SignatureOrigin PackageRelationship part. 
            // The SignatureOrigin relationship is created when Sign() is called. 
            // Signing the SignatureOrigin relationship disables counter-signatures.
            toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin));

            // Also sign the SignatureOrigin part.
            toSign.Add(dsm.SignatureOrigin);

            // Add the package relationship to the signature origin to be signed.
            toSign.Add(PackUriHelper.GetRelationshipPartUri(new Uri("/", UriKind.RelativeOrAbsolute)));

            // Sign() will prompt the user to select a Certificate to sign with. 
            try
            {
                dsm.Sign(toSign);
            }

            // If there are no certificates or the SmartCard manager is 
            // not running, catch the exception and show an error message. 
            catch (CryptographicException ex)
            {
                MessageBox.Show(
                    "Cannot Sign\n" + ex.Message,
                    "No Digital Certificates Available",
                    MessageBoxButton.OK,
                    MessageBoxImage.Exclamation);
            }

        }// end:SignAllParts()

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2015 Microsoft