System.Security 2.0.0.0 4.0.0.0 System.Object The signatures represented by the class can be either over message content or a signature. The latter kind of signature is referred to as a countersignature. This implementation of CMS/PKCS #7 supports only one level of countersignature. That is, a signature can be signed, which forms a countersignature, but that countersignature cannot be signed again. This class does not have a public constructor; therefore, it cannot be publicly instantiated. It is a read-only class accessible from the property.

The class represents a signer associated with a object that represents a CMS/PKCS #7 message.

Property 2.0.0.0 4.0.0.0 System.Security.Cryptography.X509Certificates.X509Certificate2 To be added. If the signing certificate is not included at signing time by using the property, then the certificate will not be returned.

The property retrieves the signing certificate associated with the signer information.

Method 2.0.0.0 4.0.0.0 System.Void This method does not provide authentication of the CMS/PKCS #7 message signer information.

The method verifies the data integrity of the CMS/PKCS #7 message signer information. is a specialized method used in specific security infrastructure applications in which the subject uses the HashOnly member of the enumeration when setting up a object. does not authenticate the signer information because this method does not involve verifying a digital signature. For general-purpose checking of the integrity and authenticity of CMS/PKCS #7 message signer information and countersignatures, use the or methods.

Method 2.0.0.0 4.0.0.0 System.Void This method throws an exception if the verification of the digital signature fails or any validation requirements are not met. If more complex validation is required, the caller can specify that only the signature is verified and then use an object to perform custom validation.

The method verifies the digital signature of the message and, optionally, validates the certificate.

A bool value that specifies whether only the digital signature is verified. If is true, only the signature is verified. If is false, the digital signature is verified, the certificate chain is validated, and the purposes of the certificates are validated. The purposes of the certificate are considered valid if the certificate has no key usage or if the key usage supports digital signature or nonrepudiation. Method 2.0.0.0 4.0.0.0 System.Void This method throws an exception if the verification of the digital signature fails or any validation requirements are not met. If more complex validation is required, the caller can specify that only the signature is verified and then use an object to perform custom validation.

The method verifies the digital signature of the message by using the specified collection of certificates and, optionally, validates the certificate.

An object that can be used to validate the chain. If no additional certificates are to be used to validate the chain, use instead of . A bool value that specifies whether only the digital signature is verified. If is true, only the signature is verified. If is false, the digital signature is verified, the certificate chain is validated, and the purposes of the certificates are validated. The purposes of the certificate are considered valid if the certificate has no key usage or if the key usage supports digital signature or nonrepudiation. Method 2.0.0.0 4.0.0.0 System.Void This implementation of CMS/PKCS #7 supports only one level of countersignature. That is, a signature can be signed, which forms a countersignature, but that countersignature cannot be signed again. This method displays a user interface in which you choose signers for this message. This requires that the current process is running in user interactive mode, meaning that the property is set to true. A process is normally in user interactive mode unless it is a service process or running inside a Web application. Signers whose certificates meet the following conditions will be displayed in the list: The certificate has an associated private key. The certificate is within its validity period. The certificate has no key usage or a key usage that supports digital signatures or nonrepudiation. Signer certificates are chosen from the My store.

.NET Framework Security

The following permissions are required to display the user interface: The following permissions are required to access the signature key:

The method prompts the user to select a signing certificate, creates a countersignature, and adds the signature to the CMS/PKCS #7 message. Countersignatures are restricted to one level.

Method 2.0.0.0 4.0.0.0 System.Void This implementation of CMS/PKCS #7 supports only one level of countersignature. That is, a signature can be signed, which forms a countersignature, but that countersignature cannot be signed again.

.NET Framework Security

The following permissions are required to access the signature key:

The method creates a countersignature by using the specified signer and adds the signature to the CMS/PKCS #7 message. Countersignatures are restricted to one level.

A object that represents the counter signer. Property 2.0.0.0 4.0.0.0 System.Security.Cryptography.Pkcs.SignerInfoCollection To be added. This implementation of CMS/PKCS #7 supports only one level of countersignature. That is, a signature can be signed, which forms a countersignature, but that countersignature cannot be signed again.

The property retrieves the set of counter signers associated with the signer information.

Property 2.0.0.0 4.0.0.0 System.Security.Cryptography.Oid To be added. To be added.

The property retrieves the object that represents the hash algorithm used in the computation of the signatures.

Method 2.0.0.0 4.0.0.0 System.Void To be added.

The method removes the countersignature at the specified index of the collection.

The zero-based index of the countersignature to remove. Method 2.0.0.0 4.0.0.0 System.Void To be added.

The method removes the countersignature for the specified object.

A object that represents the countersignature being removed. Property 2.0.0.0 4.0.0.0 System.Security.Cryptography.CryptographicAttributeObjectCollection To be added. An example of a signed attribute that might be included in the collection retrieved by the property is the signing time attribute. Signed attributes are signed along with the rest of the message content. This means that a party that successfully verifies the signature can have confidence that the contents of these attributes are authentic and have not been altered. A object and a object will be automatically generated and placed in the property whenever the property for the corresponding signer is not empty.

The property retrieves the collection of signed attributes that is associated with the signer information. Signed attributes are signed along with the rest of the message content.

Property 2.0.0.0 4.0.0.0 System.Security.Cryptography.Pkcs.SubjectIdentifier To be added. To be added.

The property retrieves the certificate identifier of the signer associated with the signer information.

Property 2.0.0.0 4.0.0.0 System.Security.Cryptography.CryptographicAttributeObjectCollection To be added. Unsigned attributes are not signed along with the rest of the message content. Even though a party successfully verifies the signature, the unsigned attributes may have been altered and should not be considered to have authenticity or integrity. An example of an unsigned attribute that might be included in the collection retrieved by the property is a countersignature.

The property retrieves the collection of unsigned attributes that is associated with the content. Unsigned attributes can be modified without invalidating the signature.

Property 2.0.0.0 4.0.0.0 System.Int32 To be added. The version determines whether the message is a PKCS #7 message or a Cryptographic Message Syntax (CMS) message. CMS is a newer superset of PKCS #7.

The property retrieves the signer information version.