- Create and Verify Digital Signatures using .NET Digital Signature Library
- .NET Digital Signature Library Code Samples
- Download .NET Digital Signature Library with all samples
static void DigitallySignPDFFile(string unsignedDocument, string signedDocument)
{
PdfSignature ps = new PdfSignature("");
//load the PDF document
ps.LoadPdfDocument(unsignedDocument);
ps.SignaturePosition = SignaturePosition.TopRight;
ps.SigningReason = "I approve this document";
ps.SigningLocation = "Accounting department";
ps.SignaturePosition = SignaturePosition.TopLeft;
//the signature will be timestamped.
ps.TimeStamping.ServerUrl = new Uri("https://ca.signfiles.com/TSAServer.aspx");
//set the digital signature hash algorithm
ps.HashAlgorithm = SignLib.HashAlgorithm.SHA256;
//Digital signature certificate can be loaded from various sources
//Load the signature certificate from a PFX or P12 file
ps.DigitalSignatureCertificate = DigitalCertificate.LoadCertificate("cert.pfx", "123456");
//Load the certificate from Microsoft Store.
//The smart card or USB token certificates are usually available on Microsoft Certificate Store (start - run - certmgr.msc).
//If the smart card certificate not appears on Microsoft Certificate Store it cannot be used by the library
//ps.DigitalSignatureCertificate = DigitalCertificate.LoadCertificate(false, string.Empty, "Select Certificate", "Select the certificate for digital signature");
//write the signed file
File.WriteAllBytes(signedDocument, ps.ApplyDigitalSignature());
}
static void VerifyPDFSignature(string signedDocument)
{
PdfSignature ps = new PdfSignature("");
ps.LoadPdfDocument(signedDocument);
Console.WriteLine("Number of signatures: " + ps.DocumentProperties.DigitalSignatures.Count.ToString());
//verify every digital signature form the PDF document
foreach (PdfSignatureInfo csi in ps.DocumentProperties.DigitalSignatures)
{
Console.WriteLine("Signature name: " + csi.SignatureName);
Console.WriteLine("Hash Algorithm: " + csi.HashAlgorithm.ToString());
Console.WriteLine("Signature Certificate Information");
ExtractCertificateInformation(csi.SignatureCertificate);
Console.WriteLine("Signature Is Valid: " + csi.SignatureIsValid.ToString());
Console.WriteLine("Signature Time: " + csi.SignatureTime.ToLocalTime().ToString());
Console.WriteLine("Is Timestamped: " + csi.SignatureIsTimestamped);
if (csi.SignatureIsTimestamped == true)
{
Console.WriteLine("Hash Algorithm: " + csi.TimestampInfo.HashAlgorithm.FriendlyName);
Console.WriteLine("Is TimestampAltered: " + csi.TimestampInfo.IsTimestampAltered.ToString());
Console.WriteLine("TimestampSerial Number: " + csi.TimestampInfo.SerialNumber);
Console.WriteLine("TSA Certificate: " + csi.TimestampInfo.TsaCertificate.Subject);
}
}
}
static void ExtractCertificateInformation(X509Certificate2 cert)
{
Console.WriteLine("Certificate subject:" + cert.Subject);
Console.WriteLine("Certificate issued by:" + cert.GetNameInfo(X509NameType.SimpleName, true));
Console.WriteLine("Certificate will expire on: " + cert.NotAfter.ToString());
Console.WriteLine("Certificate is time valid: " + DigitalCertificate.VerifyDigitalCertificate(cert, VerificationType.LocalTime).ToString());
}
static void Main(string[] args)
{
DigitallySignPDFFile("source.pdf", "source[signed].pdf");
VerifyPDFSignature("source[signed].pdf");
}
See also: