PackageDigitalSignatureManager.Sign Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Signs a list of package parts with a specified X.509 certificate.
Overloads
Sign(IEnumerable<Uri>) |
Prompts the user for an X.509 certificate, which is then used to digitally sign a specified list of package parts. |
Sign(IEnumerable<Uri>, X509Certificate) |
Signs a list of package parts with a given X.509 certificate. |
Sign(IEnumerable<Uri>, X509Certificate, IEnumerable<PackageRelationshipSelector>) |
Signs a list of package parts and package relationships with a given X.509 certificate. |
Sign(IEnumerable<Uri>, X509Certificate, IEnumerable<PackageRelationshipSelector>, String) |
Signs a list of package parts and package relationships with a given X.509 certificate and identifier (ID). |
Sign(IEnumerable<Uri>, X509Certificate, IEnumerable<PackageRelationshipSelector>, String, IEnumerable<DataObject>, IEnumerable<Reference>) |
Signs a list of package parts, package relationships, or custom objects with a specified X.509 certificate and signature identifier (ID). |
Examples
The following example shows the steps to digitally sign a list of parts within a Package.
private static void SignAllParts(Package package)
{
if (package == null)
throw new ArgumentNullException("SignAllParts(package)");
// Create the DigitalSignature Manager
PackageDigitalSignatureManager dsm =
new PackageDigitalSignatureManager(package);
dsm.CertificateOption =
CertificateEmbeddingOption.InSignaturePart;
// Create a list of all the part URIs in the package to sign
// (GetParts() also includes PackageRelationship parts).
System.Collections.Generic.List<Uri> toSign =
new System.Collections.Generic.List<Uri>();
foreach (PackagePart packagePart in package.GetParts())
{
// Add all package parts to the list for signing.
toSign.Add(packagePart.Uri);
}
// Add the URI for SignatureOrigin PackageRelationship part.
// The SignatureOrigin relationship is created when Sign() is called.
// Signing the SignatureOrigin relationship disables counter-signatures.
toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin));
// Also sign the SignatureOrigin part.
toSign.Add(dsm.SignatureOrigin);
// Add the package relationship to the signature origin to be signed.
toSign.Add(PackUriHelper.GetRelationshipPartUri(new Uri("/", UriKind.RelativeOrAbsolute)));
// Sign() will prompt the user to select a Certificate to sign with.
try
{
dsm.Sign(toSign);
}
// If there are no certificates or the SmartCard manager is
// not running, catch the exception and show an error message.
catch (CryptographicException ex)
{
MessageBox.Show(
"Cannot Sign\n" + ex.Message,
"No Digital Certificates Available",
MessageBoxButton.OK,
MessageBoxImage.Exclamation);
}
}// end:SignAllParts()
Private Shared Sub SignAllParts(ByVal package As Package)
If package Is Nothing Then
Throw New ArgumentNullException("SignAllParts(package)")
End If
' Create the DigitalSignature Manager
Dim dsm As New PackageDigitalSignatureManager(package)
dsm.CertificateOption = CertificateEmbeddingOption.InSignaturePart
' Create a list of all the part URIs in the package to sign
' (GetParts() also includes PackageRelationship parts).
Dim toSign As New System.Collections.Generic.List(Of Uri)()
For Each packagePart As PackagePart In package.GetParts()
' Add all package parts to the list for signing.
toSign.Add(packagePart.Uri)
Next
' Add the URI for SignatureOrigin PackageRelationship part.
' The SignatureOrigin relationship is created when Sign() is called.
' Signing the SignatureOrigin relationship disables counter-signatures.
toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin))
' Also sign the SignatureOrigin part.
toSign.Add(dsm.SignatureOrigin)
' Add the package relationship to the signature origin to be signed.
toSign.Add(PackUriHelper.GetRelationshipPartUri(New Uri("/", UriKind.RelativeOrAbsolute)))
' Sign() will prompt the user to select a Certificate to sign with.
Try
dsm.Sign(toSign)
Catch ex As CryptographicException
' If there are no certificates or the SmartCard manager is
' not running, catch the exception and show an error message.
MessageBox.Show("Cannot Sign" & vbLf & ex.Message, "No Digital Certificates Available", MessageBoxButton.OK, MessageBoxImage.Exclamation)
End Try
End Sub
Private Shared Function InlineAssignHelper(Of T)(ByRef target As T, ByVal value As T) As T
target = value
Return value
End Function
' end:SignAllParts()
Sign(IEnumerable<Uri>)
Prompts the user for an X.509 certificate, which is then used to digitally sign a specified list of package parts.
public:
System::IO::Packaging::PackageDigitalSignature ^ Sign(System::Collections::Generic::IEnumerable<Uri ^> ^ parts);
public System.IO.Packaging.PackageDigitalSignature Sign (System.Collections.Generic.IEnumerable<Uri> parts);
member this.Sign : seq<Uri> -> System.IO.Packaging.PackageDigitalSignature
Public Function Sign (parts As IEnumerable(Of Uri)) As PackageDigitalSignature
Parameters
- parts
- IEnumerable<Uri>
The list of uniform resource identifiers (URIs) for the PackagePart elements to sign.
Returns
The digital signature used to sign the list of parts
.
Examples
The following example shows how to digitally sign a list of package parts.
private static void SignAllParts(Package package)
{
if (package == null)
throw new ArgumentNullException("SignAllParts(package)");
// Create the DigitalSignature Manager
PackageDigitalSignatureManager dsm =
new PackageDigitalSignatureManager(package);
dsm.CertificateOption =
CertificateEmbeddingOption.InSignaturePart;
// Create a list of all the part URIs in the package to sign
// (GetParts() also includes PackageRelationship parts).
System.Collections.Generic.List<Uri> toSign =
new System.Collections.Generic.List<Uri>();
foreach (PackagePart packagePart in package.GetParts())
{
// Add all package parts to the list for signing.
toSign.Add(packagePart.Uri);
}
// Add the URI for SignatureOrigin PackageRelationship part.
// The SignatureOrigin relationship is created when Sign() is called.
// Signing the SignatureOrigin relationship disables counter-signatures.
toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin));
// Also sign the SignatureOrigin part.
toSign.Add(dsm.SignatureOrigin);
// Add the package relationship to the signature origin to be signed.
toSign.Add(PackUriHelper.GetRelationshipPartUri(new Uri("/", UriKind.RelativeOrAbsolute)));
// Sign() will prompt the user to select a Certificate to sign with.
try
{
dsm.Sign(toSign);
}
// If there are no certificates or the SmartCard manager is
// not running, catch the exception and show an error message.
catch (CryptographicException ex)
{
MessageBox.Show(
"Cannot Sign\n" + ex.Message,
"No Digital Certificates Available",
MessageBoxButton.OK,
MessageBoxImage.Exclamation);
}
}// end:SignAllParts()
Private Shared Sub SignAllParts(ByVal package As Package)
If package Is Nothing Then
Throw New ArgumentNullException("SignAllParts(package)")
End If
' Create the DigitalSignature Manager
Dim dsm As New PackageDigitalSignatureManager(package)
dsm.CertificateOption = CertificateEmbeddingOption.InSignaturePart
' Create a list of all the part URIs in the package to sign
' (GetParts() also includes PackageRelationship parts).
Dim toSign As New System.Collections.Generic.List(Of Uri)()
For Each packagePart As PackagePart In package.GetParts()
' Add all package parts to the list for signing.
toSign.Add(packagePart.Uri)
Next
' Add the URI for SignatureOrigin PackageRelationship part.
' The SignatureOrigin relationship is created when Sign() is called.
' Signing the SignatureOrigin relationship disables counter-signatures.
toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin))
' Also sign the SignatureOrigin part.
toSign.Add(dsm.SignatureOrigin)
' Add the package relationship to the signature origin to be signed.
toSign.Add(PackUriHelper.GetRelationshipPartUri(New Uri("/", UriKind.RelativeOrAbsolute)))
' Sign() will prompt the user to select a Certificate to sign with.
Try
dsm.Sign(toSign)
Catch ex As CryptographicException
' If there are no certificates or the SmartCard manager is
' not running, catch the exception and show an error message.
MessageBox.Show("Cannot Sign" & vbLf & ex.Message, "No Digital Certificates Available", MessageBoxButton.OK, MessageBoxImage.Exclamation)
End Try
End Sub
Private Shared Function InlineAssignHelper(Of T)(ByRef target As T, ByVal value As T) As T
target = value
Return value
End Function
' end:SignAllParts()
Remarks
To make the certificate selection dialog modal to a particular window, set the ParentWindow property before calling Sign.
Sign will not prompt for certificates if there are none in the default certificate store.
Applies to
Sign(IEnumerable<Uri>, X509Certificate)
Signs a list of package parts with a given X.509 certificate.
public:
System::IO::Packaging::PackageDigitalSignature ^ Sign(System::Collections::Generic::IEnumerable<Uri ^> ^ parts, System::Security::Cryptography::X509Certificates::X509Certificate ^ certificate);
public System.IO.Packaging.PackageDigitalSignature Sign (System.Collections.Generic.IEnumerable<Uri> parts, System.Security.Cryptography.X509Certificates.X509Certificate certificate);
member this.Sign : seq<Uri> * System.Security.Cryptography.X509Certificates.X509Certificate -> System.IO.Packaging.PackageDigitalSignature
Public Function Sign (parts As IEnumerable(Of Uri), certificate As X509Certificate) As PackageDigitalSignature
Parameters
- parts
- IEnumerable<Uri>
The list of uniform resource identifiers (URIs) for the PackagePart elements to sign.
- certificate
- X509Certificate
The X.509 certificate to use to digitally sign each of the specified parts
.
Returns
The digital signature used to sign the given list of parts
; or null
if no certificate could be found or the user clicked "Cancel" in the certificate selection dialog box.
Examples
The following example shows how to digitally sign a list of parts within a Package.
private static void SignAllParts(Package package)
{
if (package == null)
throw new ArgumentNullException("SignAllParts(package)");
// Create the DigitalSignature Manager
PackageDigitalSignatureManager dsm =
new PackageDigitalSignatureManager(package);
dsm.CertificateOption =
CertificateEmbeddingOption.InSignaturePart;
// Create a list of all the part URIs in the package to sign
// (GetParts() also includes PackageRelationship parts).
System.Collections.Generic.List<Uri> toSign =
new System.Collections.Generic.List<Uri>();
foreach (PackagePart packagePart in package.GetParts())
{
// Add all package parts to the list for signing.
toSign.Add(packagePart.Uri);
}
// Add the URI for SignatureOrigin PackageRelationship part.
// The SignatureOrigin relationship is created when Sign() is called.
// Signing the SignatureOrigin relationship disables counter-signatures.
toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin));
// Also sign the SignatureOrigin part.
toSign.Add(dsm.SignatureOrigin);
// Add the package relationship to the signature origin to be signed.
toSign.Add(PackUriHelper.GetRelationshipPartUri(new Uri("/", UriKind.RelativeOrAbsolute)));
// Sign() will prompt the user to select a Certificate to sign with.
try
{
dsm.Sign(toSign);
}
// If there are no certificates or the SmartCard manager is
// not running, catch the exception and show an error message.
catch (CryptographicException ex)
{
MessageBox.Show(
"Cannot Sign\n" + ex.Message,
"No Digital Certificates Available",
MessageBoxButton.OK,
MessageBoxImage.Exclamation);
}
}// end:SignAllParts()
Private Shared Sub SignAllParts(ByVal package As Package)
If package Is Nothing Then
Throw New ArgumentNullException("SignAllParts(package)")
End If
' Create the DigitalSignature Manager
Dim dsm As New PackageDigitalSignatureManager(package)
dsm.CertificateOption = CertificateEmbeddingOption.InSignaturePart
' Create a list of all the part URIs in the package to sign
' (GetParts() also includes PackageRelationship parts).
Dim toSign As New System.Collections.Generic.List(Of Uri)()
For Each packagePart As PackagePart In package.GetParts()
' Add all package parts to the list for signing.
toSign.Add(packagePart.Uri)
Next
' Add the URI for SignatureOrigin PackageRelationship part.
' The SignatureOrigin relationship is created when Sign() is called.
' Signing the SignatureOrigin relationship disables counter-signatures.
toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin))
' Also sign the SignatureOrigin part.
toSign.Add(dsm.SignatureOrigin)
' Add the package relationship to the signature origin to be signed.
toSign.Add(PackUriHelper.GetRelationshipPartUri(New Uri("/", UriKind.RelativeOrAbsolute)))
' Sign() will prompt the user to select a Certificate to sign with.
Try
dsm.Sign(toSign)
Catch ex As CryptographicException
' If there are no certificates or the SmartCard manager is
' not running, catch the exception and show an error message.
MessageBox.Show("Cannot Sign" & vbLf & ex.Message, "No Digital Certificates Available", MessageBoxButton.OK, MessageBoxImage.Exclamation)
End Try
End Sub
Private Shared Function InlineAssignHelper(Of T)(ByRef target As T, ByVal value As T) As T
target = value
Return value
End Function
' end:SignAllParts()
Applies to
Sign(IEnumerable<Uri>, X509Certificate, IEnumerable<PackageRelationshipSelector>)
Signs a list of package parts and package relationships with a given X.509 certificate.
public:
System::IO::Packaging::PackageDigitalSignature ^ Sign(System::Collections::Generic::IEnumerable<Uri ^> ^ parts, System::Security::Cryptography::X509Certificates::X509Certificate ^ certificate, System::Collections::Generic::IEnumerable<System::IO::Packaging::PackageRelationshipSelector ^> ^ relationshipSelectors);
public System.IO.Packaging.PackageDigitalSignature Sign (System.Collections.Generic.IEnumerable<Uri> parts, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Collections.Generic.IEnumerable<System.IO.Packaging.PackageRelationshipSelector> relationshipSelectors);
member this.Sign : seq<Uri> * System.Security.Cryptography.X509Certificates.X509Certificate * seq<System.IO.Packaging.PackageRelationshipSelector> -> System.IO.Packaging.PackageDigitalSignature
Public Function Sign (parts As IEnumerable(Of Uri), certificate As X509Certificate, relationshipSelectors As IEnumerable(Of PackageRelationshipSelector)) As PackageDigitalSignature
Parameters
- parts
- IEnumerable<Uri>
The list of uniform resource identifiers (URIs) for the PackagePart objects to sign.
- certificate
- X509Certificate
The X.509 certificate to use to digitally sign each of the specified parts and relationships.
- relationshipSelectors
- IEnumerable<PackageRelationshipSelector>
The list of PackageRelationship objects to sign.
Returns
The digital signature used to sign the elements specified in the parts
and relationshipSelectors
lists.
Exceptions
Neither parts
nor relationshipSelectors
specify any objects to sign.
Examples
The following example shows how to digitally sign a list of package parts.
private static void SignAllParts(Package package)
{
if (package == null)
throw new ArgumentNullException("SignAllParts(package)");
// Create the DigitalSignature Manager
PackageDigitalSignatureManager dsm =
new PackageDigitalSignatureManager(package);
dsm.CertificateOption =
CertificateEmbeddingOption.InSignaturePart;
// Create a list of all the part URIs in the package to sign
// (GetParts() also includes PackageRelationship parts).
System.Collections.Generic.List<Uri> toSign =
new System.Collections.Generic.List<Uri>();
foreach (PackagePart packagePart in package.GetParts())
{
// Add all package parts to the list for signing.
toSign.Add(packagePart.Uri);
}
// Add the URI for SignatureOrigin PackageRelationship part.
// The SignatureOrigin relationship is created when Sign() is called.
// Signing the SignatureOrigin relationship disables counter-signatures.
toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin));
// Also sign the SignatureOrigin part.
toSign.Add(dsm.SignatureOrigin);
// Add the package relationship to the signature origin to be signed.
toSign.Add(PackUriHelper.GetRelationshipPartUri(new Uri("/", UriKind.RelativeOrAbsolute)));
// Sign() will prompt the user to select a Certificate to sign with.
try
{
dsm.Sign(toSign);
}
// If there are no certificates or the SmartCard manager is
// not running, catch the exception and show an error message.
catch (CryptographicException ex)
{
MessageBox.Show(
"Cannot Sign\n" + ex.Message,
"No Digital Certificates Available",
MessageBoxButton.OK,
MessageBoxImage.Exclamation);
}
}// end:SignAllParts()
Private Shared Sub SignAllParts(ByVal package As Package)
If package Is Nothing Then
Throw New ArgumentNullException("SignAllParts(package)")
End If
' Create the DigitalSignature Manager
Dim dsm As New PackageDigitalSignatureManager(package)
dsm.CertificateOption = CertificateEmbeddingOption.InSignaturePart
' Create a list of all the part URIs in the package to sign
' (GetParts() also includes PackageRelationship parts).
Dim toSign As New System.Collections.Generic.List(Of Uri)()
For Each packagePart As PackagePart In package.GetParts()
' Add all package parts to the list for signing.
toSign.Add(packagePart.Uri)
Next
' Add the URI for SignatureOrigin PackageRelationship part.
' The SignatureOrigin relationship is created when Sign() is called.
' Signing the SignatureOrigin relationship disables counter-signatures.
toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin))
' Also sign the SignatureOrigin part.
toSign.Add(dsm.SignatureOrigin)
' Add the package relationship to the signature origin to be signed.
toSign.Add(PackUriHelper.GetRelationshipPartUri(New Uri("/", UriKind.RelativeOrAbsolute)))
' Sign() will prompt the user to select a Certificate to sign with.
Try
dsm.Sign(toSign)
Catch ex As CryptographicException
' If there are no certificates or the SmartCard manager is
' not running, catch the exception and show an error message.
MessageBox.Show("Cannot Sign" & vbLf & ex.Message, "No Digital Certificates Available", MessageBoxButton.OK, MessageBoxImage.Exclamation)
End Try
End Sub
Private Shared Function InlineAssignHelper(Of T)(ByRef target As T, ByVal value As T) As T
target = value
Return value
End Function
' end:SignAllParts()
Remarks
Between parts
and relationshipSelectors
there must be at least one element to sign.
Applies to
Sign(IEnumerable<Uri>, X509Certificate, IEnumerable<PackageRelationshipSelector>, String)
Signs a list of package parts and package relationships with a given X.509 certificate and identifier (ID).
public:
System::IO::Packaging::PackageDigitalSignature ^ Sign(System::Collections::Generic::IEnumerable<Uri ^> ^ parts, System::Security::Cryptography::X509Certificates::X509Certificate ^ certificate, System::Collections::Generic::IEnumerable<System::IO::Packaging::PackageRelationshipSelector ^> ^ relationshipSelectors, System::String ^ signatureId);
public System.IO.Packaging.PackageDigitalSignature Sign (System.Collections.Generic.IEnumerable<Uri> parts, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Collections.Generic.IEnumerable<System.IO.Packaging.PackageRelationshipSelector> relationshipSelectors, string signatureId);
member this.Sign : seq<Uri> * System.Security.Cryptography.X509Certificates.X509Certificate * seq<System.IO.Packaging.PackageRelationshipSelector> * string -> System.IO.Packaging.PackageDigitalSignature
Public Function Sign (parts As IEnumerable(Of Uri), certificate As X509Certificate, relationshipSelectors As IEnumerable(Of PackageRelationshipSelector), signatureId As String) As PackageDigitalSignature
Parameters
- parts
- IEnumerable<Uri>
The list of uniform resource identifiers (URIs) for the PackagePart objects to sign.
- certificate
- X509Certificate
The X.509 certificate to use to digitally sign each of the specified parts and relationships.
- relationshipSelectors
- IEnumerable<PackageRelationshipSelector>
The list of PackageRelationship objects to sign.
- signatureId
- String
An identification string to associate with the signature.
Returns
The digital signature used to sign the elements specified in the parts
and relationshipSelectors
lists.
Exceptions
Neither parts
nor relationshipSelectors
specify any elements to sign.
Examples
The following example shows how to digitally sign a list of package parts.
private static void SignAllParts(Package package)
{
if (package == null)
throw new ArgumentNullException("SignAllParts(package)");
// Create the DigitalSignature Manager
PackageDigitalSignatureManager dsm =
new PackageDigitalSignatureManager(package);
dsm.CertificateOption =
CertificateEmbeddingOption.InSignaturePart;
// Create a list of all the part URIs in the package to sign
// (GetParts() also includes PackageRelationship parts).
System.Collections.Generic.List<Uri> toSign =
new System.Collections.Generic.List<Uri>();
foreach (PackagePart packagePart in package.GetParts())
{
// Add all package parts to the list for signing.
toSign.Add(packagePart.Uri);
}
// Add the URI for SignatureOrigin PackageRelationship part.
// The SignatureOrigin relationship is created when Sign() is called.
// Signing the SignatureOrigin relationship disables counter-signatures.
toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin));
// Also sign the SignatureOrigin part.
toSign.Add(dsm.SignatureOrigin);
// Add the package relationship to the signature origin to be signed.
toSign.Add(PackUriHelper.GetRelationshipPartUri(new Uri("/", UriKind.RelativeOrAbsolute)));
// Sign() will prompt the user to select a Certificate to sign with.
try
{
dsm.Sign(toSign);
}
// If there are no certificates or the SmartCard manager is
// not running, catch the exception and show an error message.
catch (CryptographicException ex)
{
MessageBox.Show(
"Cannot Sign\n" + ex.Message,
"No Digital Certificates Available",
MessageBoxButton.OK,
MessageBoxImage.Exclamation);
}
}// end:SignAllParts()
Private Shared Sub SignAllParts(ByVal package As Package)
If package Is Nothing Then
Throw New ArgumentNullException("SignAllParts(package)")
End If
' Create the DigitalSignature Manager
Dim dsm As New PackageDigitalSignatureManager(package)
dsm.CertificateOption = CertificateEmbeddingOption.InSignaturePart
' Create a list of all the part URIs in the package to sign
' (GetParts() also includes PackageRelationship parts).
Dim toSign As New System.Collections.Generic.List(Of Uri)()
For Each packagePart As PackagePart In package.GetParts()
' Add all package parts to the list for signing.
toSign.Add(packagePart.Uri)
Next
' Add the URI for SignatureOrigin PackageRelationship part.
' The SignatureOrigin relationship is created when Sign() is called.
' Signing the SignatureOrigin relationship disables counter-signatures.
toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin))
' Also sign the SignatureOrigin part.
toSign.Add(dsm.SignatureOrigin)
' Add the package relationship to the signature origin to be signed.
toSign.Add(PackUriHelper.GetRelationshipPartUri(New Uri("/", UriKind.RelativeOrAbsolute)))
' Sign() will prompt the user to select a Certificate to sign with.
Try
dsm.Sign(toSign)
Catch ex As CryptographicException
' If there are no certificates or the SmartCard manager is
' not running, catch the exception and show an error message.
MessageBox.Show("Cannot Sign" & vbLf & ex.Message, "No Digital Certificates Available", MessageBoxButton.OK, MessageBoxImage.Exclamation)
End Try
End Sub
Private Shared Function InlineAssignHelper(Of T)(ByRef target As T, ByVal value As T) As T
target = value
Return value
End Function
' end:SignAllParts()
Remarks
The parts
list can be empty or null
if relationshipSelectors
contains at least one entry.
The relationshipSelectors
list can be empty or null
if parts
contains at least one entry.
Between the parts
list and relationshipSelectors
there must be at least one element to sign.
Applies to
Sign(IEnumerable<Uri>, X509Certificate, IEnumerable<PackageRelationshipSelector>, String, IEnumerable<DataObject>, IEnumerable<Reference>)
Signs a list of package parts, package relationships, or custom objects with a specified X.509 certificate and signature identifier (ID).
public:
System::IO::Packaging::PackageDigitalSignature ^ Sign(System::Collections::Generic::IEnumerable<Uri ^> ^ parts, System::Security::Cryptography::X509Certificates::X509Certificate ^ certificate, System::Collections::Generic::IEnumerable<System::IO::Packaging::PackageRelationshipSelector ^> ^ relationshipSelectors, System::String ^ signatureId, System::Collections::Generic::IEnumerable<System::Security::Cryptography::Xml::DataObject ^> ^ signatureObjects, System::Collections::Generic::IEnumerable<System::Security::Cryptography::Xml::Reference ^> ^ objectReferences);
[System.Security.SecurityCritical]
public System.IO.Packaging.PackageDigitalSignature Sign (System.Collections.Generic.IEnumerable<Uri> parts, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Collections.Generic.IEnumerable<System.IO.Packaging.PackageRelationshipSelector> relationshipSelectors, string signatureId, System.Collections.Generic.IEnumerable<System.Security.Cryptography.Xml.DataObject> signatureObjects, System.Collections.Generic.IEnumerable<System.Security.Cryptography.Xml.Reference> objectReferences);
public System.IO.Packaging.PackageDigitalSignature Sign (System.Collections.Generic.IEnumerable<Uri> parts, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Collections.Generic.IEnumerable<System.IO.Packaging.PackageRelationshipSelector> relationshipSelectors, string signatureId, System.Collections.Generic.IEnumerable<System.Security.Cryptography.Xml.DataObject> signatureObjects, System.Collections.Generic.IEnumerable<System.Security.Cryptography.Xml.Reference> objectReferences);
[<System.Security.SecurityCritical>]
member this.Sign : seq<Uri> * System.Security.Cryptography.X509Certificates.X509Certificate * seq<System.IO.Packaging.PackageRelationshipSelector> * string * seq<System.Security.Cryptography.Xml.DataObject> * seq<System.Security.Cryptography.Xml.Reference> -> System.IO.Packaging.PackageDigitalSignature
member this.Sign : seq<Uri> * System.Security.Cryptography.X509Certificates.X509Certificate * seq<System.IO.Packaging.PackageRelationshipSelector> * string * seq<System.Security.Cryptography.Xml.DataObject> * seq<System.Security.Cryptography.Xml.Reference> -> System.IO.Packaging.PackageDigitalSignature
Public Function Sign (parts As IEnumerable(Of Uri), certificate As X509Certificate, relationshipSelectors As IEnumerable(Of PackageRelationshipSelector), signatureId As String, signatureObjects As IEnumerable(Of DataObject), objectReferences As IEnumerable(Of Reference)) As PackageDigitalSignature
Parameters
- parts
- IEnumerable<Uri>
The list of uniform resource identifiers (URIs) for the PackagePart objects to sign.
- certificate
- X509Certificate
The X.509 certificate to use to digitally sign each of the specified parts and relationships.
- relationshipSelectors
- IEnumerable<PackageRelationshipSelector>
The list of PackageRelationship objects to sign.
- signatureId
- String
An identification string to associate with the signature.
- signatureObjects
- IEnumerable<DataObject>
A list of custom data objects to sign.
- objectReferences
- IEnumerable<Reference>
A list of references to custom objects to sign.
Returns
The digital signature used to sign the elements specified in the parts
and relationshipSelectors
lists.
- Attributes
Exceptions
Neither parts
, relationshipSelectors
, signatureObjects
, nor objectReferences
specify any elements to sign.
A ContentType of a part being signed references an empty, null
, or undefined TransformMapping.
signatureId
is not null
and is not a valid XML schema ID (for example, begins with a leading numeric digit).
Remarks
There must be at least one element to sign in parts
, relationshipSelectors
, signatureObjects
, or objectReferences
.
Note
The terms Object
, Manifest
, Reference
, SignatureProperties
, and Transform
in the following two remarks refer to element types and tags defined by the W3C XML-Signature Syntax and Processing specification, see https://www.w3.org/TR/xmldsig-core/.
This and other Sign method overloads use the current TransformMapping dictionary that defines a Transform
to apply based on the package part ContentType. The Microsoft Open Packaging Conventions (OPC) specification currently allows only two valid Transform
algorithms: C14 and C14N. The W3C XML-Signature Syntax and Processing standard does not allow empty Manifest
tags. Also the Open Packaging Conventions specification requires a Package-specific Object
tag that contains both Manifest
and SignatureProperties
tags. Each Manifest
tag additionally also include at least one Reference
tag. These tags require that each signature sign at least one PackagePart (non-empty parts tag) or PackageRelationship (non-empty relationshipSelectors
) even if the signature is needed only to sign signatureObjects
or objectReferences
.
This Sign method ignores the DigestMethod property associated with each Reference defined in objectReferences
.
This Sign overload provides support for generation of XML signatures that require custom Object
tags. For any provided Object
tag to be signed, a corresponding Reference
tag must be provided with a uniform resource identifier (URI) that specifies the Object
tag in local fragment syntax. For example if the Object
tag has an ID of "myObject", the URI in the Reference
tag would be "#myObject". For unsigned objects, no Reference
is required.