Understanding of SignedCms.CheckSignature(True)
An understanding of SignedCms.CheckSignature(True) based on the code stated below.
' Create a ContentInfo object from the inner content obtained ' independently from encodedMessage. Dim contentInfo As New ContentInfo(innerContent)
' Create a new, detached SignedCms message. Dim signedCms As New SignedCms(contentInfo, True)
' encodedMessage is the encoded message received from ' the sender. signedCms.Decode(encodedMessage)
' Verify the signature without validating the ' certificate. signedCms.CheckSignature(True) |
- We have the innerContent (unsigned), which is message.
- We have the detached signature, which is the encrypted hash of message.
.png)
Now the code.
- Dim signedCms As New SignedCms(contentInfo, True) // This detaches the signature and the message, and signature here is the encrypted hash of message.
- signedCms.Decode(message) // This decodes the encrypted hash of message to give the hash of the message.
- signedCms.CheckSignature(True) // This does the Compare as shown above by computing the hash of Message and then verifying the hash we got above.
References:
https://msdn.microsoft.com/en-us/library/system.security.cryptography.pkcs.signedcms(VS.85).aspx