Click here to Skip to main content
15,867,594 members
Articles / Programming Languages / Visual Basic
Tip/Trick

How to sign data with SignedCMS and signature check

Rate me:
Please Sign up or sign in to vote.
4.33/5 (4 votes)
6 Nov 2013CPOL 32.9K   4   3
Shows how to sign a string using a PFX certificate to create a CMS/PCKS#7 signed data. Also, shows how to take the signed data and compare with the original text to check sigh validity.

Introduction

This article shows the simple way to create a PCKS#7 signature and check it back later. Useful to secure string data to store it in a file or database. Also, shows how to take the signed data and verify against the original content in order to check sign validity.

Using the code

Be sure to have a certificate exported to a .PFX file and the password required to extract it the info.

VB
'Required Imports

Imports System.Security.Cryptography.Pkcs
Imports System.Text
Imports System.Security.Cryptography.X509Certificates

'CONSOLE ENTRY POINT
Sub Main()

    'SIGNER PART, TAKE SOME PLAIN TEXT AND SIGN IT

    'Simple text to sign
    Dim textToSign As String = "hello world"

    'Convert to array of bytes
    Dim contentInfo As New ContentInfo(Encoding.UTF8.GetBytes(textToSign))

    'New signedCMS object to perform the work
    Dim signedCms As New SignedCms(contentInfo, True)

    'Read the *.PFX file from disk  and specifi the password you used to export it
    Dim certificateFromFile = _
       New X509Certificate2("C:\my certificate.pfx", "The password I Used")

    'Signer guy based on the certificate
    Dim Signer As CmsSigner = New CmsSigner(certificateFromFile)

    'Sign the content and keep it inside signedCMS object
    signedCms.ComputeSignature(Signer)

    'Encode signed data to extract it
    Dim encodedMessage As Byte() = signedCms.Encode()

    'To store in a file or Database get the string representation of signed data
    Dim signedDataInText = Convert.ToBase64String(encodedMessage)


    'SECOND PART, RECEIVE SIGNED DATA AND CHECK WITH THE ORIGINAL MESSAGE

    Dim originalTextToSign As String = "hello world"

    Dim contentInfo2 As New ContentInfo(Encoding.UTF8.GetBytes(originalTextToSign))

    Dim signedCms2 As New SignedCms(contentInfo2, True)

    'take signed string representation and convert to byte array to perform decode
    Dim encodedMessageFromSender As Byte() = Convert.FromBase64String(signedDataInText)

    signedCms2.Decode(encodedMessageFromSender)

    'Check the original message against the encrypted hash
    'If something is wrong this line will cause an exception
    signedCms2.CheckSignature(True)

End Sub

History

  • V1 November 2013. 

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Technical Lead
Costa Rica Costa Rica
Software Developer and blogger. { #net #javascript #angularJs #azure c# #mvc #security }

http://www.rolandocr.com

Comments and Discussions

 
QuestionSigning Zip files Pin
Member 882248912-Sep-19 6:19
Member 882248912-Sep-19 6:19 
GeneralMy vote of 5 Pin
JOE Heart Under Blade22-Nov-13 14:04
JOE Heart Under Blade22-Nov-13 14:04 
GeneralRe: My vote of 5 Pin
Rolando CC23-Nov-13 14:46
professionalRolando CC23-Nov-13 14:46 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.