Back to all docs
API Reference / Telerik.Documents.Fixed.Model.DigitalSignatures / ExternalSignerBase

Class
ExternalSignerBase

Base helper implementation for building external (client supplied) digital signatures.

Definition

Namespace:Telerik.Documents.Fixed.Model.DigitalSignatures

Assembly:Telerik.Windows.Documents.Fixed.dll

Syntax:
cs-api-definition
public abstract class ExternalSignerBase : IExternalSigner

Inheritance: objectExternalSignerBase

Implements: IExternalSigner

Constructors

ExternalSignerBase()

Initializes a new instance of the ExternalSignerBase class.

Declaration

cs-api-definition
protected ExternalSignerBase()

Methods

GetCertificateChain()

Returns the X.509 certificate chain associated with the signer.

Declaration

cs-api-definition
protected abstract X509Certificate2[] GetCertificateChain()

Returns

X509Certificate2[]

An array of X.509 certificates forming the signing certificate chain. Must not be null or empty. The first element must be the signing (leaf) certificate.

Remarks

This should return an ordered array of certificates starting with the end-entity (leaf) certificate whose corresponding private key (or signing capability) is used in SignData(byte[], SignatureSettings), followed by any intermediate CA certificates needed to establish a trust chain. The root certificate is typically excluded. Implementors may cache the certificates or retrieve them dynamically from a device/service. The library validates that the returned array is not null or empty.

SignData(byte[], SignatureSettings)

Performs the raw cryptographic signing operation over the DER-encoded signed attributes.

Declaration

cs-api-definition
protected abstract byte[] SignData(byte[] dataToSign, SignatureSettings settings)

Parameters

dataToSign

byte[]

The DER-encoded signed attributes (CMS SignedAttributes) that must be signed. This includes the message digest, content type, signing time, and signing certificate reference.

settings

SignatureSettings

Signature generation settings (e.g. digest algorithm, timestamp server).

Returns

byte[]

Binary signature value for the provided signed attributes.

Remarks

The method should return the raw signature bytes appropriate for the public key type (e.g. RSA signature (PKCS#1 v1.5) or ECDSA signature). For ECDSA, the signature can be either raw format (r||s concatenated) or DER-encoded (SEQUENCE { r, s }); the infrastructure will handle the conversion if needed. The surrounding infrastructure will insert this value into the CMS (PKCS#7) SignerInfo structure.

In this article
DefinitionConstructorsExternalSignerBase()MethodsGetCertificateChain()SignData(byte[], SignatureSettings)
Not finding the help you need?
Contact Support