x509 and digital signature

views:

answers:

x509 and digital signature

I'm rewriting an application so that we can stop using the old Microsoft.Web.Services2.Security.X509 from Microsoft.Web.Services2.dll and start using System.Security.Cryptography.X509Certificates.

There is one method that I can't figure out, though:

bool Microsoft.Web.Services2.Security.X509.X509Certificate.SupportsDigitalSignature()

I can't find its equivalent in

System.Security.Cryptography.X509Certificates.X509Certificate2.

Do I even need to test for whether a certificate supports digital signature? I don't see how it cannot...

I believe you will want to use this
Microsoft.Web.Services3.Security.Tokens

Woot4Moo 2010-10-07 15:16:29

Thanks for the answer, but I don't think the web services enhancements is what I need. It is described on MSDN as "WSE is an engine for applying advanced Web service protocols to SOAP messages."(http://msdn.microsoft.com/en-us/library/aa529139.aspx) Which is not what I'll use the certificates for. (I believe the use of Microsoft.Web.Services2 was just necessary because of lacking certificate support in early .Net versions.)

Polymorphix 2010-10-07 17:00:35

+1 A:

First of all the certificate must have a private key in order to be used for signing. Use X509Certificate2.HasPrivateKey property to check this.

Use X509Certificate2.Extensions property to get access to Key Usage extension. One of key usages is Digital Signature. This is what you are looking for.

Eugene Mayevski 'EldoS Corp 2010-10-07 15:34:55

Thanks! I should have thought about the private key myself, but...

Polymorphix 2010-10-07 16:55:02

On second thought, I'm on the server side having only the public key part of the client's certificate, so I must only check against the KeyUsage extension.

Polymorphix 2010-10-11 11:26:15

ansaurus

tags:

views:

answers:

x509 and digital signature

related questions