officefileapi-devexpress-dot-office-dot-digitalsignatures-40b4c0d2.md
Using weak or outdated hash algorithms (such as SHA-1) may allow threat actors to manipulate or predict hash values. Use modern, secure alternatives (such as SHA-256 or stronger).
Lists values used to specify the signature’s secure hash algorithm (SHA) type.
Namespace : DevExpress.Office.DigitalSignatures
Assembly : DevExpress.Pdf.v25.2.Core.dll
NuGet Package : DevExpress.Pdf.Core
public enum HashAlgorithmType
Public Enum HashAlgorithmType
| Name | Description |
|---|---|
SHA1 |
SHA1 hashing algorithm. This type can affect the signature’s integrity, authenticity, and legal validity.
|
| SHA256 |
SHA256 hashing algorithm.
|
| SHA384 |
SHA384 hashing algorithm.
|
| SHA512 |
SHA512 hashing algorithm.
|
The following properties accept/return HashAlgorithmType values:
Pass one of the HashAlgorithmType enumeration values to the Pkcs7Signer object’s constructor to specify the signature’s hashing algorithm.
The code sample below uses a document hash to apply a signature externally:
using DevExpress.Office.DigitalSignatures;
using DevExpress.Pdf;
using (var signer = new PdfDocumentSigner(File.OpenRead("SignDemo.pdf")))
{
// Specify the information about the signature metadata:
var digestCalculator = new DigestCalculator(HashAlgorithmType.SHA256);
var signerInfo = new ExternalSignerInfo(PdfSignatureType.Pkcs7, 8000, digestCalculator);
// Create a new form field:
var fieldInfo = new PdfSignatureFieldInfo(1) { SignatureBounds = new PdfRectangle(10, 10, 100, 100) };
// Apply the metadata to the form field:
var builder = new PdfDeferredSignatureBuilder(signerInfo, fieldInfo);
// Add the signature to the document:
var deferredSigner = signer.SignDeferred(builder);
// Obtain the document hash and hash algorithm's object identifier:
var digest = deferredSigner.HashValue;
var digestAlgorithmOID = digestCalculator.AlgorithmOid;
// Generate the signature content to insert into the document:
byte[] signature = CreateSignature(digest, digestAlgorithmOID);
// Add the signature contents and save the document to the file:
deferredSigner.Sign("signed.pdf", signature);
}
static byte[] CreateSignature(byte[] digest, string digestAlgorithmOID)
{
var signer = new Pkcs7Signer(@"SignDemo.pfx", "dxdemo");
byte[] signature = signer.BuildSignature(digest, digestAlgorithmOID);
return signature;
}
Imports DevExpress.Office.DigitalSignatures
Imports DevExpress.Pdf
Using signer = New PdfDocumentSigner(File.OpenRead("SignDemo.pdf"))
' Specify the information about the signature metadata:
Dim digestCalculator = New DigestCalculator(HashAlgorithmType.SHA256)
Dim signerInfo = New ExternalSignerInfo(PdfSignatureType.Pkcs7, 8000, digestCalculator)
' Create a new form field:
Dim fieldInfo = New PdfSignatureFieldInfo(1) With {.SignatureBounds = New PdfRectangle(10, 10, 100, 100)}
' Apply the metadata to the form field:
Dim builder = New PdfDeferredSignatureBuilder(signerInfo, fieldInfo)
' Add the signature to the document:
Dim deferredSigner = signer.SignDeferred(builder)
' Obtain the document hash and hash algorithm's object identifier:
Dim digest = deferredSigner.HashValue
Dim digestAlgorithmOID = digestCalculator.AlgorithmOid
' Generate the signature content to insert into the document:
Dim signature() As Byte = CreateSignature(digest, digestAlgorithmOID)
' Add the signature contents and save the document to the file:
deferredSigner.Sign("signed.pdf", signature)
End Using
Private Function CreateSignature(ByVal digest As Byte(), ByVal digestAlgorithmOID As String) As Byte()
Dim signer = New Pkcs7Signer("SignDemo.pfx", "dxdemo")
Dim signature As Byte() = signer.BuildSignature(digest, digestAlgorithmOID)
Return signature
End Function
See Also
Use Office File API to Sign Word Files
Use Office File API to Sign Excel Files