Class CadesSignerBuilder
- Namespace
- SimpleSign.CAdES
- Assembly
- SimpleSign.CAdES.dll
Immutable fluent builder for CAdES signatures (ETSI EN 319 122).
Created via new CadesSignerBuilder(data) and configured with
With* methods that return a new builder instance.
public sealed class CadesSignerBuilder
- Inheritance
-
CadesSignerBuilder
- Inherited Members
Methods
SignAsync(CancellationToken)
Signs the data and returns the DER-encoded CMS/PKCS#7 SignedData.
public Task<byte[]> SignAsync(CancellationToken cancellationToken = default)
Parameters
cancellationTokenCancellationToken
Returns
SignWithDetailsAsync(CancellationToken)
Signs the data and returns a structured result with the CMS bytes and metadata about applied protection levels and warnings.
public Task<CadesSigningResult> SignWithDetailsAsync(CancellationToken cancellationToken = default)
Parameters
cancellationTokenCancellationToken
Returns
WithCertificate(X509Certificate2)
Sets the signer's certificate (must have a private key for local signing).
public CadesSignerBuilder WithCertificate(X509Certificate2 certificate)
Parameters
certificateX509Certificate2
Returns
WithCertificate(X509Certificate2, IReadOnlyList<X509Certificate2>)
Sets the signer's certificate with an additional certificate chain.
public CadesSignerBuilder WithCertificate(X509Certificate2 certificate, IReadOnlyList<X509Certificate2> extraCertificates)
Parameters
certificateX509Certificate2extraCertificatesIReadOnlyList<X509Certificate2>
Returns
WithCommitmentType(CommitmentType)
Sets the commitment type indication (e.g. ProofOfOrigin, ProofOfApproval).
public CadesSignerBuilder WithCommitmentType(CommitmentType commitmentType)
Parameters
commitmentTypeCommitmentType
Returns
WithExternalSigner(X509Certificate2, Func<byte[], Task<byte[]>>)
Uses an external signing delegate with auto-detected signature algorithm OID.
public CadesSignerBuilder WithExternalSigner(X509Certificate2 certificate, Func<byte[], Task<byte[]>> externalSigner)
Parameters
certificateX509Certificate2externalSignerFunc<byte[], Task<byte[]>>
Returns
WithExternalSigner(X509Certificate2, Func<byte[], Task<byte[]>>, string)
Uses an external signing delegate (HSM, cloud KMS, A3 token).
public CadesSignerBuilder WithExternalSigner(X509Certificate2 certificate, Func<byte[], Task<byte[]>> externalSigner, string signatureAlgorithmOid)
Parameters
Returns
WithHashAlgorithm(HashAlgorithmName)
Explicitly sets the hash algorithm. Default: SHA-256.
public CadesSignerBuilder WithHashAlgorithm(HashAlgorithmName algorithm)
Parameters
algorithmHashAlgorithmName
Returns
WithHttpClient(HttpClient)
Sets the HttpClient used for TSA requests.
public CadesSignerBuilder WithHttpClient(HttpClient httpClient)
Parameters
httpClientHttpClient
Returns
WithLevel(CadesLevel)
Sets the CAdES conformance level explicitly.
public CadesSignerBuilder WithLevel(CadesLevel level)
Parameters
levelCadesLevel
Returns
WithLogger(ILogger)
Sets the logger for diagnostic output.
public CadesSignerBuilder WithLogger(ILogger logger)
Parameters
loggerILogger
Returns
WithOperationId(string)
Sets an operation ID for log correlation (appears in all log messages produced by this signing operation).
public CadesSignerBuilder WithOperationId(string operationId)
Parameters
operationIdstring
Returns
WithRevocationHttpClient(HttpClient)
Sets a dedicated HttpClient for OCSP/CRL revocation checks.
public CadesSignerBuilder WithRevocationHttpClient(HttpClient httpClient)
Parameters
httpClientHttpClient
Returns
WithSignatureAlgorithm(string)
Explicitly sets the signature algorithm OID.
public CadesSignerBuilder WithSignatureAlgorithm(string signatureAlgorithmOid)
Parameters
signatureAlgorithmOidstring
Returns
WithSignaturePolicy(string, string?)
Sets the signature policy identifier and optional URI.
public CadesSignerBuilder WithSignaturePolicy(string oid, string? uri = null)
Parameters
Returns
WithSigningTime(DateTimeOffset)
Sets an explicit signing time. Default: UTC now.
public CadesSignerBuilder WithSigningTime(DateTimeOffset signingTime)
Parameters
signingTimeDateTimeOffset
Returns
WithTimestamp(string)
Enables timestamp from a Time Stamp Authority. Sets the CAdES level to at least Timestamped.
public CadesSignerBuilder WithTimestamp(string tsaUrl)
Parameters
tsaUrlstring
Returns
WithTimestamp(string, HttpClient)
Enables timestamp with a specific HttpClient.
public CadesSignerBuilder WithTimestamp(string tsaUrl, HttpClient httpClient)
Parameters
tsaUrlstringhttpClientHttpClient