Table of Contents

Class CadesSignerBuilder

Namespace
SimpleSign.CAdES
Assembly
SimpleSign.CAdES.dll

Immutable fluent builder for CAdES signatures (ETSI EN 319 122). Created via new CadesSignerBuilder(data) and configured with With* methods that return a new builder instance.

public sealed class CadesSignerBuilder
Inheritance
CadesSignerBuilder
Inherited Members

Methods

SignAsync(CancellationToken)

Signs the data and returns the DER-encoded CMS/PKCS#7 SignedData.

public Task<byte[]> SignAsync(CancellationToken cancellationToken = default)

Parameters

cancellationToken CancellationToken

Returns

Task<byte[]>

SignWithDetailsAsync(CancellationToken)

Signs the data and returns a structured result with the CMS bytes and metadata about applied protection levels and warnings.

public Task<CadesSigningResult> SignWithDetailsAsync(CancellationToken cancellationToken = default)

Parameters

cancellationToken CancellationToken

Returns

Task<CadesSigningResult>

WithCertificate(X509Certificate2)

Sets the signer's certificate (must have a private key for local signing).

public CadesSignerBuilder WithCertificate(X509Certificate2 certificate)

Parameters

certificate X509Certificate2

Returns

CadesSignerBuilder

WithCertificate(X509Certificate2, IReadOnlyList<X509Certificate2>)

Sets the signer's certificate with an additional certificate chain.

public CadesSignerBuilder WithCertificate(X509Certificate2 certificate, IReadOnlyList<X509Certificate2> extraCertificates)

Parameters

certificate X509Certificate2
extraCertificates IReadOnlyList<X509Certificate2>

Returns

CadesSignerBuilder

WithCommitmentType(CommitmentType)

Sets the commitment type indication (e.g. ProofOfOrigin, ProofOfApproval).

public CadesSignerBuilder WithCommitmentType(CommitmentType commitmentType)

Parameters

commitmentType CommitmentType

Returns

CadesSignerBuilder

WithExternalSigner(X509Certificate2, Func<byte[], Task<byte[]>>)

Uses an external signing delegate with auto-detected signature algorithm OID.

public CadesSignerBuilder WithExternalSigner(X509Certificate2 certificate, Func<byte[], Task<byte[]>> externalSigner)

Parameters

certificate X509Certificate2
externalSigner Func<byte[], Task<byte[]>>

Returns

CadesSignerBuilder

WithExternalSigner(X509Certificate2, Func<byte[], Task<byte[]>>, string)

Uses an external signing delegate (HSM, cloud KMS, A3 token).

public CadesSignerBuilder WithExternalSigner(X509Certificate2 certificate, Func<byte[], Task<byte[]>> externalSigner, string signatureAlgorithmOid)

Parameters

certificate X509Certificate2
externalSigner Func<byte[], Task<byte[]>>
signatureAlgorithmOid string

Returns

CadesSignerBuilder

WithHashAlgorithm(HashAlgorithmName)

Explicitly sets the hash algorithm. Default: SHA-256.

public CadesSignerBuilder WithHashAlgorithm(HashAlgorithmName algorithm)

Parameters

algorithm HashAlgorithmName

Returns

CadesSignerBuilder

WithHttpClient(HttpClient)

Sets the HttpClient used for TSA requests.

public CadesSignerBuilder WithHttpClient(HttpClient httpClient)

Parameters

httpClient HttpClient

Returns

CadesSignerBuilder

WithLevel(CadesLevel)

Sets the CAdES conformance level explicitly.

public CadesSignerBuilder WithLevel(CadesLevel level)

Parameters

level CadesLevel

Returns

CadesSignerBuilder

WithLogger(ILogger)

Sets the logger for diagnostic output.

public CadesSignerBuilder WithLogger(ILogger logger)

Parameters

logger ILogger

Returns

CadesSignerBuilder

WithOperationId(string)

Sets an operation ID for log correlation (appears in all log messages produced by this signing operation).

public CadesSignerBuilder WithOperationId(string operationId)

Parameters

operationId string

Returns

CadesSignerBuilder

WithRevocationHttpClient(HttpClient)

Sets a dedicated HttpClient for OCSP/CRL revocation checks.

public CadesSignerBuilder WithRevocationHttpClient(HttpClient httpClient)

Parameters

httpClient HttpClient

Returns

CadesSignerBuilder

WithSignatureAlgorithm(string)

Explicitly sets the signature algorithm OID.

public CadesSignerBuilder WithSignatureAlgorithm(string signatureAlgorithmOid)

Parameters

signatureAlgorithmOid string

Returns

CadesSignerBuilder

WithSignaturePolicy(string, string?)

Sets the signature policy identifier and optional URI.

public CadesSignerBuilder WithSignaturePolicy(string oid, string? uri = null)

Parameters

oid string
uri string

Returns

CadesSignerBuilder

WithSigningTime(DateTimeOffset)

Sets an explicit signing time. Default: UTC now.

public CadesSignerBuilder WithSigningTime(DateTimeOffset signingTime)

Parameters

signingTime DateTimeOffset

Returns

CadesSignerBuilder

WithTimestamp(string)

Enables timestamp from a Time Stamp Authority. Sets the CAdES level to at least Timestamped.

public CadesSignerBuilder WithTimestamp(string tsaUrl)

Parameters

tsaUrl string

Returns

CadesSignerBuilder

WithTimestamp(string, HttpClient)

Enables timestamp with a specific HttpClient.

public CadesSignerBuilder WithTimestamp(string tsaUrl, HttpClient httpClient)

Parameters

tsaUrl string
httpClient HttpClient

Returns

CadesSignerBuilder