Re: Verifying X509Certificate signature

From: Peter Ritchie [C# MVP] <PRSoCo@xxxxxxxxxxxxxxxx>
Date: Tue, 5 Aug 2008 07:44:01 -0700

Thanks Joe, I'll have a closer look at X509Chain and its ChainPolicy and
Build members...

-- Peter
--
Browse http://connect.microsoft.com/VisualStudio/feedback/ and vote.
http://www.peterRitchie.com/blog/
Microsoft MVP, Visual Developer - Visual C#

"Joe Kaplan" wrote:

I see what you are saying. What you really want to do is to build a chain
for the certificate and validate that. Simply checking the signing
certificate may not be adequate because something may have issed it as well.

Try taking a peek at the X509Chain class and the Build method. Note that it
will want you to apply a ChainPolicy as well where you describe what you are
checking the cert for.

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Peter Ritchie [C# MVP]" <PRSoCo@xxxxxxxxxxxxxxxx> wrote in message
news:96996562-FD5D-45F9-B39D-DADFD2182E1B@xxxxxxxxxxxxxxxx

Hi Joe, I'm actually looking to verify the signature of a certificate. I
have an X509Certificate2 object that has been signed with another
certificate. As part of my verification of the source of the certificate,
I'd like to verify that it has been signed by a known certificate.

Thanks -- Peter
--
Browse http://connect.microsoft.com/VisualStudio/feedback/ and vote.
http://www.peterRitchie.com/blog/
Microsoft MVP, Visual Developer - Visual C#

"Joe Kaplan" wrote:

What is it that you have that is signed? There may be different ways
depending on the format of the signed object. If it is a PKCS7 signed
data
blob, then the SignedCms class is the way to go and is pretty easy to
use.

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Peter Ritchie [C# MVP]" <PRSoCo@xxxxxxxxxxxxxxxx> wrote in message
news:FFE2365E-ACD4-4400-9018-FE516AD0F7B1@xxxxxxxxxxxxxxxx

Sorry for the cross-post; the last post didn't use the correct MSDN
e-mail...

Can anyone point me in the right direction for verifying an
X509Certificates
signature? i.e. that it was truly signed by a known/trusted certificate

Thanks -- Peter

--
Browse http://connect.microsoft.com/VisualStudio/feedback/ and vote.
http://www.peterRitchie.com/blog/
Microsoft MVP, Visual Developer - Visual C#

Prev by Date: Server has rejected the client credentials
Next by Date: Failed to start monitoring changes to
Previous by thread: RE: Verifying X509Certificate signature
Next by thread: Books on ASP.NET Membership and the Login Controls
Index(es):
- Date
- Thread

Relevant Pages

Re: Visual Studio 2005 installation
... Browse http://connect.microsoft.com/VisualStudio/feedback/ and vote. ... Microsoft MVP, Visual Developer - Visual C# ... upgrade version. ...
(microsoft.public.dotnet.general)
Re: Linien eines Meshs anzeigen
... Gruss Peter Bucher ... Microsoft MVP - Visual Developer ASP / ASP.NET, ...
(microsoft.public.de.german.entwickler.directx)
Re: Password Complexity
... Damn that was the time slot Dean and I wanted so we could have fun recapping the entire conference in a fun way. ... Joe Richards Microsoft MVP Windows Server Directory Services ...
(microsoft.public.windows.server.active_directory)
Re: IE7 und Grid ..
... Microsoft MVP - Visual Developer ASP / ASP.NET, Switzerland ...
(microsoft.public.de.german.entwickler.dotnet.asp)
Re: Pointless IL instructions?
... Microsoft MVP, Visual Developer - Visual C# ... copies from the stack (doesn't pop after. ... IL_0000: nop ...
(microsoft.public.dotnet.framework)