SignatureOptions.DigestMethod Property

SECURITY-RELATED CONSIDERATIONS

Using weak or outdated hash algorithms (such as SHA-1) may allow threat actors to manipulate or predict hash values. Use modern, secure alternatives (such as SHA-256 or stronger).

Gets or sets the signature digest method (the algorithm used to hash the signature).

Namespace: DevExpress.Office.DigitalSignatures

Assembly: DevExpress.Docs.v25.2.dll

NuGet Package: DevExpress.Document.Processor

public HashAlgorithmType DigestMethod { get; set; }

Public Property DigestMethod As HashAlgorithmType

Property Value

Type	Description
HashAlgorithmType	An enumeration value that indicates the digest method.

Available values:

Name	Description
SHA1	SHA1 hashing algorithm. This type can affect the signature’s integrity, authenticity, and legal validity.
SHA256	SHA256 hashing algorithm.
SHA384	SHA384 hashing algorithm.
SHA512	SHA512 hashing algorithm.

Example

The code sample below signs and saves a Word and Excel document:

C#
VB.NET

using DevExpress.Office.DigitalSignatures;
using System;
using System.Diagnostics;
using System.Security.Cryptography.X509Certificates;

static void Main(string[] args)
{
    //Sign a workbook:
    SignDocument("Template.xlsx", "Workbook_signed.xlsx");

    //Sign a document:
    SignDocument("Template.docx", "Template_signed.docx");
}
static void SignDocument(string path, string output)
{
    DocumentSigner documentSigner = new DocumentSigner();
    documentSigner.Sign(path, output,
     CreateSignatureOptions(), CreateSignatureInfo());
}

//Specify a signature certificate and digest method:
static SignatureOptions CreateSignatureOptions()
{
    X509Certificate2 certificate = new X509Certificate2("Certificate/SignDemo.pfx", "dxdemo");
    Uri tsaServer = new Uri("https://freetsa.org/tsr");
    SignatureOptions options = new SignatureOptions();
    options.Certificate = certificate;
    if (tsaServer != null)
        options.TsaClient = new TsaClient(tsaServer, HashAlgorithmType.SHA256);

    //In this example, certificate validation is skipped
    options.SignatureFlags &= ~SignatureFlags.ValidateCertificate;
    options.CertificateKeyUsageFlags = X509KeyUsageFlags.None;
    options.DigestMethod = HashAlgorithmType.SHA256;

    X509ChainPolicy policy = new X509ChainPolicy();
    policy.RevocationMode = X509RevocationMode.NoCheck;
    policy.RevocationFlag = X509RevocationFlag.ExcludeRoot;
    policy.VerificationFlags |= X509VerificationFlags.AllowUnknownCertificateAuthority |
        X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown;
    options.CertificatePolicy = policy;
    options.TimestampCertificatePolicy = policy;
    return options;
}

//Specify signer information:
static SignatureInfo CreateSignatureInfo()
{
    SignatureInfo signatureInfo = new SignatureInfo();
    signatureInfo.CommitmentType = CommitmentType.ProofOfApproval;
    signatureInfo.Time = DateTime.UtcNow;
    signatureInfo.ClaimedRoles.Clear();
    signatureInfo.ClaimedRoles.Add("Sales Representative");
    signatureInfo.Comments = "Demo Digital Signature";

    return signatureInfo;
}

Imports DevExpress.Office.DigitalSignatures
Imports System
Imports System.Diagnostics
Imports System.Security.Cryptography.X509Certificates

Shared Sub Main(ByVal args() As String)
    'Sign a workbook:
    SignDocument("Template.xlsx", "Workbook_signed.xlsx")

    'Sign a document:
    SignDocument("Template.docx", "Document_signed.docx")
End Sub

Shared Sub SignDocument(ByVal path As String, ByVal output As String)
    Dim documentSigner As New DocumentSigner()
    documentSigner.Sign(path, output,
     CreateSignatureOptions(), CreateSignatureInfo())
    Process.Start(output)
End Sub

' Specify a signature certificate and digest method:
Private Shared Function CreateSignatureOptions() As SignatureOptions
    Dim certificate As New X509Certificate2("Certificate/SignDemo.pfx", "dxdemo")
    Dim tsaServer As New Uri("https://freetsa.org/tsr")
    Dim options As New SignatureOptions()
    options.Certificate = certificate
    If tsaServer IsNot Nothing Then
        options.TsaClient = New TsaClient(tsaServer, HashAlgorithmType.SHA256)
    End If

    'In this example, certificate validation is skipped
    options.SignatureFlags = options.SignatureFlags And Not SignatureFlags.ValidateCertificate
    options.CertificateKeyUsageFlags = X509KeyUsageFlags.None
    options.DigestMethod = HashAlgorithmType.SHA256

    Dim policy As New X509ChainPolicy()
    policy.RevocationMode = X509RevocationMode.NoCheck
    policy.RevocationFlag = X509RevocationFlag.ExcludeRoot
    policy.VerificationFlags = policy.VerificationFlags Or X509VerificationFlags.AllowUnknownCertificateAuthority Or X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown
    options.CertificatePolicy = policy
    options.TimestampCertificatePolicy = policy
    Return options
End Function

' Specify signer information:
Shared Function CreateSignatureInfo() As SignatureInfo
    Dim signatureInfo As New SignatureInfo()
    signatureInfo.CommitmentType = CommitmentType.ProofOfApproval
    signatureInfo.Time = Date.UtcNow
    signatureInfo.ClaimedRoles.Clear()
    signatureInfo.ClaimedRoles.Add("Sales Representative")
    signatureInfo.Comments = "Demo Digital Signature"

    Return signatureInfo
End Function

The following code snippets (auto-collected from DevExpress Examples) contain references to the DigestMethod property.

Note

The algorithm used to collect these code examples remains a work in progress. Accordingly, the links and snippets below may produce inaccurate results. If you encounter an issue with code examples below, please use the feedback form on this page to report the issue.

C#
VB.NET

word-document-api-sign-document-and-validate-signature/CS/WordDocumentDigitalSignatureSample/Program.cs#L42

options.CertificateKeyUsageFlags = X509KeyUsageFlags.None;
options.DigestMethod = HashAlgorithmType.SHA256;

spreadsheet-document-api-sign-workbook-and-validate-signature/CS/WorkbookDigitalSignatureSample/Program.cs#L46

options.CertificateKeyUsageFlags = X509KeyUsageFlags.None;
options.DigestMethod = HashAlgorithmType.SHA256;

word-document-api-sign-document-and-validate-signature/VB/WordDocumentDigitalSignatureSample/Program.vb#L39

options.CertificateKeyUsageFlags = X509KeyUsageFlags.None
options.DigestMethod = HashAlgorithmType.SHA256
Dim policy As X509ChainPolicy = New X509ChainPolicy()

spreadsheet-document-api-sign-workbook-and-validate-signature/VB/WorkbookDigitalSignatureSample/Program.vb#L42

options.CertificateKeyUsageFlags = X509KeyUsageFlags.None
options.DigestMethod = HashAlgorithmType.SHA256

Controls

FREE UTILITIES

Controls and Extensions

FREE UTILITIES

Controls

FREE UTILITIES

Controls and Extensions

FREE UTILITIES

SignatureOptions.DigestMethod Property

SECURITY-RELATED CONSIDERATIONS

Declaration

Property Value

Example

SignatureOptions.DigestMethod Property

SECURITY-RELATED CONSIDERATIONS

Declaration

Property Value

Example

Related GitHub Examples