I am using your software to develop app which will be signing text using qualified certificate every 2 minutes.

I have card in reader connected to the computer all the time and it is accessible. I can sign my text using:

SignedDocument sd = dsign.Sign(Encoding.Default.GetBytes(myText), new QualifiedCertificateSelector());

I am wondering if it is possible to retrieve certificate when program starts and use it later to sign text. Now I need to have active session to user above statement. Signing text without opening session will speed up signing process in my solution.

I need to sign given text using qualified certificate but do not need information about that certificate in the output file. The other part already has information about it. How can I make your software to do that?

I found dsign.Detached = true

But even when this option is 'true' I can see info about used certificate in the output file.

PS. I started one thread here on Friday and you replied to it but it has been removed.

I was under impression that output file should have

-------BEGIN PKCS7 ---------

and correspondeing endong line.

I am looking for the answer why in my project the partner for which I have to sign given text does not recognizing signed string as PKCS#7.

I am doing signing process exactly as you have in your sample solution.

Ugo,

Now I understand the differences. I have a question which only you can answer, I think. I develop app in c#. I have to sign given string and return signed string to the other party. I am doing this using my old code which is asking my every time for password. Now I want to use your software to be able automatically login to card reader. My old code produces correct string while your code gives my slightly different result, which is wrong from my partner's point of view. Could you take a look at both codes and suggest what I am doing wrong in your software, please?

String tokenToSign = "12345677888==";            //just an example. Text in UTF-8 must be converted to UTF-16 prior to signing

--- code using NDigitSign

DigitalSigner dsign = new DigitalSigner("dll");

dsign.OpenSession (0);

dsign.Login("123456");

dsign.CAdES = false;

dsign.Multisignature = false;

dsign.Detached = false;

Encoding enc = Encoding.Unicode;

SignedDocument sd = dsign.Sign(enc.GetBytes(tokenToSign));

returnedText = Convert.ToBase64String(sd.ToByteArray());

-- now my old code which works

Encoding unicode = Encoding.Unicode;

byte [] tokenToSignBytes = unicode.GetBytes(tokenToSign);

X509Store storeMy = new X509Store(StoreName.My, StoreLocation.CurrentUser);

storeMy.Open(OpenFlags.ReadOnly);

X509Certificate2Collection certColl = storeMy.Certificates.Find(X509FindType.FindBySubjectName, MY_NAME, true));

storeMy.Close();

X509Certificate2 signerCert = certColl[0];

ContentInfo contentInfo = new ContentInfo(tokenToSignBytes);

SignedCms signedCms = new SignedCms(contentInfo, true);

CmsSigner cmsSigner = new CmsSigner(signerCert);

signedCms.ComputeSignature(cmsSigner, false);

byte [] encodedSignedCms = signedCms.Encode();

returnedText = Convert.ToBase64String(encodedSignedCms);

The most significant differences are:

1. When using your software output contains original string at the beginning of file. String in output file is the same as original string. When I write sd.ToByteArray() to txt file I can read original string in that file. In my code when I write signedCms.Encode() I cannot find that string in output file even dough it is attached to output file. Looks like it is scrambled somehow. 

2. Your software generates output file which contains less information about certificate than output file generated by my code.

Is there any chance to use your library with my code to bypass needs of entering pin code?

Is there any chance to use the optional parameters you mentioned with your software?

I found out why my partner cannot check my signature generated by your software.

They require me to use SHA-1. Is there any chance to use it with NDigitSign?