Here's the code to create a digital signature:
ContentInfo contentInfo = new ContentInfo(msg);
SignedCms signedCms = new SignedCms(contentInfo);
CmsSigner cmsSigner = new CmsSigner(signerCert);
signedCms.ComputeSignature(cmsSigner, false);
How can I get a list of algorithms supported by the certificate? And how to create a digital signature using the specified algorithm from list?
Here are some examples of screenshots of one of the proprietary software designed to create a digital signature:
List of algorithms from first Certificate:
List of algorithms from second Certificate:
Normally you can use any kind of hash over the data. This hash is then put into the SignedInfo structure. That SignedInfo structure in itself is then signed using the signature algorithm identifier for the given algorithm, which also includes the hash algorithm. It seems you cannot directly specify the signature algorithm, but the underlying hash algorithm however can be specified using
SignerInfo.DigestAlgorithm. I can only presume that it is also used for the hash over the actual data that is put in the SignedInfo.This hash algorithm has to be usable within the signature generation algorithm, but it is not specified within an X509 certificate.
GOST R is specific to Russia, so I can only guess that that option is only present for specific Russian certificates (possibly this is linked to the signature algorithm or some kind of certificate extension).