How to get a list of algorithms supported by the certificate

1.2k Views Asked by HowToRsa At 04 April 2025 at 21:42

Here's the code to create a digital signature:

ContentInfo contentInfo = new ContentInfo(msg);
SignedCms signedCms = new SignedCms(contentInfo);
CmsSigner cmsSigner = new CmsSigner(signerCert);            
signedCms.ComputeSignature(cmsSigner, false);

How can I get a list of algorithms supported by the certificate? And how to create a digital signature using the specified algorithm from list?

Here are some examples of screenshots of one of the proprietary software designed to create a digital signature:

List of algorithms from first Certificate:

enter image description here

List of algorithms from second Certificate:

enter image description here

Original Q&A

There are 2 best solutions below

divanov On 31 January 2015 at 18:03

What Maarten says is correct. Certificate contains digital signature for the public key, which is produced according to some algorithm. In case of first ceritificate signature is GOST R 34.10-2001 and in second one it's the most likely RSA. Any hash can be used for signing data, but GOST R 34.10-2001 clearly states that GOST R 34.11-94 hash should be used as the only hash algorithm. Just to sum it up: list of allowed hash algorithms is optionally defined in the standard, which defines digital signature scheme.

Maarten Bodewes On 21 October 2014 at 17:05

Normally you can use any kind of hash over the data. This hash is then put into the SignedInfo structure. That SignedInfo structure in itself is then signed using the signature algorithm identifier for the given algorithm, which also includes the hash algorithm. It seems you cannot directly specify the signature algorithm, but the underlying hash algorithm however can be specified using SignerInfo.DigestAlgorithm. I can only presume that it is also used for the hash over the actual data that is put in the SignedInfo.

This hash algorithm has to be usable within the signature generation algorithm, but it is not specified within an X509 certificate.

GOST R is specific to Russia, so I can only guess that that option is only present for specific Russian certificates (possibly this is linked to the signature algorithm or some kind of certificate extension).

How to get a list of algorithms supported by the certificate

There are 2 best solutions below

Related Questions in C#

Related Questions in SSL

Related Questions in CRYPTOGRAPHY

Related Questions in DIGITAL-SIGNATURE

Related Questions in GOST3410

Trending Questions

Popular # Hahtags

Popular Questions