The DevExpress Word Processing Document API supports document signatures. This demo signs the predefined document and downloads the result.
Select a hash algorithm from the drop-down menu. Use controls in the Signature Settings section to specify signer information (reason, signer role, contact information, and so on). The demo uses the predefined TSA server as the timestamp source.
Click Sign Word Document to update the document and download the result.
Sample document
DocumentForProtection.docx
Signature Settings
using DevExpress.Office.DigitalSignatures;
using DevExpress.Office.Tsp;
using System.Security.Cryptography.X509Certificates;
Stream ApplyDigitalSignature(Stream stream, string tsaServer, string certificateFile, string password, HashAlgorithmType hashAlgorithm,
CommitmentType commitment, string role, string country, string city,
string state, string address1, string address2, string postalCode, string comments) {
var outputStream = new MemoryStream();
var documentSigner = new DocumentSigner();
var signatureOptions = CreateSignatureOptions(tsaServer, certificateFile, password, hashAlgorithm);
var signatureInfo = CreateSignatureInfo(commitment, role, country, city, state, address1, address2, postalCode, comments);
documentSigner.Sign(stream, outputStream, signatureOptions, signatureInfo);
return outputStream;
}
SignatureOptions CreateSignatureOptions(string tsaServer, string certificateFile, string password, HashAlgorithmType hashAlgorithm) {
var certificate = X509CertificateLoader.LoadPkcs12FromFile(certificateFile, password);
var options = new SignatureOptions();
options.Certificate = certificate;
options.TsaClient = new TsaClient(new Uri(tsaServer), HashAlgorithmType.SHA256);
var policy = new X509ChainPolicy();
policy.RevocationMode = X509RevocationMode.NoCheck;
policy.RevocationFlag = X509RevocationFlag.ExcludeRoot;
policy.VerificationFlags |= X509VerificationFlags.AllowUnknownCertificateAuthority | X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown;
options.CertificatePolicy = policy;
options.TimestampCertificatePolicy = policy;
options.SignatureFlags &= ~SignatureFlags.ValidateCertificate;
options.CertificateKeyUsageFlags = X509KeyUsageFlags.None;
options.DigestMethod = hashAlgorithm;
return options;
}
SignatureInfo CreateSignatureInfo(CommitmentType commitment, string role, string country, string city,
string state, string address1, string address2, string postalCode, string comments) {
var signatureInfo = new SignatureInfo();
signatureInfo.CommitmentType = commitment;
signatureInfo.Time = DateTime.UtcNow;
signatureInfo.ClaimedRoles.Clear();
signatureInfo.ClaimedRoles.Add(role);
signatureInfo.Country = country;
signatureInfo.City = city;
signatureInfo.StateOrProvince = state;
signatureInfo.Address1 = address1;
signatureInfo.Address2 = address2;
signatureInfo.PostalCode = postalCode;
signatureInfo.Comments = comments;
return signatureInfo;
}