Click or drag to resize
Pdftools logo

SessionCreateSignatureFromKeyLabel Method

Create a signature configuration based on the private key's label (name) and an external certificate

Create a signature configuration where only the private key is contained in the PKCS#11 device and the signing certificate is provided externally. This is intended for PKCS#11 devices that can only store private keys, e.g. the Google Cloud Key Management (KMS).

The private key object is identified using its label, i.e. the CKA_LABEL object attribute in the PKCS#11 store.

The certificates of the trust chain should be added using AddCertificate(Stream).


Namespace: PdfTools.Crypto.Providers.Pkcs11
Assembly: PdfTools (in PdfTools.dll) Version: 1.0.0
Syntax
C#
public SignatureConfiguration CreateSignatureFromKeyLabel(
	string label,
	Stream certificate
)

Parameters

label  String
The label of the private key object in the PKCS#11 store
certificate  Stream
The signing certificate in either PEM (.pem, ASCII text) or DER (.cer, binary) form

Return Value

SignatureConfiguration
Exceptions
ExceptionCondition
NotFoundExceptionIf the private key cannot be found in the PKCS#11 store
ArgumentExceptionIf the certificate is not a valid signing certificate
ArgumentExceptionIf the key specification matches more than one key
ArgumentNullExceptionif label is .
ArgumentNullExceptionif certificate is .
See Also