private string DigitalSign(string location, string id, string password, byte[] data) { foreach (var certificatePair in GetCertificates(location)) { var certId = GetCertificateId(certificatePair.Key); if (certId == id) { var rsa = CertificateManager.DecryptPrivateKey(certificatePair.Value, password); if (rsa == null) { return(null); } var privateKey = DotNetUtilities.GetKeyPair(rsa).Private; var signatureFactory = new Asn1SignatureFactory("SHA1WITHRSA", privateKey); var signerInfoGenerator = new SignerInfoGeneratorBuilder().Build(signatureFactory, DotNetUtilities.FromX509Certificate(certificatePair.Key)); var generator = new CmsSignedDataGenerator(); generator.AddSignerInfoGenerator(signerInfoGenerator); var signedData = generator.Generate(new CmsProcessableByteArray(data), true); return(Uri.EscapeDataString(Convert.ToBase64String(signedData.GetEncoded()))); } } return(null); }