/// <summary> /// The <see cref="M:System.Security.Cryptography.Pkcs.SignerInfo.CheckSignature(System.Security.Cryptography.X509Certificates.X509Certificate2Collection,System.Boolean)"/> method verifies the digital signature of the message by using the specified collection of certificates and, optionally, validates the certificate. /// </summary> /// <param name="extraStore">An <see cref="T:System.Security.Cryptography.X509Certificates.X509Certificate2Collection"/> object that can be used to validate the chain. If no additional certificates are to be used to validate the chain, use <see cref="M:System.Security.Cryptography.Pkcs.SignerInfo.CheckSignature(System.Boolean)"/> instead of <see cref="M:System.Security.Cryptography.Pkcs.SignerInfo.CheckSignature(System.Security.Cryptography.X509Certificates.X509Certificate2Collection,System.Boolean)"/>.</param><param name="verifySignatureOnly">A bool value that specifies whether only the digital signature is verified. If <paramref name="verifySignatureOnly"/> is true, only the signature is verified. If <paramref name="verifySignatureOnly"/> is false, the digital signature is verified, the certificate chain is validated, and the purposes of the certificates are validated. The purposes of the certificate are considered valid if the certificate has no key usage or if the key usage supports digital signature or nonrepudiation.</param><exception cref="T:System.ArgumentNullException">A null reference was passed to a method that does not accept it as a valid argument.</exception><exception cref="T:System.Security.Cryptography.CryptographicException">A cryptographic operation could not be completed.</exception><exception cref="T:System.InvalidOperationException">A method call was invalid for the object's current state.</exception> public void CheckSignature(X509Certificate2Collection extraStore, bool verifySignatureOnly) { if (extraStore == null) { throw new ArgumentNullException("extraStore"); } X509Certificate2 certificate = this.Certificate; if (certificate == null) { certificate = PkcsUtils.FindCertificate(this.SignerIdentifier, extraStore); if (certificate == null) { throw new CryptographicException(-2146889714); } } this.Verify(extraStore, certificate, verifySignatureOnly); }