diff --git a/xml/System.Security.Cryptography.Pkcs/CmsSigner.xml b/xml/System.Security.Cryptography.Pkcs/CmsSigner.xml
index 0e641f41e66..c140156196d 100644
--- a/xml/System.Security.Cryptography.Pkcs/CmsSigner.xml
+++ b/xml/System.Security.Cryptography.Pkcs/CmsSigner.xml
@@ -22,7 +22,7 @@
- The class provides signing functionality.
+ Represents a potential signer for a CMS/PKCS#7 signed message.
To be added.
@@ -32,7 +32,7 @@
4.0.0.0
- Creates an instance of the class.
+ Initializes a new instance of the class.
@@ -56,18 +56,18 @@
- The constructor creates an instance of the class by using a default subject identifier type.
+ Initializes a new instance of the class with default values.
class has the following default property values.
+ This constructor results in the following default property values:
|Property|Default value|
|--------------|-------------------|
-|||
-||1.3.14.3.2.26 (szOID_OIWSEC_sha1)|
-|| if is ,
otherwise|
+|||
+||2.16.840.1.101.3.4.2.1 (SHA-256)|
+|||
]]>
@@ -105,16 +105,26 @@
- A object that represents the set of CSP parameters to use.
- The constructor creates an instance of the class with the specified cryptographic service provider (CSP) parameters. is useful when you know the specific CSP and private key to use for signing.
+ The CSP parameters to describe which signing key to use.
+ Initializes a new instance of the class from a persisted key.
. An exception to those values when this constructor is used is that is set to .
+ This constructor results in the following default property values:
+|Property|Default value|
+|--------------|-------------------|
+|||
+||2.16.840.1.101.3.4.2.1 (SHA-256)|
+|||
+
+> [!IMPORTANT]
+> This method is only supported on .NET Framework. Its use on .NET Core throws a .
+
]]>
+ .NET Core only: all cases.
@@ -141,9 +151,21 @@
- A member of the enumeration that specifies the signer identifier type.
- The constructor creates an instance of the class with the specified subject identifier type.
- To be added.
+ The scheme to use for identifying which signing certificate was used.
+ Initializes a new instance of the class with a specified subject identifier type.
+
+ |2.16.840.1.101.3.4.2.1 (SHA-256)|
+|| if is ,
otherwise|
+
+]]>
+
@@ -170,13 +192,19 @@
- An object that represents the signing certificate.
- The constructor creates an instance of the class with the specified signing certificate.
+ The certificate whose private key will be used to sign a message.
+ Initializes a new instance of the class with a specified signer certificate.
.
+ This constructor results in the following default property values:
+
+|Property|Default value|
+|--------------|-------------------|
+|||
+||2.16.840.1.101.3.4.2.1 (SHA-256)|
+|||
The signing certificate specified by the `certificate` parameter is not checked for validity on input. To validate the certificate prior to supplying it to this constructor, use the method.
@@ -209,14 +237,21 @@
- A member of the enumeration that specifies the signer identifier type.
- An object that represents the signing certificate.
- The constructor creates an instance of the class with the specified signer identifier type and signing certificate.
+ The scheme to use for identifying which signing certificate was used.
+ The certificate whose private key will be used to sign a message.
+ Initializes a new instance of the class with a specified signer certificate and subject identifier type.
method.
+ This constructor results in the following default property values:
+
+|Property|Default value|
+|--------------|-------------------|
+||2.16.840.1.101.3.4.2.1 (SHA-256)|
+|| if is ,
otherwise|
+
+ The signing certificate specified by the `certificate` parameter is not checked for validity on input. To validate the certificate prior to supplying it to this constructor, use the method.
]]>
@@ -244,11 +279,27 @@
- To be added.
- To be added.
- To be added.
- To be added.
- To be added.
+ One of the enumeration values that specifies the scheme to use for identifying which signing certificate was used.
+ The certificate whose private key will be used to sign a message.
+ The private key object to use when signing the message.
+ Initializes a new instance of the class with a specified signer certificate, subject identifier type, and private key object.
+
+ |2.16.840.1.101.3.4.2.1 (SHA-256)|
+|| if is ,
otherwise|
+
+ The signing certificate specified by the `certificate` parameter is not checked for validity on input. To validate the certificate prior to supplying it to this constructor, use the method.
+
+ This constructor does not validate that the `privateKey` parameter corresponds to the public key in `certificate`. If the keys don't match, the class and method throw a during the signing process.
+
+ ]]>
+
@@ -279,11 +330,8 @@
An object that represents the signing certificate.
To be added.
-
-
-
-
+
@@ -310,22 +358,18 @@
System.Security.Cryptography.X509Certificates.X509Certificate2Collection
- The property retrieves the collection that contains certificates associated with the message to be signed.
- An collection that represents the collection of certificates associated with the message to be signed.
+ Gets a collection of certificates which are considered with and .
+ A collection of certificates which are considered with and .
property. Not all certificates in the signer's certificate chain are necessarily present in .
+ The certificates in this collection are provided to via when the indicates that more than one certificate should be included. Any certificate which is part of this collection that is not relevant to the value is ignored.
]]>
-
-
-
-
-
+
@@ -352,8 +396,8 @@
System.Security.Cryptography.Oid
- The property sets or retrieves the that represents the hash algorithm used with the signature.
- An object that represents the hash algorithm used with the signature.
+ Gets or sets the algorithm identifier for the hash algorithm to use with the signature.
+ The algorithm identifier for the hash algorithm to use with the signature.
-
-
-
-
-
-
@@ -394,40 +432,10 @@
System.Security.Cryptography.X509Certificates.X509IncludeOption
- The property sets or retrieves the option that controls whether the root and entire chain associated with the signing certificate are included with the created CMS/PKCS #7 message.
- A member of the enumeration that specifies how much of the X509 certificate chain should be included in the object. The property can be one of the following members.
-
- Name
-
- Value
-
- Meaning
-
- - 0
-
- The certificate chain is not included.
-
-
- 1
-
- The certificate chain, except for the root certificate, is included.
-
-
- 2
-
- Only the end certificate is included.
-
-
- 3
-
- The certificate chain, including the root certificate, is included.
-
-
+ Gets or sets the option indicating how much of a the signer certificate's certificate chain should be embedded in the signed message.
+ One of the enumeration values that indicates how much of a the signer certificate's certificate chain should be embedded in the signed message.
To be added.
One of the arguments provided to a method was not valid.
-
-
-
-
-
-
@@ -450,9 +458,10 @@
System.Security.Cryptography.AsymmetricAlgorithm
- To be added.
- To be added.
+ Gets or sets the private key object to use during signing.
+ The private key to use during signing, or to use the private key associated with the property.
To be added.
+
@@ -479,8 +488,8 @@
System.Security.Cryptography.CryptographicAttributeObjectCollection
- The property retrieves the collection of signed attributes to be associated with the resulting content. Signed attributes are signed along with the specified content.
- A collection that represents the signed attributes. If there are no signed attributes, the property is an empty collection.
+ Gets a collections of attributes to associate with this signature that are also protected by the signature.
+ A collections of attributes to associate with this signature that are also protected by the signature.
-
-
-
-
-
@@ -524,16 +528,10 @@
System.Security.Cryptography.Pkcs.SubjectIdentifierType
- The property sets or retrieves the type of the identifier of the signer.
- A member of the enumeration that specifies the type of the identifier of the signer.
+ Gets the scheme to use for identifying which signing certificate was used.
+ The scheme to use for identifying which recipient certificate was used.
To be added.
One of the arguments provided to a method was not valid.
-
-
-
-
-
-
@@ -560,8 +558,8 @@
System.Security.Cryptography.CryptographicAttributeObjectCollection
- The property retrieves the collection of unsigned PKCS #9 attributes to be associated with the resulting content. Unsigned attributes can be modified without invalidating the signature.
- A collection that represents the unsigned attributes. If there are no unsigned attributes, the property is an empty collection.
+ Gets a collections of attributes to associate with this signature that are not protected by the signature.
+ A collections of attributes to associate with this signature that are not protected by the signature.
-
-
-
-
-
-
\ No newline at end of file
+