CAdES is an extension of CMS and these extensions, where present, require a different process to check the signature. Our .Net security libraries (System.Security.Cryptography) though verify a CAdES message; it actually ignores the CAdES part within the message.
SignedCms can verify a message with a CAdES signature but it does not verify the CAdES part. The .Net security libraries are a wrapper around the low level Crypto API’s and the low level Crypto messaging APIs don’t understand CAdES signatures.
Sample Code using SignedCms
//Reads a file.
internal static byte ReadFile(string fileName)
FileStream f = new FileStream(fileName, FileMode.Open, FileAccess.Read);
int size = (int)f.Length;
byte data = new byte[size];
size = f.Read(data, 0, size);
//Main method begins here.
static void Main(string args)
//Test for correct number of arguments.
if (args.Length < 1)
Console.WriteLine("Usage: CheckSignature <filename>");
byte encodedMessage = ReadFile(args);
// The message content is not detached. The message content is included in the SignedCms message.
// Create a new, nondetached SignedCms message.
SignedCms signedCms = new SignedCms();
// encodedMessage is the encoded message received from
// the sender.
// Verify the signature without validating the
throw new InvalidOperationException("Cannot extract enveloped content from a detached signature.");
// extract the data which was signed.
byte data = signedCms.ContentInfo.Content;
string s = Encoding.UTF8.GetString(data);
Console.WriteLine("Error: The directory specified could not be found.");
catch (ArgumentNullException e)
catch (CryptographicException e)
catch (InvalidOperationException e)
So if you are trying to verify a CAdES message make sure that you are implementing your own verification based on the CAdES standards.
Thank you for the post.
I have to apply a CAdES signature to a message or a file. It is possible apply a CADeS signature using the .Net security libraries (System.Security.Cryptography)?
Or, as I understand from this post, .Net security libraries don't manage CADeS in any way?
Thanks a lot.
You can also try this c# ported version of an European Commission initiative:
It supports CAdES.