signature=33ea13857c7249b1d8b2930320da1669,digital signature - SignedCms ComputeSignature throw Cryp...

// Sign the file data (generates an SHA-1 hash and

// signs that hash)

byte[] enc = SignData(fileData, cert); //throw exception

Here is my SignData function

private static byte[] SignData(byte[] inputData, X509Certificate2 cert)

{

// Create an SHA-1 hash of the file data

SHA1 sha = new SHA1CryptoServiceProvider();

byte[] sha1Result = sha.ComputeHash(inputData);

CmsSigner cmsSigner = new CmsSigner(cert);

cmsSigner.IncludeOption = X509IncludeOption.WholeChain;

cmsSigner.DigestAlgorithm = new Oid("SHA1");

// Sign the hash using the certificate

// This could be changed to use a hardware device (eg. smartcard)

ContentInfo content = new ContentInfo(sha1Result);

SignedCms signedCms = new SignedCms(SubjectIdentifierType.IssuerAndSerialNumber, content, true);

signedCms.ComputeSignature(cmsSigner, false); //throw "The parameter is incorrect."

return signedCms.Encode();

}

It is Ok when get testSig

byte[] randomData = new byte[1];

randomData[0] = 123;

byte[] testSig = SignData(randomData, cert);

This error throw when I use cert from usb token. If I choose other cert has private key it not throw error

Edit

I export from usb token to cer and here is it

openssl x509 -in xxx.cer -noout -text

Certificate:

Data:

Version: 3 (0x2)

Serial Number:

54:03:36:e0:8b:24:50:fe:01:27:6b:3c:a0:69:2a:81

Signature Algorithm: sha1WithRSAEncryption

Issuer: C=XX, L=XX, O=XX, CN=XXXX

Validity

Not Before: Aug 17 04:23:59 2017 GMT

Not After : May 15 03:35:48 2020 GMT

Subject: UID=XXXX, CN=xxxxx, C=XX

Subject Public Key Info:

Public Key Algorithm: rsaEncryption

RSA Public Key: (1024 bit)

Modulus (1024 bit):

00:a1:ec:28:55:a6:39:25:c1:f1:1f:15:60:6c:5c:

d1:2e:8f:1d:4d:d2:f2:66:9c:11:49:71:fd:20:ce:

19:cc:03:c0:0b:85:65:e9:e1:25:ae:39:3a:48:9a:

b6:11:a1:bf:bb:e5:b8:75:28:9d:c8:02:c3:2c:e8:

41:e7:ff:c1:bd:3a:10:dc:41:a8:54:b9:52:0e:14:

3e:36:47:d4:39:63:0d:2c:10:b2:61:94:d3:3c:a4:

f1:2e:9d:02:b7:90:3b:26:dc:cc:8a:d1:7e:ea:0b:

f3:dd:d7:34:23:b8:e4:a6:f0:c6:49:8c:b6:a1:29:

b9:b4:26:e8:56:b0:38:46:75

Exponent: 65537 (0x10001)

X509v3 extensions:

Authority Information Access:

OCSP - URI:http://XXX

X509v3 Subject Key Identifier:

00:D3:2F:BE:59:19:4B:28:8C:F1:B7:82:1D:33:E7:EA:E7:BA:21:C4

X509v3 Basic Constraints: critical

CA:FALSE

X509v3 Authority Key Identifier:

keyid:1E:B0:0F:48:97:DF:D0:C3:67:A7:46:84:3B:58:3B:88:0D:53:94:86

X509v3 CRL Distribution Points:

URI:http://XXX/XXX.crl

CRLissuer:

X509v3 Key Usage: critical

Digital Signature

X509v3 Extended Key Usage:

E-mail Protection, 1.3.6.1.4.1.311.10.3.12

Signature Algorithm: sha1WithRSAEncryption

14:6d:06:dc:fc:81:de:a8:87:85:49:cf:69:54:aa:c8:55:6f:

02:5a:d6:4d:c2:e6:f1:cd:7c:be:0e:1d:4c:1c:b1:5d:6a:8b:

b5:c9:d0:43:cd:a5:a2:ee:81:ca:60:1b:2c:54:87:ea:c7:a1:

49:dc:7c:73:cd:56:bd:5b:2b:65:38:49:8f:c7:11:00:09:de:

1d:b4:46:80:af:e9:ec:0c:45:9c:4f:f2:8a:6d:b9:1a:00:d9:

79:16:b8:78:4e:24:6a:08:6c:42:bf:bc:56:70:42:13:2b:0e:

be:5d:c5:71:79:7e:65:f0:e9:5e:57:c8:12:a3:6f:7c:52:0f:

c2:f1:f5:40:ea:a5:1f:92:51:a1:3f:55:75:46:5e:24:d9:3d:

c9:71:88:70:d8:df:cb:58:fc:15:2f:d8:ea:5e:25:11:cb:27:

10:71:1e:00:e5:f5:75:f1:cf:5e:c6:d6:8d:da:f4:76:99:0e:

f0:2a:33:bd:f1:04:1e:4f:96:d7:53:d4:1d:f2:9a:5f:1f:d8:

8e:81:4e:16:27:77:13:9f:50:53:82:f3:03:09:54:d6:d5:d2:

8b:d3:fa:56:38:a3:b5:43:e4:34:2d:be:e8:9b:37:98:29:de:

e5:d5:e7:5d:8d:de:d7:98:e2:96:cc:51:32:c2:dd:5b:4b:e8:

3e:10:86:3f

Exception at

at System.Security.Cryptography.Pkcs.SignedCms.Sign(CmsSigner signer, Boolean silent)

at System.Security.Cryptography.Pkcs.SignedCms.ComputeSignature(CmsSigner signer, Boolean silent)

at System.Security.Cryptography.Pkcs.SignedCms.ComputeSignature(CmsSigner signer)

at DebenuPDFSign.Program.SignData(Byte[] inputData, X509Certificate2 cert) in d:\Projects\c#\DebenuPDFSign\DebenuPDFSign\Program.cs:line 156

at DebenuPDFSign.Program.Main(String[] args) in d:\Projects\c#\DebenuPDFSign\DebenuPDFSign\Program.cs:line 102