It seems that CNG replaces CSP in .NET Core As stated here:
This method is only supported on .NET Framework. Its use on .NET Core throws a PlatformNotSupportedException.
But CmsSigner doesn't expose any API to support CNG keys, for example, there is nothing like CngParameters, to specify the CNG key to sign with.
When I use CmsSigner(CspParameters) in .NET Framework, it creates a dummy certificate used for signing.
I tried this just to see what will happen:
var signer = new CmsSigner();
signer.PrivateKey = new RSACng(CngKey.Open("rsaKey"));
signer.SignedAttributes.Add(new Pkcs9SigningTime());
var signedCms = new SignedCms(new ContentInfo(new byte[] { 1, 2, 3 }), false);
signedCms.ComputeSignature(signer);
var encodeByteBlock = signedCms.Encode();
but it threw this exception at the ComputeSignature call:
System.InvalidOperationException: 'No signer certificate was provided.'
In .NET Framework, I can do this:
var cspObj = new CspParameters()
{
ProviderName = "provider",
ProviderType = 1,
KeyNumber = (int)KeyNumber.Signature,
Flags = CspProviderFlags.UseExistingKey,
KeyContainerName = "ContainerName"
};
var signer = new CmsSigner(cspObj)
{
DigestAlgorithm = new Oid(_signerHashAlgorithmOid)
};
signer.SignedAttributes.Add(new Pkcs9SigningTime());
var signedCms = new SignedCms(contentInfo, true);
signedCms.ComputeSignature(signer);
var encodeByteBlock = signedCms.Encode();
For the .NET Core implementation you need to provide a certificate with a bound private key. If the certificate isn't important for your purposes, you can create a dummy certificate of your own. This sample uses RSA-SHA256 whereas the CspParameters version in .NET Framework uses RSA-SHA1, but otherwise it's essentially the same.