There is no easy-to-use API to retrieve the digest value from the signed data, but it's still possible.
Method #1 - retrieve the hash value from signer's signed attributes collection:
// get 'message digest' signed attribute
byte[] digestOctetString = signer.SignedAttributes["1.2.840.113549.1.9.4"].Values[0];
// discard the first two bytes (first one is 4, second one is octet string length)
byte[] digest = new byte[digestOctetString.Length - 2];
Array.Copy(digestOctetString, 2, digest, 0, digest.Length);
Method #2 - determine the hash algorithm from signer.DigestAlgorithm.Value
and calculate the hash yourself using .NET's HashAlgorithm
object:
// determine digest algorithm name
string algName = new Oid(signer.DigestAlgorithm.Value).FriendlyName;
// create an instance of .NET's HashAlgorithm
HashAlgorithm alg = HashAlgorithm.Create(algName);
// calculate the hash
byte[] digest = alg.ComputeHash(contentInfo.Content);
Note: To get SignedData
object from a MimeMessage
object, use this code:
var mmSigned = new MimeMessage();
mmSigned.Load(memoryStream);
SignedData signedData = mmSigned.SignedContentInfo;