I'm doing the same right now.
article
article
in short:
Simple electronic signature . is an electronic signature, which, through the use of codes, passwords or other means, confirms the fact of the formation of an electronic signature by a certain person.
Unqualified ES. Allows you to determine the author of the signed document and prove the immutability of the information contained in it. An unqualified electronic signature contains cryptographic algorithms that ensure the protection of documents. Signed documents have legal significance if there are regulations that establish rules for the use and recognition of electronic signatures. Such a signature is suitable for internal and external document management and, in some cases, participation in electronic trading.
Qualified ES. It can only be obtained from a certification center accredited by the Russian Ministry of Telecom and Mass Communications, and the software used must be certified by the FSB. A qualified ES certainly gives the documents full legal force, and therefore is used for information exchange with public authorities and for participation in electronic auctions.
as a result, now I decided to use VLSI services in my project , or rather their APIfor EDS and workflow, because they have certification from the FSB, and there are fewer hemorrhoids when working with other contractors / companies, because own algorithm (verification / protection / encryption mechanism) - for sure will not cause "trust" in companies when the turnover goes to * millions of rubles. Those. I look at the use of the procedure for signing / verifying the EDS already with a popular, accredited, certified (and known) for all participants in the company / center (VLSI), rather than creating all this myself and then proving that I (as a developer) cannot fake someone else's signature on the contract, etc. etc.
ps if there are analogues of VLIS - please unsubscribe
p.s.s. under c# I found the API tyk , but have not yet worked with it (I'm just going to)

the topic is not so big, what kind of books are there? you can still read books on cryptography (I can advise from the authors of Fomichev)
And why they are needed and how they work - the articles are more than described in detail.

A digital signature is that it is a kind of checksum in essence, but a checksum and something unique. So here you can start with mathematical theories - which are clearly not for the average mind.