public override bool VerifySignature(byte[] rgbHash, byte[] rgbSignature)
{
if (rgbHash == null)
{
throw new ArgumentNullException(nameof(rgbHash));
}
if (rgbSignature == null)
{
throw new ArgumentNullException(nameof(rgbSignature));
}
SafeDsaHandle key = _key.Value;
int expectedSignatureBytes = Interop.Crypto.DsaSignatureFieldSize(key) * 2;
if (rgbSignature.Length != expectedSignatureBytes)
{
// The input isn't of the right length (assuming no DER), so we can't sensibly re-encode it with DER.
return(false);
}
byte[] openSslFormat = AsymmetricAlgorithmHelpers.ConvertIeee1363ToDer(rgbSignature);
return(Interop.Crypto.DsaVerify(key, rgbHash, rgbHash.Length, openSslFormat, openSslFormat.Length));
}
public override bool VerifySignature(ReadOnlySpan <byte> hash, ReadOnlySpan <byte> signature)
#endif
{
SafeDsaHandle key = GetKey();
#if INTERNAL_ASYMMETRIC_IMPLEMENTATIONS
if (signatureFormat == DSASignatureFormat.IeeeP1363FixedFieldConcatenation)
{
#endif
int expectedSignatureBytes = Interop.Crypto.DsaSignatureFieldSize(key) * 2;
if (signature.Length != expectedSignatureBytes)
{
// The input isn't of the right length (assuming no DER), so we can't sensibly re-encode it with DER.
return(false);
}
signature = AsymmetricAlgorithmHelpers.ConvertIeee1363ToDer(signature);
#if INTERNAL_ASYMMETRIC_IMPLEMENTATIONS
}
else if (signatureFormat != DSASignatureFormat.Rfc3279DerSequence)
{
Debug.Fail($"Missing internal implementation handler for signature format {signatureFormat}");
throw new CryptographicException(
SR.Cryptography_UnknownSignatureFormat,
signatureFormat.ToString());
}
#endif
return(Interop.Crypto.DsaVerify(key, hash, signature));
}
public override bool VerifyHash(byte[] hash, byte[] signature)
{
if (hash == null)
{
throw new ArgumentNullException(nameof(hash));
}
if (signature == null)
{
throw new ArgumentNullException(nameof(signature));
}
// The signature format for .NET is r.Concat(s). Each of r and s are of length BitsToBytes(KeySize), even
// when they would have leading zeroes. If it's the correct size, then we need to encode it from
// r.Concat(s) to SEQUENCE(INTEGER(r), INTEGER(s)), because that's the format that OpenSSL expects.
int expectedBytes = 2 * AsymmetricAlgorithmHelpers.BitsToBytes(KeySize);
if (signature.Length != expectedBytes)
{
// The input isn't of the right length, so we can't sensibly re-encode it.
return(false);
}
byte[] openSslFormat = AsymmetricAlgorithmHelpers.ConvertIeee1363ToDer(signature);
SafeEcKeyHandle key = _key.Value;
int verifyResult = Interop.Crypto.EcDsaVerify(hash, hash.Length, openSslFormat, openSslFormat.Length, key);
return(verifyResult == 1);
}
public override bool VerifySignature(ReadOnlySpan <byte> hash, ReadOnlySpan <byte> signature)
{
byte[] derFormatSignature = AsymmetricAlgorithmHelpers.ConvertIeee1363ToDer(signature);
return(Interop.AppleCrypto.VerifySignature(
GetKeys().PublicKey,
hash,
derFormatSignature));
}
public override bool VerifyHash(ReadOnlySpan <byte> hash, ReadOnlySpan <byte> signature)
#endif
{
ThrowIfDisposed();
Span <byte> derSignature = stackalloc byte[SignatureStackBufSize];
ReadOnlySpan <byte> toVerify = derSignature;
#if INTERNAL_ASYMMETRIC_IMPLEMENTATIONS
if (signatureFormat == DSASignatureFormat.IeeeP1363FixedFieldConcatenation)
{
#endif
// The signature format for .NET is r.Concat(s). Each of r and s are of length BitsToBytes(KeySize), even
// when they would have leading zeroes. If it's the correct size, then we need to encode it from
// r.Concat(s) to SEQUENCE(INTEGER(r), INTEGER(s)), because that's the format that OpenSSL expects.
int expectedBytes = 2 * AsymmetricAlgorithmHelpers.BitsToBytes(KeySize);
if (signature.Length != expectedBytes)
{
// The input isn't of the right length, so we can't sensibly re-encode it.
return(false);
}
if (AsymmetricAlgorithmHelpers.TryConvertIeee1363ToDer(signature, derSignature, out int derSize))
{
toVerify = derSignature.Slice(0, derSize);
}
else
{
toVerify = AsymmetricAlgorithmHelpers.ConvertIeee1363ToDer(signature);
}
#if INTERNAL_ASYMMETRIC_IMPLEMENTATIONS
}
else if (signatureFormat == DSASignatureFormat.Rfc3279DerSequence)
{
toVerify = signature;
}
else
{
Debug.Fail($"Missing internal implementation handler for signature format {signatureFormat}");
throw new CryptographicException(
SR.Cryptography_UnknownSignatureFormat,
signatureFormat.ToString());
}
#endif
SafeEcKeyHandle key = _key.Value;
int verifyResult = Interop.Crypto.EcDsaVerify(hash, toVerify, key);
return(verifyResult == 1);
}
public override bool VerifySignature(byte[] hash, byte[] signature)
{
if (hash == null)
throw new ArgumentNullException(nameof(hash));
if (signature == null)
throw new ArgumentNullException(nameof(signature));
byte[] derFormatSignature = AsymmetricAlgorithmHelpers.ConvertIeee1363ToDer(signature);
return Interop.AppleCrypto.VerifySignature(
GetKeys().PublicKey,
hash,
derFormatSignature);
}
public override bool VerifySignature(ReadOnlySpan <byte> hash, ReadOnlySpan <byte> signature)
{
SafeDsaHandle key = _key.Value;
int expectedSignatureBytes = Interop.Crypto.DsaSignatureFieldSize(key) * 2;
if (signature.Length != expectedSignatureBytes)
{
// The input isn't of the right length (assuming no DER), so we can't sensibly re-encode it with DER.
return(false);
}
byte[] openSslFormat = AsymmetricAlgorithmHelpers.ConvertIeee1363ToDer(signature);
return(Interop.Crypto.DsaVerify(key, hash, openSslFormat));
}
public override bool VerifyHash(ReadOnlySpan <byte> hash, ReadOnlySpan <byte> signature)
{
// The signature format for .NET is r.Concat(s). Each of r and s are of length BitsToBytes(KeySize), even
// when they would have leading zeroes. If it's the correct size, then we need to encode it from
// r.Concat(s) to SEQUENCE(INTEGER(r), INTEGER(s)), because that's the format that OpenSSL expects.
int expectedBytes = 2 * AsymmetricAlgorithmHelpers.BitsToBytes(KeySize);
if (signature.Length != expectedBytes)
{
// The input isn't of the right length, so we can't sensibly re-encode it.
return(false);
}
return(Interop.AppleCrypto.VerifySignature(
GetKeys().PublicKey,
hash,
AsymmetricAlgorithmHelpers.ConvertIeee1363ToDer(signature)));
}
public override bool VerifyHash(ReadOnlySpan <byte> hash, ReadOnlySpan <byte> signature) =>
Interop.AppleCrypto.VerifySignature(
GetKeys().PublicKey,
hash,
AsymmetricAlgorithmHelpers.ConvertIeee1363ToDer(signature));