public static void TestNegativeVerify384() { CngKey key = TestData.s_ECDsa384Key; ECDsaCng e = new ECDsaCng(key); byte[] tamperedSig = ("7805c494b17bba8cba09d3e5cdd16d69ce785e56c4f2d9d9061d549fce0a6860cca1cb9326bd534da21ad4ff326a1e0810d8" + "f366eb6afc66ede0d1ffe345f6b37ac622ed77838b42825ceb96cd3996d3d77fd6a248357ae1ae6cb85f048b1b04").HexToByteArray(); bool verified = e.VerifyHash(ECDsaTestData.s_hashSha512, tamperedSig); Assert.False(verified); }
public static void TestNegativeVerify256() { CngKey key = TestData.s_ECDsa256Key; ECDsaCng e = new ECDsaCng(key); byte[] tamperedSig = ("998791331eb2e1f4259297f5d9cb82fa20dec98e1cb0900e6b8f014a406c3d02cbdbf5238bde471c3155fc25565524301429" + "e8713dad9a67eb0a5c355e9e23dc").HexToByteArray(); bool verified = e.VerifyHash(ECDsaTestData.s_hashSha512, tamperedSig); Assert.False(verified); }
public static void TestCreateByKeySizeNistP256() { using (ECDsaCng cng = new ECDsaCng(256)) { CngKey key1 = cng.Key; Assert.Equal(CngAlgorithmGroup.ECDsa, key1.AlgorithmGroup); // The three legacy nist curves are not treated as generic named curves Assert.Equal(CngAlgorithm.ECDsaP256, key1.Algorithm); Assert.Equal(256, key1.KeySize); VerifyKey(key1); } }
private static ECDsa DecodeECDsaPublicKey(CertificatePal certificatePal) { ECDsa ecdsa; using (SafeBCryptKeyHandle bCryptKeyHandle = ImportPublicKeyInfo(certificatePal.CertContext)) { CngKeyBlobFormat blobFormat; byte[] keyBlob; #if NETNATIVE blobFormat = CngKeyBlobFormat.EccPublicBlob; keyBlob = ExportKeyBlob(bCryptKeyHandle, blobFormat); using (CngKey cngKey = CngKey.Import(keyBlob, blobFormat)) { ecdsa = new ECDsaCng(cngKey); } #else string curveName = GetCurveName(bCryptKeyHandle); if (curveName == null) { if (HasExplicitParameters(bCryptKeyHandle)) { blobFormat = CngKeyBlobFormat.EccFullPublicBlob; } else { blobFormat = CngKeyBlobFormat.EccPublicBlob; } keyBlob = ExportKeyBlob(bCryptKeyHandle, blobFormat); using (CngKey cngKey = CngKey.Import(keyBlob, blobFormat)) { ecdsa = new ECDsaCng(cngKey); } } else { blobFormat = CngKeyBlobFormat.EccPublicBlob; keyBlob = ExportKeyBlob(bCryptKeyHandle, blobFormat); ECParameters ecparams = new ECParameters(); ExportNamedCurveParameters(ref ecparams, keyBlob, false); ecparams.Curve = ECCurve.CreateFromFriendlyName(curveName); ecdsa = new ECDsaCng(); ecdsa.ImportParameters(ecparams); } #endif } return(ecdsa); }
/// <exception cref="ArgumentOutOfRangeException">keySize.</exception> public MoleECDsaCng(int keySize) { var eccTemp = new ECDsaCng(); if (!eccTemp.LegalKeySizes.Any(sizes => keySize <= sizes.MaxSize && keySize >= sizes.MinSize && keySize != sizes.SkipSize)) { throw new ArgumentOutOfRangeException(nameof(keySize)) { Source = GetType().AssemblyQualifiedName } } ; EcDsaCng = new ECDsaCng(keySize); }
public static bool VerifySignature(byte[] data, byte[] signature, byte[] pubKey) { // 验证签名 bool result = false; using (CngKey key = CngKey.Import(pubKey, CngKeyBlobFormat.GenericPublicBlob)) { using (var signingAlg = new ECDsaCng(key)) { result = signingAlg.VerifyData(data, signature); signingAlg.Clear(); } } return(result); }
public bool Verify() { using (CngKey privateCngKey = CngKey.Import(PublicKey, CngKeyBlobFormat.EccPublicBlob)) using (ECDsaCng dsa = new ECDsaCng(privateCngKey)) { byte[] documentBytes = Document; byte[] previousSignature = PreviousSignedTransaction.Signature; byte[] hash = documentBytes .Concat(previousSignature) .ToArray(); dsa.HashAlgorithm = CngAlgorithm.Sha256; return(dsa.VerifyData(hash, Signature) && PreviousSignedTransaction.Verify()); } }
public static (string, string) Encrypt(string message) { //ECDsaCng ecdsa = new ECDsaCng(): 임의의 키 쌍을 이용하여 초기화 //ECDsaCng ecdsa = new ECDsaCng(CngKey): 해당 키를 사용하여 초기화 byte[] keyByte; byte[] signature; using (ECDsaCng ecdsa = new ECDsaCng()) //키는 랜덤 생성 { //ecdsa.HashAlgorithm = CngAlgorithm.Sha256; keyByte = ecdsa.Key.Export(CngKeyBlobFormat.EccPublicBlob); //공개키를 가져옴 byte[] data = Encoding.UTF8.GetBytes(message); //메세지를 바이트 배열로 변환 signature = ecdsa.SignData(data); //메시지 서명 } return(Convert.ToBase64String(signature), Convert.ToBase64String(keyByte)); }
static public bool verify(string msg, byte[] signature, byte[] publicKey) { try { using (ECDsaCng algo = new ECDsaCng(CngKey.Import(publicKey, CngKeyBlobFormat.EccPublicBlob))) { return(algo.VerifyData(Encoding.ASCII.GetBytes(msg), signature, HashAlgorithmName.SHA512)); } } catch (System.Security.Cryptography.CryptographicException e) { System.Console.WriteLine("Cryptographic exception catched: " + e.Message); return(false); } }
/// <summary> /// Is the signed hash belong to the hash and public key /// </summary> /// <param name="hash">transfer info hash</param> /// <param name="publicKey">public key</param> /// <returns>true if the signed hash belong to the hash and public key</returns> public bool IsValidSignedHash(byte[] hash, byte[] publicKey) { bool ret; using (var dsa = new ECDsaCng(CngKey.Import(publicKey, CngKeyBlobFormat.EccPublicBlob))) { dsa.HashAlgorithm = Global.HashAlgorithm; //// verifying hashed message ////bReturn = dsa.VerifyHash(dataHash, SignedMsg); ret = dsa.VerifyHash(hash, this.sgndData); } return(ret); }
//验证签名 private static bool VerifySignature(byte[] data, byte[] signature, byte[] pubKey) { bool retValue = false; //使用 CngKey.Import 导入CngKey对象,的到公钥 using (CngKey key = CngKey.Import(pubKey, CngKeyBlobFormat.GenericPublicBlob)) //将公钥传入ECDsaCng得到解密签名算法 using (var signinAlg = new ECDsaCng(key)) { //然后使用signinAlg.VerifyData来验证签名 retValue = signinAlg.VerifyData(data, signature, HashAlgorithmName.SHA512); signinAlg.Clear(); } return(retValue); }
public override byte[] SignData(byte[] buffer, HashAlgorithm hashAlgorithm, CertificatePrivateKey privateKey) { if (!(privateKey.Algorithm is ECDsaCng)) { throw new Exception("ECDSA signature requires ECDSA private key"); } ECDsaCng ecdsaKey = (ECDsaCng)privateKey.Algorithm; ecdsaKey.HashAlgorithm = GetCngAlgorithm(hashAlgorithm); byte[] signature = ecdsaKey.SignData(buffer); signature = DEREncodeSignature(signature); return(signature); }
/// <summary>Constructor</summary> /// <param name="eaa">EnumDigitalSignAlgorithm</param> public DigitalSignECDsaCng(EnumDigitalSignAlgorithm eaa) { AsymmetricAlgorithm aa = null; HashAlgorithm ha = null; AsymmetricAlgorithmCmnFunc.CreateDigitalSignSP(eaa, out aa, out ha); ECDsaCng ecdsa = (ECDsaCng)aa; this._privateKey = ecdsa.Key; this._publicKey = this._privateKey.Export(CngKeyBlobFormat.EccPublicBlob); this.AsymmetricAlgorithm = aa; this.HashAlgorithm = ha; }
public static String CreateSignature(String publicID, String privateKey, String datahash) //need to have checks that publicID and privatekey are correct before using this method { CngKey key = createKey(publicID, privateKey); if (key == null) { return("null"); } Byte[] datahashByte = Convert.FromBase64String(datahash); ECDsaCng dsa = new ECDsaCng(key); Byte[] byteSig = dsa.SignData(datahashByte); return(Convert.ToBase64String(byteSig)); }
/// <summary> /// Used to create a CngKey that can be used to verify JWT content. /// </summary> /// <param name="clientPubKeyString"></param> /// <returns></returns> public static CngKey ImportECDsaCngKeyFromString(string clientPubKeyString) { byte[] clientPublicKeyBlob = Base64Url.Decode(clientPubKeyString); byte[] key = clientPublicKeyBlob.Skip(23).ToArray(); var keyType = new byte[] { 0x45, 0x43, 0x53, 0x33 }; var keyLength = new byte[] { 0x30, 0x00, 0x00, 0x00 }; var keyImport = keyType.Concat(keyLength).Concat(key.Skip(1)).ToArray(); var cngKey = CngKey.Import(keyImport, CngKeyBlobFormat.EccPublicBlob); var crypto = new ECDsaCng(cngKey); return(crypto.Key); }
private string Verify(string path) { using (ECDsaCng ecdsa = new ECDsaCng(publicKey)) { using (var file = MemoryMappedFile.CreateFromFile(path)) { if (!ecdsa.VerifyData(file.CreateViewStream(), signature, HashAlgorithmName.SHA256)) { throw new Exception("File failed to verify."); } } } return(path); }
static string GenerateClientSecretJWT(DateTimeOffset requestTime, string keyId, string teamId, string p8FileContents) { var headers = new Dictionary <string, object> { //{ "alg", "ES256" }, { "kid", keyId } }; var payload = new Dictionary <string, object> { { "iss", teamId }, { "iat", requestTime.ToUnixTimeSeconds() } }; var cngKey = CngKey.Import(Convert.FromBase64String(p8FileContents), CngKeyBlobFormat.Pkcs8PrivateBlob); return(Jose.JWT.Encode(payload, cngKey, Jose.JwsAlgorithm.ES256, headers)); var secretKey = CleanP8Key(p8FileContents); // Get our headers/payloads into a json string var headerStr = "{" + string.Join(",", headers.Select(kvp => $"\"{kvp.Key}\":\"{kvp.Value.ToString()}\"")) + "}"; var payloadStr = "{"; foreach (var kvp in payload) { if (kvp.Value is int || kvp.Value is long || kvp.Value is double) { payloadStr += $"\"{kvp.Key}\":{kvp.Value.ToString()},"; } else { payloadStr += $"\"{kvp.Key}\":\"{kvp.Value.ToString()}\","; } } payloadStr = payloadStr.TrimEnd(',') + "}"; // Load the key text var key = CngKey.Import(Convert.FromBase64String(secretKey), CngKeyBlobFormat.Pkcs8PrivateBlob); using (var dsa = new ECDsaCng(key)) { var jwtHeader = Base64UrlEncode(Encoding.UTF8.GetBytes(headerStr)); var jwtPayload = Base64UrlEncode(Encoding.UTF8.GetBytes(payloadStr)); var signature = dsa.SignData(Encoding.UTF8.GetBytes($"{jwtHeader}.{jwtPayload}"), HashAlgorithmName.SHA256); return($"{jwtHeader}.{jwtPayload}.{Base64UrlEncode(signature)}"); } }
public byte[] Sign(byte[] data) { /* Import the signing key */ CngKey signingKey = CngKey.Import(this.signingKeyData.ToArray(), CngKeyBlobFormat.EccPrivateBlob); ECDsaCng dsa = new ECDsaCng(signingKey); //dsa = Digital Signature Algorithm /* Get the signature of the data using the imported key */ byte[] signature = dsa.SignData(data); // Verify for test purposes // bool verified = veriftSignature(data, signature); /* Return the signature */ return(signature); }
public static void Main(string[] args) { // The JSON document to be signed Dictionary <String, Object> document = new Dictionary <String, Object>(); document["now"] = "2015-01-17T10:20:03Z"; document["intProperty"] = 612; // Use a P-521 ECDSA key for signing using (ECDsaCng ecKey = new ECDsaCng(521)) { string json = createJcs(ecKey, document); Console.WriteLine("Signed JSON Document:\n" + json); Console.WriteLine("\nVerified=" + validateJcs(new JavaScriptSerializer().Deserialize <Dictionary <String, Object> >(json))); } }
private string CreateJwtToken() { var header = JsonHelper.Serialize(new { alg = "ES256", kid = p8privateKeyId }); //The encryption algorithm (alg), A 10-character key identifier (kid) key var payload = JsonHelper.Serialize(new { iss = teamId, iat = ToEpoch(DateTime.UtcNow) }); //The issuer(iss) registered claim key, whose value is your 10 - character Team ID, The issued at (iat) registered claim key var key = CngKey.Import(Convert.FromBase64String(p8privateKey), CngKeyBlobFormat.Pkcs8PrivateBlob); using (var dsa = new ECDsaCng(key)) { dsa.HashAlgorithm = CngAlgorithm.Sha256; var headerBase64 = Convert.ToBase64String(Encoding.UTF8.GetBytes(header)); var payloadBase64 = Convert.ToBase64String(Encoding.UTF8.GetBytes(payload)); var unsignedJwtData = $"{headerBase64}.{payloadBase64}"; var signature = dsa.SignData(Encoding.UTF8.GetBytes(unsignedJwtData)); return($"{unsignedJwtData}.{Convert.ToBase64String(signature)}"); } }
/// <summary> /// Verifies that a digital signature is valid by determining the hash value /// in the signature using the provided public key and comparing it to the hash /// value of the provided data. /// </summary> /// <param name="data">The data that was signed.</param> /// <param name="signature">The signature data to be verified.</param> /// <param name="key">Cryptography Next Generation (CNG) objects key.</param> /// <returns>True if the signature is valid; otherwise, false.</returns> public bool VerifyData(Stream data, byte[] signature, CngKey key) { // Create an ECDSA. using (ECDsaCng dsa = new ECDsaCng(key)) { // Verify the data. if (dsa.VerifyData(data, signature)) { return(true); } else { return(false); } } }
public JsonWebKeySignBuilder SetAlg(ECDsaCng ec, string algName) { _jsonWebKey.Alg = algName; _jsonWebKey.Kty = KeyTypes.EC; foreach (var kvp in ec.ExtractPublicKey()) { _jsonWebKey.Content.Add(kvp.Key, kvp.Value); } foreach (var kvp in ec.ExtractPrivateKey()) { _jsonWebKey.Content.Add(kvp.Key, kvp.Value); } return(this); }
private ECDsaCng CreateCng() { var cng = new ECDsaCng(this.key); // .NET Core 2.1 / UAP has a bug where it throws NullReferenceException from SignHash because it didn't set this property. if (cng.HashAlgorithm is null) { if (CngAsymmetricKeyAlgorithmProvider.GetHashCngAlgorithm(this.algorithm) is { } algorithm) { cng.HashAlgorithm = algorithm; } else { throw new NotSupportedException("Hash algorithm " + this.algorithm + " could not be obtained."); } }
public bool VerifySignature(string password, byte[] signature, byte[] salt) { bool retValue = false; using (CngKey key = CngKey.Import(salt, CngKeyBlobFormat.GenericPublicBlob)) using (var signingAlg = new ECDsaCng(key)) { //#if NET46 retValue = signingAlg.VerifyData(Encoding.UTF8.GetBytes(password), signature); signingAlg.Clear(); //#else // retValue = signingAlg.VerifyData(data, signature, HashAlgorithmName.SHA512); //#endif } return(retValue); }
public static void Main(string[] args) { Bob bob = new Bob(); using (ECDsaCng dsa = new ECDsaCng()) { dsa.HashAlgorithm = CngAlgorithm.Sha256; bob.key = dsa.Key.Export(CngKeyBlobFormat.EccPublicBlob); byte[] data = new byte[] { 21, 5, 8, 12, 207 }; byte[] signature = dsa.SignData(data); bob.Receive(data, signature); } }
public void CompliantConstructors() { var ec1 = new ECDiffieHellmanCng(); // Compliant - default EC key size is 521 var ec2 = new ECDsaCng(); // Compliant - default EC key size is 521 var ec3 = new ECDsaOpenSsl(); // Compliant - default EC key size is 521 // Valid key sizes are 256, 384, and 521 bits. var ec4 = new ECDiffieHellmanCng(256); var ec5 = new ECDsaCng(384); var ec6 = new ECDsaOpenSsl(521); var ec7 = new ECDsaOpenSsl((IntPtr)128); var ec8 = new ECDiffieHellmanCng(ECCurve.NamedCurves.brainpoolP384r1); var ec9 = new ECDsaCng(ECCurve.NamedCurves.brainpoolP384t1); var ec10 = new ECDsaOpenSsl(ECCurve.NamedCurves.brainpoolP512r1); }
/// <summary> /// 创建签名 /// </summary> /// <param name="data"></param> /// <param name="key"></param> /// <returns></returns> private byte[] CreateSignature(byte[] data, CngKey key) { byte[] signature; //使用ECDsaCng创建签名,ECDsaCng的构造函数接收包含公钥和私钥的CngKey类对象 using (ECDsaCng signingAlg = new ECDsaCng(key)) { #if NET46 signature = signingAlg.SignData(data); signingAlg.Clear(); #else //对数据进行签名(加密) signature = signingAlg.SignData(data, HashAlgorithmName.SHA512); #endif } return(signature); }
/// <summary> /// 要验证签名是否真的来自于Alice,Bob使用Alice的公钥检查签名。包含公钥blob的字节数组可以用静态方法Import()导入CngKey对象。 /// 然后使用ECDsaCng类,调用VerifyData()方法来验证签名。 /// </summary> /// <param name="aliceData"></param> /// <param name="aliceSignature"></param> /// <param name="_alicePublicKeyBob"></param> /// <returns></returns> private static bool VerifySignature(byte[] data, byte[] signature, byte[] pubKey) { bool retValue = false; using (CngKey key = CngKey.Import(pubKey, CngKeyBlobFormat.GenericPublicBlob)) using (var signingAlg = new ECDsaCng(key)) { #if NET46 retValue = signingAlg.VerifyData(data, signature); signingAlg.Clear(); #else retValue = signingAlg.VerifyData(data, signature, HashAlgorithmName.SHA512); #endif } return(retValue); }
public static void TestCreateKeyFromCngAlgorithmNistP256() { CngAlgorithm alg = CngAlgorithm.ECDsaP256; using (CngKey key = CngKey.Create(alg)) { VerifyKey(key); using (ECDsaCng e = new ECDsaCng(key)) { Assert.Equal(CngAlgorithmGroup.ECDsa, e.Key.AlgorithmGroup); Assert.Equal(CngAlgorithm.ECDsaP256, e.Key.Algorithm); VerifyKey(e.Key); e.Exercise(); } } }
public void CompliantGenerateKey() { var ec1 = new ECDiffieHellmanCng(); ec1.GenerateKey(ECCurve.NamedCurves.brainpoolP224r1); ec1.GenerateKey(ECCurve.NamedCurves.nistP256); var ec2 = new ECDsaCng(); ec2.GenerateKey(ECCurve.NamedCurves.brainpoolP256r1); ec2.GenerateKey(ECCurve.NamedCurves.nistP384); var ec3 = new ECDsaOpenSsl(); ec3.GenerateKey(ECCurve.NamedCurves.brainpoolP384t1); ec3.GenerateKey(ECCurve.NamedCurves.nistP521); }
public void CompliantKeySizeSet() { var ec1 = new ECDiffieHellmanCng(); ec1.KeySize = 512; ec1.KeySize = 128; // OK - because this is not a valid key size for this object var ec2 = new ECDsaCng(); ec2.KeySize = 512; ec2.KeySize = 64; // OK - because this is not a valid key size for this object var ec3 = new ECDsaOpenSsl(); ec3.KeySize = 512; ec3.KeySize = 12; // OK - because this is not a valid key size for this object }
internal static bool ValidateBareCertificateWithBcrypt(X509Certificate2 certificate) { var deviceInfo = ExtensionDecoder.Decode(certificate); // check we have a good extension if (deviceInfo == null) { Helpers.Notify("Certificate does not have well-formed RIoT extension", true); return(false); } var devIdPubKeyDEREncoded = deviceInfo.EncodedDeviceIDKey; if (devIdPubKeyDEREncoded.Length != 65) { Helpers.Notify("Public key in extension has incorrect length", true); return(false); } // We need to convert to the Windows key format before we can import // #define BCRYPT_ECDSA_PUBLIC_P256_MAGIC 0x31534345 // ECS1 // https://msdn.microsoft.com/en-us/library/windows/desktop/aa375520(v=vs.85).aspx byte[] windowsEncodedKey = new byte[32 * 2 + 4 + 4]; // todo - endianess byte[] magic = BitConverter.GetBytes((uint)0x31534345); byte[] len = BitConverter.GetBytes((uint)32); Array.Copy(magic, 0, windowsEncodedKey, 0, 4); Array.Copy(len, 0, windowsEncodedKey, 4, 4); Array.Copy(devIdPubKeyDEREncoded, 1, windowsEncodedKey, 8, 32); Array.Copy(devIdPubKeyDEREncoded, 32 + 1, windowsEncodedKey, 8 + 32, 32); var devIdPubKey = CngKey.Import(windowsEncodedKey, CngKeyBlobFormat.EccPublicBlob); ECDsaCng verifier = new ECDsaCng(devIdPubKey); ECDsaCng testSigner = new ECDsaCng(256); var sig = testSigner.SignData(new byte[] { 1, 2, 3, 4 }); bool okx = testSigner.VerifyData(new byte[] { 1, 2, 3, 4 }, sig); var bits = ExtensionDecoder.Decompose(certificate); var tbsHash = Helpers.HashData(bits.Tbs, 0, bits.Tbs.Length); bool ok = verifier.VerifyHash(tbsHash, bits.Signature); return(true); }
public static void TestHashRoundTrip(CurveDef curveDef) { // This test is in the cng only tests because OpenSsl does not provide the hash algorithm using (var cng = new ECDsaCng(curveDef.Curve)) { ECParameters param = cng.ExportExplicitParameters(false); // Add some dummy values and import Assert.True(param.Curve.IsExplicit); var curve = param.Curve; curve.Hash = HashAlgorithmName.SHA1; curve.Seed = new byte[1] { 0xFF }; // Hash should have a seed param.Curve = curve; cng.ImportParameters(param); // Export to see if the hash is there ECParameters param2 = cng.ExportExplicitParameters(false); Assert.Equal(HashAlgorithmName.SHA1.Name.ToUpper(), param2.Curve.Hash.Value.Name.ToUpper()); Assert.Equal(0xFF, param2.Curve.Seed[0]); } }
public static void TestKeyPropertyFromNamedCurve(CurveDef curveDef) { ECDsaCng e = new ECDsaCng(curveDef.Curve); CngKey key1 = e.Key; VerifyKey(key1); e.Exercise(); CngKey key2 = e.Key; Assert.Same(key1, key2); }
public static void TestPositive256WithBlob() { CngKey key = TestData.s_ECDsa256Key; ECDsaCng e = new ECDsaCng(key); Verify256(e, true); }
public static void TestCreateByNameNistP521() { using (ECDsaCng cng = new ECDsaCng(ECCurve.NamedCurves.nistP521)) { CngKey key1 = cng.Key; Assert.Equal(CngAlgorithmGroup.ECDsa, key1.AlgorithmGroup); // The three legacy nist curves are not treated as generic named curves Assert.Equal(CngAlgorithm.ECDsaP521, key1.Algorithm); Assert.Equal(521, key1.KeySize); VerifyKey(key1); } }
public static void TestVerify521_EcdhKey() { byte[] keyBlob = (byte[])TestData.s_ECDsa521KeyBlob.Clone(); // Rewrite the dwMagic value to be ECDH // ECDSA prefix: 45 43 53 36 // ECDH prefix : 45 43 4b 36 keyBlob[2] = 0x4b; using (CngKey ecdh521 = CngKey.Import(keyBlob, CngKeyBlobFormat.EccPrivateBlob)) { // Preconditions: Assert.Equal(CngAlgorithmGroup.ECDiffieHellman, ecdh521.AlgorithmGroup); Assert.Equal(CngAlgorithm.ECDiffieHellmanP521, ecdh521.Algorithm); using (ECDsa ecdsaFromEcdsaKey = new ECDsaCng(TestData.s_ECDsa521Key)) using (ECDsa ecdsaFromEcdhKey = new ECDsaCng(ecdh521)) { byte[] ecdhKeySignature = ecdsaFromEcdhKey.SignData(keyBlob, HashAlgorithmName.SHA512); byte[] ecdsaKeySignature = ecdsaFromEcdsaKey.SignData(keyBlob, HashAlgorithmName.SHA512); Assert.True( ecdsaFromEcdhKey.VerifyData(keyBlob, ecdsaKeySignature, HashAlgorithmName.SHA512), "ECDsaCng(ECDHKey) validates ECDsaCng(ECDsaKey)"); Assert.True( ecdsaFromEcdsaKey.VerifyData(keyBlob, ecdhKeySignature, HashAlgorithmName.SHA512), "ECDsaCng(ECDsaKey) validates ECDsaCng(ECDHKey)"); } } }
public static void TestNegativeVerify521() { CngKey key = TestData.s_ECDsa521Key; ECDsaCng e = new ECDsaCng(key); byte[] tamperedSig = ("0084461450745672df85735fbf89f2dccef804d6b56e86ca45ea5c366a05a5de96327eddb75582821c6315c8bb823c875845" + "a6f25963ddab70461b786261507f971401fdc300697824129e0a84e0ba1ab4820ac7b29e7f8248bc2e29d152a9190eb3fcb7" + "6e8ebf1aa5dd28ffd582a24cbfebb3426a5f933ce1d995b31c951103d24f6256").HexToByteArray(); bool verified = e.VerifyHash(ECDsaTestData.s_hashSha512, tamperedSig); Assert.False(verified); }