public bool VerifySignature(string keyContainerName, string filePath, CspProviderFlags flags) { SHA1Managed hash = new SHA1Managed(); RSACryptoServiceProvider rsa = CryptoHelpers.LoadRsaKeys(keyContainerName, filePath, flags); //the data was signed /without/ Signature having a value, so remove/cache the value string sig = Signature; Signature = null; byte[] signature = CryptoHelpers.DecodeToBytes(sig); byte[] planBytes = Encoding.UTF8.GetBytes(ToYaml()); bool ok = rsa.VerifyData(planBytes, CryptoConfig.MapNameToOID("SHA1"), signature); if (ok) { byte[] hashedData = hash.ComputeHash(planBytes); ok = rsa.VerifyHash(hashedData, CryptoConfig.MapNameToOID("SHA1"), signature); } //put the Signature back in place. Signature = sig; return(ok); }