protected override bool Sign(
ReadOnlySpan <byte> dataHash,
HashAlgorithmName hashAlgorithmName,
X509Certificate2 certificate,
bool silent,
out Oid signatureAlgorithm,
out byte[] signatureValue)
{
// If there's no private key, fall back to the public key for a "no private key" exception.
DSA dsa =
PkcsPal.Instance.GetPrivateKeyForSigning <DSA>(certificate, silent) ??
certificate.GetDSAPublicKey();
if (dsa == null)
{
signatureAlgorithm = null;
signatureValue = null;
return(false);
}
string oidValue =
hashAlgorithmName == HashAlgorithmName.SHA1 ? Oids.DsaWithSha1 :
hashAlgorithmName == HashAlgorithmName.SHA256 ? Oids.DsaWithSha256 :
hashAlgorithmName == HashAlgorithmName.SHA384 ? Oids.DsaWithSha384 :
hashAlgorithmName == HashAlgorithmName.SHA512 ? Oids.DsaWithSha512 :
null;
if (oidValue == null)
{
signatureAlgorithm = null;
signatureValue = null;
return(false);
}
signatureAlgorithm = new Oid(oidValue, oidValue);
ArrayPool <byte> pool = ArrayPool <byte> .Shared;
// The Q size cannot be bigger than the KeySize.
byte[] rented = pool.Rent(dsa.KeySize / 8);
int bytesWritten = 0;
try
{
if (dsa.TryCreateSignature(dataHash, rented, out bytesWritten))
{
signatureValue = DsaIeeeToDer(new ReadOnlySpan <byte>(rented, 0, bytesWritten));
return(true);
}
}
finally
{
Array.Clear(rented, 0, bytesWritten);
pool.Return(rented);
}
signatureValue = null;
return(false);
}
