SignHash() public method

public SignHash ( byte hash, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding ) : byte[]
hash byte
hashAlgorithm HashAlgorithmName
padding RSASignaturePadding
return byte[]
RSACryptoServiceProvider Class Documentation
Example #1
0
        /// <summary>
        /// Creates a base64 encoded signature for the SHA-256 hash of the specified data.
        /// </summary>
        /// <param name="data">The data to hash and sign. Must not be null.</param>
        /// <returns>The base-64 encoded signature.</returns>
        public string CreateSignature(byte[] data)
        {
            data.ThrowIfNull(nameof(data));

            using (var hashAlg = SHA256.Create())
            {
                byte[] assertionHash = hashAlg.ComputeHash(data);
#if NETSTANDARD
                var sigBytes = key.SignHash(assertionHash, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
#else
                var sigBytes = key.SignHash(assertionHash, Sha256Oid);
#endif
                return(Convert.ToBase64String(sigBytes));
            }
        }
Example #2
0
        private void Sign(string filename)
        {
            try
            {
                string p = @"<RSAKeyValue><Modulus>wJqUfZ3Iry4fV6p1bjO817u2/HE1zCmsnguE0Of+1Dzzcc+L3psx1PsDmXlxcLU9E4+ndbIacC2XMWlrIaLSikIJgfMwuvBej18HrrNATpKHwprUpRMU3P9ug5iemz0pyHA3Nr+keCU/b/HsFmido6R1cuBSDd6RYtlK1Xx+KlU=</Modulus><Exponent>AQAB</Exponent><P>+37HaPakQZN5GKh7Jf8a4b/3kqHIynsd0CYVNN0ax3qqRneEdyhfC2CzJGjv6UPOyAXZHn/T8kWpcSfLbqMlqw==</P><Q>xA3Byhq3RTP4YJYBdri/AZMBpRTiV+xSKi1XLz9m0QsNE5ctuwhbD3wY3YlMdIAbOAVewrxjTJg336z2JHPv/w==</Q><DP>VPgKa14ZNMacfUY/BSFhdbAj9viOHEroUbDsLUYejBLXgKNUr+WF5xQusjh6BfeQ32eKaZGKjCoZC1AEnUalrQ==</DP><DQ>BDAnC6I2eAv8KlQKA/c+XVI+nsArdaVeu/fr/N5l2+FYjiqUl4I+L75+6XydXX+/FRtIQvCzTleSGf0f5Pd1EQ==</DQ><InverseQ>xwGNcideNnj6XrDwLFSv3y7CMq2vMzuYxaObaNTU9sh1PTKVMRpiwdKWKpwnstXmDaSduBVw4EvfNlaz+SzUuw==</InverseQ><D>AJc4x13ZhLgGfpVWQN1Fwf+gYwvR12t1TRLJ+H4NqQb61CmHy0n8kCOo8iqOL4NOyaWSJOlD7X4mTY9+NZ8zOBn2Wij0r606Omw+/rlU986lwcxdBiw3y/LND3gowf1gR3Ei9K0eYsHTZZ9Ry9pmqowXi1DG916MBWSuwAbiOw0=</D></RSAKeyValue>";
                RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
                rsa.FromXmlString(p);

                FileStream fs = new FileStream(filename, FileMode.Open, FileAccess.ReadWrite, FileShare.None);

                SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
                byte[] hash = sha1.ComputeHash(fs);

                byte[] b = rsa.SignHash(hash, CryptoConfig.MapNameToOID("SHA1"));
                fs.Close();

                FileInfo fi = new FileInfo(filename);
                fi.CopyTo(filename + ".p1s", true);
                FileStream fo = new FileStream(filename + ".p1s", FileMode.Append, FileAccess.Write, FileShare.None);
                fo.Write(b, 0, b.Length);
                fo.Close();

                MessageBox.Show(filename + ".p1s is successfully created.");
            }
            catch (Exception e)
            {
                MessageBox.Show(e.ToString());
            }
        }
Example #3
0
        private readonly static RSAParameters PrivateParams = Rsa.ExportParameters(true); //Complete key pairs.

        /// <summary>
        /// Encrypt an input string 
        /// </summary>
        /// <param name="input">the input string to be encrpty</param>
        /// <param name="signature">the private key signature</param>
        /// <returns>A Base 64 encrypted string or empty if can't encrpyt</returns>
        public static string Encrpyt(string input, out byte[] signature)
        {
            signature = null;
            try
            {
                if (string.IsNullOrEmpty(input)) return string.Empty;
                var provider = new RSACryptoServiceProvider(new CspParameters { Flags = CspProviderFlags.UseMachineKeyStore });
                provider.ImportParameters(PublicParams);

                var buffer = Encoding.ASCII.GetBytes(input);
                var encryptedbuffer = provider.Encrypt(buffer, false);

                var hash = new SHA1Managed();
                provider.ImportParameters(PrivateParams);
                var hashedData = hash.ComputeHash(encryptedbuffer);
                signature = provider.SignHash(hashedData, CryptoConfig.MapNameToOID("SHA1"));

                var stringBuilder = new StringBuilder();
                stringBuilder.Append(Convert.ToBase64String(encryptedbuffer));

                return stringBuilder.ToString();
            }
            catch
            {
                return string.Empty;
            }
        }
Example #4
0
 // Hash and sign the data
 public byte[] HashAndSign(byte[] encryptedData)
 {
     RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
     rsaCSP.ImportParameters(PrivateKeyInfo);
     SHA1Managed hash = new SHA1Managed();
     byte[] hashedData = hash.ComputeHash(encryptedData);
     return rsaCSP.SignHash(hashedData, CryptoConfig.MapNameToOID("SHA1"));
 }
Example #5
0
 /// <summary>
 /// Sings a string with the full (private) RSA key provided as XML.
 /// </summary>
 public static string Sign(string inputString, string keyXml)
 {
     byte[] hash = generateHash(inputString);
     using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
     {
         rsa.FromXmlString(keyXml);
         byte[] sig = rsa.SignHash(hash, CryptoConfig.MapNameToOID("SHA1"));
         return byteArrayToHexString(sig);
     }
 }
Example #6
0
 // Create a signature for a specified hash value.
 public override byte[] CreateSignature(byte[] rgbHash)
 {
     if (keyContainer == null)
     {
         throw new CryptographicUnexpectedOperationException
                   (_("Crypto_MissingKey"));
     }
     if (hashAlgorithm == null)
     {
         throw new CryptographicUnexpectedOperationException
                   (_("Crypto_PKCS1Hash"));
     }
     return(keyContainer.SignHash(rgbHash, hashAlgorithm));
 }
Example #7
0
 /// <summary>
 ///     Takes a string and creates a signed hash of it
 /// </summary>
 /// <param name="input">Input string</param>
 /// <param name="key">Key to encrypt/sign with</param>
 /// <param name="hash">This will be filled with the unsigned hash</param>
 /// <param name="encodingUsing">Encoding that the input is using (defaults to UTF8)</param>
 /// <returns>A signed hash of the input (64bit string)</returns>
 public static string SignHash(string input, string key, out string hash, Encoding encodingUsing = null)
 {
     Guard.NotEmpty(input, "input");
     Guard.NotEmpty(key, "key");
     using (var rsa = new RSACryptoServiceProvider())
     {
         rsa.FromXmlString(key);
         byte[] hashBytes = input.ToByteArray(encodingUsing).Hash();
         byte[] signedHash = rsa.SignHash(hashBytes, CryptoConfig.MapNameToOID("SHA1"));
         rsa.Clear();
         hash = hashBytes.ToBase64String();
         return signedHash.ToBase64String();
     }
 }
Example #8
0
        public void AllowUpdateIfIDontRequireChecksum()
        {
            const string NauUpdateFeed =
                @"<?xml version=""1.0"" encoding=""utf-8""?>
            <Feed RSASignature=""SIGNATURE"">
              <Title>My application</Title>
              <Link>http://myapp.com/</Link>
              <Tasks>
            <FileUpdateTask sha256-checksum=""invalidhashButWeCanNotKnowThatNow"" localPath=""test.dll"" updateTo=""remoteFile.dll"" hotswap=""true"">
              <Description>update details</Description>
            </FileUpdateTask>
            <RegistryTask keyName=""asdf"" keyValue=""zsdfgafsdg"" valueKind=""String"">
            </RegistryTask>
              </Tasks>
            </Feed>";
            XmlDocument doc = new XmlDocument();
            doc.LoadXml(NauUpdateFeed);

            // Support for different feed versions
            XmlNode root = doc.SelectSingleNode(@"/Feed[version=""1.0""] | /Feed") ?? doc;

            SHA512Managed sha = new SHA512Managed();
            var hash = sha.ComputeHash(Encoding.UTF8.GetBytes(root.InnerXml));

            RSACryptoServiceProvider provider = new RSACryptoServiceProvider(1024);
            provider.PersistKeyInCsp = false;
            var pubKey = provider.ToXmlString(false);

            var sigBytes = provider.SignHash(hash, "sha512");
            var sig = Convert.ToBase64String(sigBytes);

            var update = NauUpdateFeed.Replace("SIGNATURE", sig);

            bool isVerified = provider.VerifyHash(hash, "sha512", Convert.FromBase64String(sig));
            Assert.IsTrue(isVerified);

            var reader = new NAppUpdate.Framework.FeedReaders.NauXmlFeedReaderSigned();
            reader.PublicKeys = new string[] { pubKey };

            IList<IUpdateTask> updates = reader.Read(update);
            Assert.IsTrue(updates != null && updates.Count == 2);
        }
Example #9
0
        static public Byte[] RSASign(Byte[] hash, String private_key)
        {
            try
            {
                byte[] signed;
                // Erstellen einer Instanz des CryptoServiceProviders
                using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
                {
                    // Importieren der Schlüssel
                    RSA.FromXmlString(private_key);

                    // Verschlüsseln.
                    signed = RSA.SignHash(hash, CryptoConfig.MapNameToOID("SHA1"));
                }
                return signed;
            }
            catch (CryptographicException e)
            {
                Console.WriteLine(e.ToString());
                return null;
            }
        }
Example #10
0
    /// <summary>Create a new revocation message.</summary>
    public UserRevocationMessage(RSACryptoServiceProvider private_key, string username)
    {
      Username = username;
      int signature_length = private_key.KeySize / 8;
      byte[] data = null;

      using(MemoryStream ms = new MemoryStream()) {
        AdrConverter.Serialize(Username, ms);
        Random rand = new Random();
        NumberSerializer.WriteInt(rand.Next(), ms);
        NumberSerializer.WriteLong(DateTime.UtcNow.Ticks, ms);
        data = new byte[ms.Length + signature_length];
        ms.Position = 0;
        ms.Read(data, 0, (int) ms.Length);
      }

      SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
      Hash = sha1.ComputeHash(data, 0, data.Length - signature_length);
      Signature = private_key.SignHash(Hash, CryptoConfig.MapNameToOID("SHA1"));
      Signature.CopyTo(data, data.Length - signature_length);
      _data = MemBlock.Reference(data);
    }
Example #11
0
        public static string CreateCertificateSignature(HttpWebRequest request, DigiUser user)
        {
            var s = request.Method.ToUpper() + "\n" +
                    request.RequestUri.AbsolutePath.ToLower() + "\n" +
                    "content-md5: " + request.Headers["Content-MD5"] + "\n" +
                    "date: " + request.Date.ToUniversalTime().ToString("r") + "\n" +
                    "x-digipost-userid: " + request.Headers["X-Digipost-UserId"] + "\n" +
                    HttpUtility.UrlEncode(request.RequestUri.Query).ToLower() + "\n";

            var rsa = user.Certificate.PrivateKey as RSACryptoServiceProvider;

            if (rsa == null) return null;

            var privateKeyBlob = rsa.ExportCspBlob(true);
            var rsa2 = new RSACryptoServiceProvider();
            rsa2.ImportCspBlob(privateKeyBlob);

            var sha = SHA256.Create();
            var hash = sha.ComputeHash(Encoding.UTF8.GetBytes(s));
            var signature = rsa2.SignHash(hash, CryptoConfig.MapNameToOID("SHA256"));

            return Convert.ToBase64String(signature);
        }
Example #12
0
 /// <summary>
 /// Takes a string and creates a signed hash of it
 /// </summary>
 /// <param name="Input">Input string</param>
 /// <param name="Key">Key to encrypt/sign with</param>
 /// <param name="Hash">This will be filled with the unsigned hash</param>
 /// <param name="EncodingUsing">Encoding that the input is using (defaults to UTF8)</param>
 /// <returns>A signed hash of the input (64bit string)</returns>
 public static string SignHash(string Input, string Key, out string Hash, Encoding EncodingUsing = null)
 {
     Input.ThrowIfNullOrEmpty("Input");
     Key.ThrowIfNullOrEmpty("Key");
     using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
     {
         RSA.FromXmlString(Key);
         byte[] HashBytes = Input.ToByteArray(EncodingUsing).Hash();
         byte[] SignedHash = RSA.SignHash(HashBytes, CryptoConfig.MapNameToOID("SHA1"));
         RSA.Clear();
         Hash = HashBytes.ToBase64String();
         return SignedHash.ToBase64String();
     }
 }
Example #13
0
        public MFTestResults RsaTest_Signature()
        {
            bool testResult = false;

            try
            {
                using (RSACryptoServiceProvider csp = new RSACryptoServiceProvider())
                {
                    string dataToSign = "This is a simple message to be encrypted";

                    byte[] data = System.Text.UTF8Encoding.UTF8.GetBytes(dataToSign);

                    byte[] signature = csp.SignData(data, null);

                    testResult = csp.VerifyData(data, null, signature);

                    HashAlgorithm sha = new HashAlgorithm(HashAlgorithmType.SHA1, csp.Session);

                    byte[] hash = sha.ComputeHash(data);

                    signature = csp.SignHash(hash, MechanismType.SHA_1);
                    testResult &= csp.VerifyHash(hash, MechanismType.SHA_1, signature);
                }
            }
            catch (Exception ex)
            {
                Log.Exception("Unexpected Exception", ex);
            }

            return (testResult ? MFTestResults.Pass : MFTestResults.Fail);
        }
Example #14
0
 /// <summary>
 ///		Sign with only public key
 /// </summary>
 private static void CspSignPublic()
 {
     using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
     {
         rsa.KeyPair = CryptoKey.CreateObject(rsa.Session, m_importKeyPublic) as CryptoKey;
         rsa.SignHash(new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19 }, Cryptoki.MechanismType.SHA_1);
     }
     return;
 }
Example #15
0
 /// <summary>
 ///		Sign null hash
 /// </summary>
 private static void CspSignNullHash()
 {
     using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
     {
         rsa.SignHash((byte[])null, Cryptoki.MechanismType.SHA_1);
     }
 }
Example #16
0
        /// <summary>
        ///		IsPublic on bad key
        /// </summary>
        //private static bool IsPublicBadKey()
        //{
        //    // format a fake key so that a full check must be made on it
        //    byte[] key = new byte[12];
        //    key[0] = 0x06;
        //    key[11] = 0x31;
        //    key[10] = 0x41;
        //    key[9] = 0x53;
        //    key[8] = 0x51; // should be 0x52 to get a result of true

        //    // this is a private method, who's only access point is to attempt to import a key
        //    // since we don't have a real key to use, reflection is the best bet at making sure
        //    // the correct result is achieved

        //    MethodInfo[] methods = typeof(RSACryptoServiceProvider).GetMethods(BindingFlags.Static | BindingFlags.NonPublic);
        //    for (int i = 0; i < methods.Length; i++)
        //    {
        //        if (methods[i].Name == "IsPublic" &&
        //            methods[i].GetParameters().Length == 1 &&
        //            methods[i].GetParameters()[0].ParameterType == key.GetType())
        //            return !(bool)methods[i].Invoke(null, new object[] { key });
        //    }

        //    // this method no longer exists
        //    return true;
        //}

        /// <summary>
        ///		Sign with MD5
        /// </summary>
        private static bool SignMD5()
        {
            byte[] data = new byte[] { 0, 1, 2, 3, 4, 5 };
            using(RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
            using (HashAlgorithm hasher = new HashAlgorithm(HashAlgorithmType.MD5))
            {
                byte[] hash = hasher.ComputeHash(data);
                byte[] sig = rsa.SignHash(hash, Cryptoki.MechanismType.MD5);

                return rsa.VerifyHash(hash, Cryptoki.MechanismType.MD5, sig);
            }
        }
Example #17
0
        public static Boolean Test(Session session)
        {
            Boolean bRes = true;
            //String xml1, xml2, xml3;
            //String sign1, sign2, sign3;
            byte[] sig1;
            byte[] hashval = new byte[20];
            for (int i = 0; i < hashval.Length; i++) hashval[i] = (Byte)i;

            RSACryptoServiceProvider RSA1 = new RSACryptoServiceProvider(session);
            RSACryptoServiceProvider RSA2 = new RSACryptoServiceProvider(session);
            //RSACryptoServiceProvider RSA3 = new RSACryptoServiceProvider();

            sig1 = RSA1.SignHash(hashval, MechanismType.SHA_1); //, CryptoConfig.MapNameToOID("SHA1"));


            RSAParameters RSAParams = RSA1.ExportParameters(true);

            //sign1 = (Convert.ToBase64String(sig1));

            //xml1 = RSA1.ToXmlString(true);

            RSA2.ImportParameters(RSAParams);
            //RSA2.FromXmlString(xml1);

            //xml2 = (RSA2.ToXmlString(true));
            //xml3 = (RSA3.ToXmlString(true));

            byte[] sig2 = RSA2.SignHash(hashval, MechanismType.SHA_1);

            //sign2 = (Convert.ToBase64String(sig2));

            //byte[] sig3 = RSA3.SignHash(hashval, CryptoConfig.MapNameToOID("SHA1"));
            //sign3 = (Convert.ToBase64String(sig3));

            //if ((xml1 != xml2) || (xml2 != xml3))
            //{
            //    Log.Comment("WRONG : ToXmlString results are different");
            //    bRes = false;
            //}

            //Log.Comment(xml1);

            //if ((sign1 != sign2) || (sign2 != sign3))
            //{
            //    Log.Comment("WRONG : signatures are different");
            //    Log.Comment("First: " + sign1);
            //    Log.Comment("Second: " + sign2);
            //    Log.Comment("Third: " + sign3);

            //    bRes = false;
            //}

            //Log.Comment("\n" + sign1);

            if (!RSA1.VerifyHash(hashval, MechanismType.SHA_1, sig2))
            {
                Log.Comment("WRONG : Signature check (1) failed");
                bRes = false;
            }
            if (!RSA2.VerifyHash(hashval, MechanismType.SHA_1, sig1))
            {
                Log.Comment("WRONG : Signature check (1) failed");
                bRes = false;
            }
            //if (!RSA3.VerifyHash(hashval, CryptoConfig.MapNameToOID("SHA1"), sig1))
            //{
            //    Log.Comment("WRONG : Signature check (1) failed");
            //    bRes = false;
            //}

            return bRes;
        }
Example #18
0
		public static string Sign(string body, byte[] key)
		{
			var data = Encoding.Unicode.GetBytes(body);
			using (var hasher = new SHA1Managed())
			using(var rsa = new RSACryptoServiceProvider())
			{
				var hash = hasher.ComputeHash(data);

				rsa.ImportCspBlob(key);

				return Convert.ToBase64String(rsa.SignHash(hash, CryptoConfig.MapNameToOID("SHA1")));
			}
		}
Example #19
0
            internal SignerInfo ToSignerInfo(
                DerObjectIdentifier contentType,
                CmsProcessable content,
                SecureRandom random,
                bool isCounterSignature)
            {
                AlgorithmIdentifier digAlgId = DigestAlgorithmID;
                string digestName            = Helper.GetDigestAlgName(digestOID);

                IDigest dig = Helper.GetDigestInstance(digestName);

                string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);

                //ISigner sig moved there where used

                // TODO Optimise the case where more than one signer with same digest
                if (content != null)
                {
                    content.Write(new DigOutputStream(dig));
                }

                byte[] hash = DigestUtilities.DoFinal(dig);
                outer._digests.Add(digestOID, hash.Clone());

                Asn1Set signedAttr = null;

                byte[] tmp;
                if (sAttr != null)
                {
                    IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);

                    //					Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(Collections.unmodifiableMap(parameters));
                    Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(parameters);

                    if (isCounterSignature)
                    {
                        Hashtable tmpSigned = signed.ToHashtable();
                        tmpSigned.Remove(CmsAttributes.ContentType);
                        signed = new Asn1.Cms.AttributeTable(tmpSigned);
                    }

                    // TODO Validate proposed signed attributes

                    signedAttr = outer.GetAttributeSet(signed);

                    // sig must be composed from the DER encoding.
                    tmp = signedAttr.GetEncoded(Asn1Encodable.Der);
                }
                else
                {
                    // TODO Use raw signature of the hash value instead
                    MemoryStream bOut = new MemoryStream();
                    if (content != null)
                    {
                        content.Write(bOut);
                    }
                    tmp = bOut.ToArray();
                }

                byte[] sigBytes = null;
                if (krProv != null)
                {
                    /*
                     * sig.GenerateSignature() supports the following hashes:
                     * MD2
                     * MD4
                     * MD5
                     * SHA1
                     * SHA224
                     * SHA256
                     * SHA384
                     * SHA512
                     * RIPEMD128
                     * RIPEMD160
                     * RIPEMD256
                     *
                     * krProv.SignData(tmp, digestName) supports the following digestName:
                     * MD5
                     * SHA1
                     * SHA256
                     * SHA384
                     * SHA512
                     */

                    //sigBytes = krProv.SignData(tmp, digestName);

                    IDigest digProv = Helper.GetDigestInstance(digestName);
                    digProv.BlockUpdate(tmp, 0, tmp.Length);
                    byte[] hashProv = new byte[digProv.GetDigestSize()];
                    digProv.DoFinal(hashProv, 0);

                    sigBytes = krProv.SignHash(hashProv, digestOID);
                }
                else
                {
                    ISigner sig = Helper.GetSignatureInstance(signatureName);//was moved
                    sig.Init(true, new ParametersWithRandom(key, random));
                    sig.BlockUpdate(tmp, 0, tmp.Length);
                    sigBytes = sig.GenerateSignature();
                }

                Asn1Set unsignedAttr = null;

                if (unsAttr != null)
                {
                    IDictionary baseParameters = outer.GetBaseParameters(contentType, digAlgId, hash);
                    baseParameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone();

                    //					Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(Collections.unmodifiableMap(baseParameters));
                    Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(baseParameters);

                    // TODO Validate proposed unsigned attributes

                    unsignedAttr = outer.GetAttributeSet(unsigned);
                }

                // TODO [RSAPSS] Need the ability to specify non-default parameters
                Asn1Encodable       sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName);
                AlgorithmIdentifier encAlgId          = CmsSignedGenerator.GetEncAlgorithmIdentifier(
                    new DerObjectIdentifier(encOID), sigX509Parameters);

                return(new SignerInfo(signerIdentifier, digAlgId,
                                      signedAttr, encAlgId, new DerOctetString(sigBytes), unsignedAttr));
            }
Example #20
0
	void SignHash (string name, int size)
	{
		string oid = CryptoConfig.MapNameToOID (name);
		byte [] hash = new byte [size];
		rsa = new RSACryptoServiceProvider (1024);
		byte [] signature = rsa.SignHash (hash, oid);
		Assert.IsTrue (rsa.VerifyHash (hash, oid, signature), name);
		Assert.IsTrue (rsa.VerifyHash (hash, oid, signature), "OID");
	}
Example #21
0
        /// <summary>
        /// Signs given hash with provided key.
        /// </summary>
        /// <param name="hash">hash to sign (in base64 form)</param>
        /// <param name="privateKey">private key (in base64 form)</param>
        /// <returns>Signed hash (string in base64 form)</returns>
        public string SignHash(string hash, string privateKey)
        {
            byte[] signedBytes;

            using (var RSA = new RSACryptoServiceProvider())
            {
                // do not store key info into persistent storage of CSP
                RSA.PersistKeyInCsp = false;

                var encoder = new UTF8Encoding();
                var original = encoder.GetBytes(hash);

                try
                {
                    RSA.ImportCspBlob(Convert.FromBase64String(privateKey));
                    signedBytes = RSA.SignHash(original, CryptoConfig.MapNameToOID("SHA256"));
                }
                catch (CryptographicException e)
                {
                    Debug.Fail(e.Message);
                    return null;
                }
                finally
                {
                    RSA.PersistKeyInCsp = false;
                }
            }
            return Convert.ToBase64String(signedBytes);
        }
Example #22
0
 /// <summary>
 /// Takes a string and creates a signed hash of it
 /// </summary>
 /// <param name="Input">Input string</param>
 /// <param name="Key">Key to encrypt/sign with</param>
 /// <param name="Hash">This will be filled with the unsigned hash</param>
 /// <param name="EncodingUsing">Encoding that the input is using (defaults to UTF8)</param>
 /// <returns>A signed hash of the input (64bit string)</returns>
 public override string SignHash(string Input, string Key, out string Hash, Encoding EncodingUsing = null)
 {
     Contract.Requires<ArgumentNullException>(!string.IsNullOrEmpty(Key), "Key");
     Contract.Requires<ArgumentNullException>(!string.IsNullOrEmpty(Input), "Input");
     using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
     {
         RSA.FromXmlString(Key);
         byte[] HashBytes = Input.ToByteArray(EncodingUsing).Hash();
         byte[] SignedHash = RSA.SignHash(HashBytes, CryptoConfig.MapNameToOID("SHA1"));
         RSA.Clear();
         Hash = HashBytes.ToString(Base64FormattingOptions.None);
         return SignedHash.ToString(Base64FormattingOptions.None);
     }
 }
Example #23
0
 public static byte[] RSASignMD5
                         (
                             RSACryptoServiceProvider provider
                             , byte[] data
                         )
 {
     HashAlgorithm hashAlgorithm = new MD5CryptoServiceProvider();
     return provider.SignHash
                 (
                     ComputeHash(hashAlgorithm, data)
                     , "MD5"
                 );
 }
Example #24
0
        /// <summary>
        /// Assina a string utilizando RSA-SHA1
        /// </summary>
        /// <param name="cert">certificado utilizado para assinar a string</param>
        /// <param name="value">Valor a ser assinado</param>
        /// <returns></returns>
        public static string SignWithRSASHA1(X509Certificate2 cert, String value)
        {
            //Regras retiradas da página 39 do manual da Prefeitura Municipal de Blumenau
            // Converta a cadeia de caracteres ASCII para bytes. 
            ASCIIEncoding asciiEncoding = new ASCIIEncoding();
            byte[] asciiBytes = asciiEncoding.GetBytes(value);

            // Gere o HASH (array de bytes) utilizando SHA1
            SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
            byte[] sha1Hash = sha1.ComputeHash(asciiBytes);

            //- Assine o HASH (array de bytes) utilizando RSA-SHA1.
            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
            rsa = cert.PrivateKey as RSACryptoServiceProvider;
            asciiBytes = rsa.SignHash(sha1Hash, "SHA1");
            string result = Convert.ToBase64String(asciiBytes);
            return result;
        }
Example #25
0
        /// <summary>
        /// Signs given hash with provided key.
        /// </summary>
        /// <param name="hash">hash to sign</param>
        /// <param name="privateKey">private key</param>
        /// <returns>Signed hash (string in base64 form)</returns>
        public string SignHash(byte[] hash, byte[] privateKey)
        {
            byte[] signedBytes;

            using (var RSA = new RSACryptoServiceProvider())
            {
                // do not store key info into persistent storage of CSP
                RSA.PersistKeyInCsp = false;

                try
                {
                    RSA.ImportCspBlob(privateKey);
                    signedBytes = RSA.SignHash(hash, CryptoConfig.MapNameToOID("SHA256"));
                }
                catch (CryptographicException e)
                {
                    Debug.Fail(e.Message);
                    return null;
                }
                finally
                {
                    RSA.PersistKeyInCsp = false;
                }
            }
            return Convert.ToBase64String(signedBytes);
        }
Example #26
0
        private string SignUpdate(XmlDocument doc, string pathToSignFile)
        {
            string keyFileContent = null;
            if (string.IsNullOrEmpty(pathToSignFile))
            {
                throw new Exception("signature file not specified");
            }
            try
            {
                using (var file = File.Open(pathToSignFile, FileMode.Open))
                {
                    StreamReader sr = new StreamReader(file);
                    keyFileContent = sr.ReadToEnd();
                }
            } catch(Exception)
            {
                throw new Exception("Could not open or read file: " + keyFileContent);
            }
            if(string.IsNullOrEmpty(keyFileContent))
            {
                throw new Exception("key file was empty");
            }

            RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
            provider.PersistKeyInCsp = false;
            try
            {
                provider.FromXmlString(keyFileContent);
                if(provider.PublicOnly)
                {
                    throw new Exception();
                }
            }
            catch (Exception)
            {
                throw new Exception("Could not read signing key. It needs to have an xml format, as required by RSACryptoServiceProvider, and it needs to contain both private and public parts");
            }

            SHA512Managed sha = new SHA512Managed();
            var hash = sha.ComputeHash(Encoding.UTF8.GetBytes(doc.InnerXml));
            string signature = Convert.ToBase64String(provider.SignHash(hash, "sha512"));
            return signature;
        }
Example #27
0
	// LAMESPEC: SignHash and VerifyHash need an OID string (not the algorithm)
	// http://www.easycsharp.com/news/dotnet/article.php3?id=25510
	// LAMESPEC: SignHash and VerifyHash doesn't accept null for algo parameters
	private void SignAndVerify (string msg, RSACryptoServiceProvider rsa) 
	{
		byte[] hash = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13 };
		byte[] sign = rsa.SignHash (hash, sha1OID);
		// we don't need the private key to verify
		RSAParameters param = rsa.ExportParameters (false);
		RSACryptoServiceProvider key = (RSACryptoServiceProvider) RSA.Create ();
		key.ImportParameters (param);
		// the signature is never the same so the only way to know if 
		// it worked is to verify it ourselve (i.e. can't compare)
		bool ok = key.VerifyHash (hash, sha1OID, sign);
		Assert (msg + "-SignAndVerify", ok);
	}
Example #28
0
	public void SignHashRIPEMD160 ()
	{
		string oid = CryptoConfig.MapNameToOID ("RIPEMD160");
		Assert.IsNotNull (oid);
		byte [] hash = new byte [20];
		rsa = new RSACryptoServiceProvider (minKeySize);
		// OID not supported
		rsa.SignHash (hash, oid);
	}
Example #29
0
	public void SignHashInvalidLength () 
	{
		byte[] hash = new byte [19];
		rsa = new RSACryptoServiceProvider (minKeySize);
		rsa.SignHash (hash, "1.3.14.3.2.26"); // SHA-1
	}
Example #30
0
	public void SignHashNullOID () 
	{
		byte[] hash = new byte [20];
		rsa = new RSACryptoServiceProvider (minKeySize);
		rsa.SignHash (hash, null);
	}
Example #31
0
	public void SignHashNullOID ()
	{
		byte [] hash = new byte [20];
		rsa = new RSACryptoServiceProvider (minKeySize);
		byte[] signature = rsa.SignHash (hash, null);
		Assert ("Null OID == SHA1", rsa.VerifyHash (hash, "1.3.14.3.2.26", signature));
		Assert ("Null OID", rsa.VerifyHash (hash, null, signature));
	}
Example #32
0
	public void SignHashNullValue () 
	{
		rsa = new RSACryptoServiceProvider (minKeySize);
		rsa.SignHash (null, "1.3.14.3.2.26"); // SHA-1
	}
Example #33
-1
        /// <summary>
        ///   Takes a string and creates a signed hash of it
        /// </summary>
        /// <param name="input"> Input string </param>
        /// <param name="key"> Key to encrypt/sign with </param>
        /// <param name="hash"> This will be filled with the unsigned hash </param>
        /// <param name="encodingUsing"> Encoding that the input is using (defaults to UTF8) </param>
        /// /// <param name="hashIdentifer">The id of the hash algorithm used (default SHA1)</param>
        /// <returns> A signed hash of the input (64bit string) </returns>
        public static string SignHash(string input, string key, out string hash, Encoding encodingUsing = null,  string hashIdentifer = "SHA1")
        {
            if (string.IsNullOrEmpty(input))
                throw new ArgumentNullException("input");

            if (string.IsNullOrEmpty(key))
                throw new ArgumentNullException("key");

            encodingUsing = encodingUsing ?? new UTF8Encoding();

            using (var rsa = new RSACryptoServiceProvider())
            {
                rsa.FromXmlString(key);
                var hashBytes = encodingUsing.GetBytes(input).Hash();
                var signedHash = rsa.SignHash(hashBytes, CryptoConfig.MapNameToOID(hashIdentifer));
                rsa.Clear();
                hash = Convert.ToBase64String(hashBytes);
                return Convert.ToBase64String(signedHash);
            }
        }