/// <summary>Demonstrates signing and verifying based on PEM textual public/private key.</summary>
protected static void TestPEM(byte[] dataToSign)
{
Console.WriteLine("Testing PEM...\n");
// -----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----
string sPublicKeyPEM = Encoding.ASCII.GetString(RSACryptoServiceProviderExtensionDemo.GetDataFromResource("RSACryptoServiceProviderExtensionPublicKey.pem"));
// -----BEGIN RSA PRIVATE KEY-----...-----END RSA PRIVATE KEY-----
string sPrivateKeyPEM = Encoding.ASCII.GetString(RSACryptoServiceProviderExtensionDemo.GetDataFromResource("RSACryptoServiceProviderExtensionPrivateKey.pem"));
Console.WriteLine("Public key:\n{0}", sPublicKeyPEM);
Console.WriteLine("Private key:\n{0}", sPrivateKeyPEM);
byte[] signature;
bool bVerifyResultOriginal;
bool bVerifyResultModified;
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
rsa.PersistKeyInCsp = false;
rsa.LoadPrivateKeyPEM(sPrivateKeyPEM);
using (SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider())
signature = rsa.SignData(dataToSign, sha1);
}
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
rsa.PersistKeyInCsp = false;
rsa.LoadPublicKeyPEM(sPublicKeyPEM);
using (SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider())
bVerifyResultOriginal = rsa.VerifyData(dataToSign, sha1, signature);
// invalidate signature so the next check must fail
signature[signature.Length - 1] ^= 0xFF;
using (SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider())
bVerifyResultModified = rsa.VerifyData(dataToSign, sha1, signature);
}
Console.WriteLine("PEM: original signature is {0}valid.", bVerifyResultOriginal ? String.Empty : "in");
Console.WriteLine("PEM: tampered signature is {0}valid.", bVerifyResultModified ? String.Empty : "in");
Console.WriteLine("\nDone testing PEM.\n");
}
/// <summary>Demonstrates signing and verifying based on DER binary public/private key.</summary>
protected static void TestDER(byte[] dataToSign)
{
Console.WriteLine("Testing DER...\n");
byte[] publicKeyDER = RSACryptoServiceProviderExtensionDemo.GetDataFromResource("RSACryptoServiceProviderExtensionPublicKey.der");
byte[] privateKeyDER = RSACryptoServiceProviderExtensionDemo.GetDataFromResource("RSACryptoServiceProviderExtensionPrivateKey.der");
Console.WriteLine("Public key:\n{0}\n", BitConverter.ToString(publicKeyDER).Replace("-", ""));
Console.WriteLine("Private key:\n{0}\n", BitConverter.ToString(privateKeyDER).Replace("-", ""));
byte[] signature;
bool bVerifyResultOriginal;
bool bVerifyResultModified;
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
rsa.PersistKeyInCsp = false;
rsa.LoadPrivateKeyDER(privateKeyDER);
using (SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider())
signature = rsa.SignData(dataToSign, sha1);
}
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
rsa.PersistKeyInCsp = false;
rsa.LoadPublicKeyDER(publicKeyDER);
using (SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider())
bVerifyResultOriginal = rsa.VerifyData(dataToSign, sha1, signature);
// invalidate signature so the next check must fail
signature[signature.Length - 1] ^= 0xFF;
using (SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider())
bVerifyResultModified = rsa.VerifyData(dataToSign, sha1, signature);
}
Console.WriteLine("DER: original signature is {0}valid.", bVerifyResultOriginal ? String.Empty : "in");
Console.WriteLine("DER: tampered signature is {0}valid.", bVerifyResultModified ? String.Empty : "in");
Console.WriteLine("\nDone testing DER.\n");
}
