/// <summary>
/// Hash the given data and sign it using DSA.
/// </summary>
public static byte[] HashAndSignUsingDSA(byte[] dataToSign, string keyContainerName, HashAlgorithmTypeEnum hashType)
{
DSACryptoServiceProvider dsa = AsymmetricOperation.GetDSACryptoServiceProvider(keyContainerName);
byte[] hashedData = HashOperation.CreateHashAlgorithmProvider(hashType).ComputeHash(dataToSign);
return(dsa.CreateSignature(hashedData));
}
/// <summary>
/// Verify the given data and signature using RSA.
/// </summary>
public static bool VerifySignedHashUsingRSA(byte[] dataToVerify, byte[] signedData,
string keyContainerName, HashAlgorithmTypeEnum hashType)
{
RSACryptoServiceProvider rsa = AsymmetricOperation.GetRSACryptoServiceProvider(keyContainerName);
return(rsa.VerifyData(dataToVerify, HashOperation.CreateHashAlgorithmProvider(hashType), signedData));
}
/// <summary>
/// Hash the given data and sign it using RSA.
/// </summary>
public static byte[] HashAndSignUsingRSA(byte[] dataToSign, string keyContainerName,
HashAlgorithmTypeEnum hashType)
{
RSACryptoServiceProvider rsa = AsymmetricOperation.GetRSACryptoServiceProvider(keyContainerName);
return(rsa.SignData(dataToSign, HashOperation.CreateHashAlgorithmProvider(hashType)));
}
/// <summary>
/// Verify the given data and signature using RSA.
/// </summary>
public static bool VerifySignedHashUsingDSA(byte[] dataToVerify, byte[] signedData,
string keyContainerName, HashAlgorithmTypeEnum hashType)
{
DSACryptoServiceProvider dsa = AsymmetricOperation.GetDSACryptoServiceProvider(keyContainerName);
byte[] hashedData = HashOperation.CreateHashAlgorithmProvider(hashType).ComputeHash(dataToVerify);
return(dsa.VerifySignature(hashedData, signedData));
}
/// <summary>
/// This function uses asymmetric RSA algorithm to encypt a session key. Session key is created using the
/// symmetric AES algorithm generated key and IV.
/// </summary>
public byte[] EncodeEnvelope(string keyContainerName, byte[] bufKey)
{
RSACryptoServiceProvider rsa = AsymmetricOperation.GetRSACryptoServiceProvider(keyContainerName);
_aes = new RijndaelManaged();
_aes.Mode = CipherMode.CBC;
_aes.Padding = PaddingMode.PKCS7;
_aes.Key = bufKey;
// Send the session initialiazaion vector in the envelope
//string sessionKey = encoding.GetString(_aes.Key, 0, _aes.Key.Length) // 256 bits - encoded to 16 bytes
// + encoding.GetString(_aes.IV, 0, _aes.IV.Length); // 128 bits - encoded to 8 bytes
return(rsa.Encrypt(_aes.IV, false));
}
/// <summary>
/// This function decodes the envelope and initialize the AES provider.
/// </summary>
public void DecodeEnvelope(byte[] envelope, string keyContainerName, byte[] bufKey)
{
// Use RSA to decrypt the envelope
RSACryptoServiceProvider rsa = AsymmetricOperation.GetRSACryptoServiceProvider(keyContainerName);
byte[] ivBuf = rsa.Decrypt(envelope, false);
////// Get the secret key and split into the key and IV
////string sessionKey = encoding.GetString(secretkey, 0, secretkey.Length);
////string key = sessionKey.Substring(0, 16);
////string iv = sessionKey.Substring(16, 8);
_aes = new RijndaelManaged();
_aes.Mode = CipherMode.CBC;
_aes.Padding = PaddingMode.PKCS7;
_aes.Key = bufKey; //?? encoding.GetBytes(key);
_aes.IV = ivBuf; //?? encoding.GetBytes(iv);
}
/// <summary>
/// This function creates the DSA crypto service provider.
/// </summary>
public static DSACryptoServiceProvider GetDSACryptoServiceProvider(string keyContainerName)
{
return(new DSACryptoServiceProvider(
AsymmetricOperation.GetCryptoServiceProvider(keyContainerName, AsymmetricAlgorithmTypeEnum.DSA)));
}