public virtual BigInteger[] GenerateSignature(byte[] message) { var signer = new CertificateSigner.SignerWrapper(); byte[] signature = signer.Sign(message, _privateKey.CertificateCommonName, _privateKey.CertificateStoreName, _privateKey.CertificateStoreLocation); if (signature == null || signature.Length != 64) { throw new Exception($"Invalid signature length, expected 64 but got: {signature?.Length}"); } /* * To prevent positive values from being misinterpreted as negative values, * you can add a zero-byte value to the end of the array. * END of the array since BigInteger interprets byte array as little-endian: * * The individual bytes in the value array should be in little-endian order, * from lowest-order byte to highest-order byte */ BigInteger r = new BigInteger(1, signature, 0, 32); BigInteger s = new BigInteger(1, signature, 32, 32); return(new[] { r, s }); }
public void ValidSignShouldSucceed() { // wrapper for unmanaged signer var signer = new CertificateSigner.SignerWrapper(); // example of hash, real hash will be a longer byte array byte[] hash = { 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8 }; byte[] signature = signer.Sign( hash, "L2", // CN (common name) of the certificate in the store that has the associated private key "CA", // Logical store name, "CA" means Intermediate Certificate Authorities, use "MY" for personal "LocalMachine" // Store location ); Assert.IsNotNull(signature); // // if the certificate's private key is ECDSA SHA-256 we should get the signature that is 64 bit, // // first 32 bit is R parameter, last 32 bit is S parameter // Assert.AreEqual(64, signature.Length); }