private static void TestSignVerifyHashRoundTrip(byte[] hash, HashAlgorithmName hashAlgorithm, RSASignaturePadding paddingMode, int expectedSignatureLength)
{
using (RSA rsa = new RSACng())
{
byte[] signature = rsa.SignHash(hash, hashAlgorithm, paddingMode);
// RSACng.SignHash() is intentionally non-deterministic so we can verify that we got back a signature of the right length
// but nothing about the contents.
Assert.Equal(expectedSignatureLength, signature.Length);
bool verified = rsa.VerifyHash(hash, signature, hashAlgorithm, paddingMode);
Assert.True(verified);
}
}
private byte[] AddSignatureToHash(byte[] hash, CngKey key)
{
using (var signingAlg = new RSACng(key))
{
byte[] signed = signingAlg.SignHash(hash, HashAlgorithmName.SHA384, RSASignaturePadding.Pss);
return signed;
}
}