public virtual BigInteger[] GenerateSignature(byte[] message)
        {
            var signer = new CertificateSigner.SignerWrapper();

            byte[] signature = signer.Sign(message,
                                           _privateKey.CertificateCommonName,
                                           _privateKey.CertificateStoreName,
                                           _privateKey.CertificateStoreLocation);

            if (signature == null || signature.Length != 64)
            {
                throw new Exception($"Invalid signature length, expected 64 but got: {signature?.Length}");
            }

            /*
             * To prevent positive values from being misinterpreted as negative values,
             * you can add a zero-byte value to the end of the array.
             * END of the array since BigInteger interprets byte array as little-endian:
             *
             * The individual bytes in the value array should be in little-endian order,
             * from lowest-order byte to highest-order byte
             */

            BigInteger r = new BigInteger(1, signature, 0, 32);
            BigInteger s = new BigInteger(1, signature, 32, 32);

            return(new[] { r, s });
        }
Exemplo n.º 2
0
        public void ValidSignShouldSucceed()
        {
            // wrapper for unmanaged signer
            var signer = new CertificateSigner.SignerWrapper();

            // example of hash, real hash will be a longer byte array
            byte[] hash = { 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8 };

            byte[] signature = signer.Sign(
                hash,
                "L2",          // CN (common name) of the certificate in the store that has the associated private key
                "CA",          // Logical store name, "CA" means Intermediate Certificate Authorities, use "MY" for personal
                "LocalMachine" // Store location
                );

            Assert.IsNotNull(signature);

            // // if the certificate's private key is ECDSA SHA-256 we should get the signature that is 64 bit,
            // // first 32 bit is R parameter, last 32 bit is S parameter
            // Assert.AreEqual(64, signature.Length);
        }