public static bool VerifySignature(byte[] key, byte[] signature, byte[] data) // keyType = RSAFULLPRIVATEBLOB, RSAPRIVATEBLOB, RSAPUBLICBLOB
{
var rsaParams = BCryptRsaImport.BlobToParameters(key, out int bitLength, out bool isPrivate);
var rsaKey = DotNetUtilities.GetRsaPublicKey(rsaParams);
ISigner s = SignerUtilities.GetSigner("SHA256withRSA/PSS");
s.Init(false, new ParametersWithRandom(rsaKey));
s.BlockUpdate(data, 0, data.Length);
return(s.VerifySignature(signature));
}
public static bool SignData(byte[] key, string keyType, byte[] data, out byte[] signature) // keyType = RSAFULLPRIVATEBLOB, RSAPRIVATEBLOB, RSAPUBLICBLOB
{
if (keyType != "RSAFULLPRIVATEBLOB")
{
throw new CryptographicException("Only RSAFULLPRIVATEBLOB can be used for signing");
}
var rsaParams = BCryptRsaImport.BlobToParameters(key, out int bitLength, out bool isPrivate);
var rsaKey = DotNetUtilities.GetRsaKeyPair(rsaParams).Private;
ISigner s = SignerUtilities.GetSigner("SHA256withRSA/PSS");
s.Init(true, new ParametersWithRandom(rsaKey));
s.BlockUpdate(data, 0, data.Length);
signature = s.GenerateSignature();
return(true);
}