This class allows you to sign with either an RSACryptoServiceProvider/DSACryptoServiceProvider from a X509Certificate2, or from manually created RSACryptoServiceProvider/DSACryptoServiceProvider. Depending on the certificate's CSP, sometimes you will not be able to sign with SHA-256/SHA-512 hash algorithm with RSACryptoServiceProvider taken directly from the certificate. This class allows you to use a workaround in this case and sign with certificate's private key and SHA-256/SHA-512 anyway. More...
Public Member Functions |
|
| AsymmetricAlgorithmSignature (RSACryptoServiceProvider algorithm, String hashAlgorithm) | |
| AsymmetricAlgorithmSignature (DSACryptoServiceProvider algorithm) | |
| byte[] | Sign (byte[] message) |
| Signs the given message using the encryption algorithm in combination with the hash algorithm. More... |
|
| string | GetHashAlgorithm () |
| Returns the hash algorithm. More... |
|
| string | GetEncryptionAlgorithm () |
| Returns the encryption algorithm used for signing. More... |
|
Detailed Description
This class allows you to sign with either an RSACryptoServiceProvider/DSACryptoServiceProvider from a X509Certificate2, or from manually created RSACryptoServiceProvider/DSACryptoServiceProvider. Depending on the certificate's CSP, sometimes you will not be able to sign with SHA-256/SHA-512 hash algorithm with RSACryptoServiceProvider taken directly from the certificate. This class allows you to use a workaround in this case and sign with certificate's private key and SHA-256/SHA-512 anyway.
An example of a workaround for CSP that does not support SHA-256/SHA-512: if (certificate.PrivateKey is RSACryptoServiceProvider) {
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)certificate.PrivateKey;
// Modified by J. Arturo // Workaround for SHA-256 and SHA-512
if (rsa.CspKeyContainerInfo.ProviderName == "Microsoft Strong Cryptographic Provider" || rsa.CspKeyContainerInfo.ProviderName == "Microsoft Enhanced Cryptographic Provider v1.0" || rsa.CspKeyContainerInfo.ProviderName == "Microsoft Base Cryptographic Provider v1.0") { string providerName = "Microsoft Enhanced RSA and AES Cryptographic Provider"; int providerType = 24;
Type CspKeyContainerInfo_Type = typeof(CspKeyContainerInfo);
FieldInfo CspKeyContainerInfo_m_parameters = CspKeyContainerInfo_Type.GetField("m_parameters", BindingFlags.NonPublic | BindingFlags.Instance); CspParameters parameters = (CspParameters)CspKeyContainerInfo_m_parameters.GetValue(rsa.CspKeyContainerInfo);
var cspparams = new CspParameters(providerType, providerName, rsa.CspKeyContainerInfo.KeyContainerName); cspparams.Flags = parameters.Flags;
using (var rsaKey = new RSACryptoServiceProvider(cspparams)) { // use rsaKey now } } else { // Use rsa directly } }
https://blogs.msdn.microsoft.com/shawnfa/2008/08/25/using-rsacryptoserviceprovider-for-rsa-sha256-signatures/ http://stackoverflow.com/questions/7444586/how-can-i-sign-a-file-using-rsa-and-sha256-with-net http://stackoverflow.com/questions/5113498/can-rsacryptoserviceprovider-nets-rsa-use-sha256-for-encryption-not-signing http://stackoverflow.com/questions/31553523/how-can-i-properly-verify-a-file-using-rsa-and-sha256-with-net
Member Function Documentation
◆ GetEncryptionAlgorithm()
|
inline |
Returns the encryption algorithm used for signing.
- Returns
- The encryption algorithm ("RSA" or "DSA").
Implements iText.Signatures.IExternalSignature.
◆ GetHashAlgorithm()
|
inline |
Returns the hash algorithm.
- Returns
- The hash algorithm (e.g. "SHA-1", "SHA-256,...").
Implements iText.Signatures.IExternalSignature.
◆ Sign()
|
inline |
Signs the given message using the encryption algorithm in combination with the hash algorithm.
- Parameters
-
message The message you want to be hashed and signed.
- Returns
- A signed message digest.
Implements iText.Signatures.IExternalSignature.
