RSACryptoServiceProvider.SignData Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Computes the hash value of the specified data and signs it.
Overloads
| SignData(Byte[], Object) |
Computes the hash value of the specified byte array using the specified hash algorithm, and signs the resulting hash value. |
| SignData(Stream, Object) |
Computes the hash value of the specified input stream using the specified hash algorithm, and signs the resulting hash value. |
| SignData(Byte[], Int32, Int32, Object) |
Computes the hash value of a subset of the specified byte array using the specified hash algorithm, and signs the resulting hash value. |
SignData(Byte[], Object)
Computes the hash value of the specified byte array using the specified hash algorithm, and signs the resulting hash value.
public:
cli::array <System::Byte> ^ SignData(cli::array <System::Byte> ^ buffer, System::Object ^ halg);public byte[] SignData (byte[] buffer, object halg);override this.SignData : byte[] * obj -> byte[]member this.SignData : byte[] * obj -> byte[]Public Function SignData (buffer As Byte(), halg As Object) As Byte()Parameters
- buffer
- Byte[]
The input data to hash and sign.
- halg
- Object
The hash algorithm to use to create the hash value.
Returns
Byte[]
The RSA signature for the specified data.
Exceptions
The halg parameter is null.
The halg parameter is not a valid type.
Examples
The following code example signs and verifies data.
using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Text;
array<Byte>^ HashAndSignBytes( array<Byte>^DataToSign, RSAParameters Key )
{
try
{
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
RSAalg->ImportParameters( Key );
// Hash and sign the data. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg->SignData( DataToSign, SHA256::Create() );
}
catch ( CryptographicException^ e )
{
Console::WriteLine( e->Message );
return nullptr;
}
}
bool VerifySignedHash( array<Byte>^DataToVerify, array<Byte>^SignedData, RSAParameters Key )
{
try
{
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
RSAalg->ImportParameters( Key );
// Verify the data using the signature. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg->VerifyData( DataToVerify, SHA256::Create(), SignedData );
}
catch ( CryptographicException^ e )
{
Console::WriteLine( e->Message );
return false;
}
}
int main()
{
try
{
// Create a UnicodeEncoder to convert between byte array and string.
ASCIIEncoding^ ByteConverter = gcnew ASCIIEncoding;
String^ dataString = "Data to Sign";
// Create byte arrays to hold original, encrypted, and decrypted data.
array<Byte>^originalData = ByteConverter->GetBytes( dataString );
array<Byte>^signedData;
// Create a new instance of the RSACryptoServiceProvider class
// and automatically create a new key-pair.
RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
// Export the key information to an RSAParameters object.
// You must pass true to export the private key for signing.
// However, you do not need to export the private key
// for verification.
RSAParameters Key = RSAalg->ExportParameters( true );
// Hash and sign the data.
signedData = HashAndSignBytes( originalData, Key );
// Verify the data and display the result to the
// console.
if ( VerifySignedHash( originalData, signedData, Key ) )
{
Console::WriteLine( "The data was verified." );
}
else
{
Console::WriteLine( "The data does not match the signature." );
}
}
catch ( ArgumentNullException^ )
{
Console::WriteLine( "The data was not signed or verified" );
}
}
using System;
using System.Security.Cryptography;
using System.Text;
class RSACSPSample
{
static void Main()
{
try
{
// Create a UnicodeEncoder to convert between byte array and string.
ASCIIEncoding ByteConverter = new ASCIIEncoding();
string dataString = "Data to Sign";
// Create byte arrays to hold original, encrypted, and decrypted data.
byte[] originalData = ByteConverter.GetBytes(dataString);
byte[] signedData;
// Create a new instance of the RSACryptoServiceProvider class
// and automatically create a new key-pair.
RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();
// Export the key information to an RSAParameters object.
// You must pass true to export the private key for signing.
// However, you do not need to export the private key
// for verification.
RSAParameters Key = RSAalg.ExportParameters(true);
// Hash and sign the data.
signedData = HashAndSignBytes(originalData, Key);
// Verify the data and display the result to the
// console.
if(VerifySignedHash(originalData, signedData, Key))
{
Console.WriteLine("The data was verified.");
}
else
{
Console.WriteLine("The data does not match the signature.");
}
}
catch(ArgumentNullException)
{
Console.WriteLine("The data was not signed or verified");
}
}
public static byte[] HashAndSignBytes(byte[] DataToSign, RSAParameters Key)
{
try
{
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();
RSAalg.ImportParameters(Key);
// Hash and sign the data. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg.SignData(DataToSign, SHA256.Create());
}
catch(CryptographicException e)
{
Console.WriteLine(e.Message);
return null;
}
}
public static bool VerifySignedHash(byte[] DataToVerify, byte[] SignedData, RSAParameters Key)
{
try
{
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();
RSAalg.ImportParameters(Key);
// Verify the data using the signature. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData);
}
catch(CryptographicException e)
{
Console.WriteLine(e.Message);
return false;
}
}
}
Imports System.Security.Cryptography
Imports System.Text
Module RSACSPExample
Sub Main()
Try
' Create a UnicodeEncoder to convert between byte array and string.
Dim ByteConverter As New ASCIIEncoding
Dim dataString As String = "Data to Sign"
' Create byte arrays to hold original, encrypted, and decrypted data.
Dim originalData As Byte() = ByteConverter.GetBytes(dataString)
Dim signedData() As Byte
' Create a new instance of the RSACryptoServiceProvider class
' and automatically create a new key-pair.
Dim RSAalg As New RSACryptoServiceProvider
' Export the key information to an RSAParameters object.
' You must pass true to export the private key for signing.
' However, you do not need to export the private key
' for verification.
Dim Key As RSAParameters = RSAalg.ExportParameters(True)
' Hash and sign the data.
signedData = HashAndSignBytes(originalData, Key)
' Verify the data and display the result to the
' console.
If VerifySignedHash(originalData, signedData, Key) Then
Console.WriteLine("The data was verified.")
Else
Console.WriteLine("The data does not match the signature.")
End If
Catch e As ArgumentNullException
Console.WriteLine("The data was not signed or verified.")
End Try
End Sub
Function HashAndSignBytes(ByVal DataToSign() As Byte, ByVal Key As RSAParameters) As Byte()
Try
' Create a new instance of RSACryptoServiceProvider using the
' key from RSAParameters.
Dim RSAalg As New RSACryptoServiceProvider
RSAalg.ImportParameters(Key)
' Hash and sign the data. Pass a new instance of SHA256
' to specify the hashing algorithm.
Return RSAalg.SignData(DataToSign, SHA256.Create())
Catch e As CryptographicException
Console.WriteLine(e.Message)
Return Nothing
End Try
End Function
Function VerifySignedHash(ByVal DataToVerify() As Byte, ByVal SignedData() As Byte, ByVal Key As RSAParameters) As Boolean
Try
' Create a new instance of RSACryptoServiceProvider using the
' key from RSAParameters.
Dim RSAalg As New RSACryptoServiceProvider
RSAalg.ImportParameters(Key)
' Verify the data using the signature. Pass a new instance of SHA256
' to specify the hashing algorithm.
Return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData)
Catch e As CryptographicException
Console.WriteLine(e.Message)
Return False
End Try
End Function
End Module
Remarks
This method creates a digital signature that is verified using the VerifyData method.
The halg parameter can accept a String, a HashAlgorithm, or a Type.
See also
Applies to
SignData(Stream, Object)
Computes the hash value of the specified input stream using the specified hash algorithm, and signs the resulting hash value.
public:
cli::array <System::Byte> ^ SignData(System::IO::Stream ^ inputStream, System::Object ^ halg);public byte[] SignData (System.IO.Stream inputStream, object halg);override this.SignData : System.IO.Stream * obj -> byte[]member this.SignData : System.IO.Stream * obj -> byte[]Public Function SignData (inputStream As Stream, halg As Object) As Byte()Parameters
- inputStream
- Stream
The input stream to hash and sign.
- halg
- Object
The hash algorithm to use to create the hash value.
Returns
Byte[]
The RSA signature for the specified data.
Exceptions
The halg parameter is null.
The halg parameter is not a valid type.
Examples
The following code example signs and verifies data.
using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Text;
using namespace System::IO;
array<Byte>^ HashAndSignBytes( Stream^ DataStream, RSAParameters Key )
{
try
{
// Reset the current position in the stream to
// the beginning of the stream (0). RSACryptoServiceProvider
// can't verify the data unless the stream position
// is set to the starting position of the data.
DataStream->Position = 0;
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
RSAalg->ImportParameters( Key );
// Hash and sign the data. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg->SignData( DataStream, SHA256::Create() );
}
catch ( CryptographicException^ e )
{
Console::WriteLine( e->Message );
return nullptr;
}
}
bool VerifySignedHash( array<Byte>^DataToVerify, array<Byte>^SignedData, RSAParameters Key )
{
try
{
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
RSAalg->ImportParameters( Key );
// Verify the data using the signature. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg->VerifyData( DataToVerify, SHA256(), SignedData );
}
catch ( CryptographicException^ e )
{
Console::WriteLine( e->Message );
return false;
}
}
int main()
{
try
{
ASCIIEncoding^ ByteConverter = gcnew ASCIIEncoding;
// Create some bytes to be signed.
array<Byte>^dataBytes = ByteConverter->GetBytes( "Here is some data to sign!" );
// Create a buffer for the memory stream.
array<Byte>^buffer = gcnew array<Byte>(dataBytes->Length);
// Create a MemoryStream.
MemoryStream^ mStream = gcnew MemoryStream( buffer );
// Write the bytes to the stream and flush it.
mStream->Write( dataBytes, 0, dataBytes->Length );
mStream->Flush();
// Create a new instance of the RSACryptoServiceProvider class
// and automatically create a new key-pair.
RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
// Export the key information to an RSAParameters object.
// You must pass true to export the private key for signing.
// However, you do not need to export the private key
// for verification.
RSAParameters Key = RSAalg->ExportParameters( true );
// Hash and sign the data.
array<Byte>^signedData = HashAndSignBytes( mStream, Key );
// Verify the data and display the result to the
// console.
if ( VerifySignedHash( dataBytes, signedData, Key ) )
{
Console::WriteLine( "The data was verified." );
}
else
{
Console::WriteLine( "The data does not match the signature." );
}
// Close the MemoryStream.
mStream->Close();
}
catch ( ArgumentNullException^ )
{
Console::WriteLine( "The data was not signed or verified" );
}
}
using System;
using System.Security.Cryptography;
using System.Text;
using System.IO;
class RSACSPSample
{
static void Main()
{
try
{
ASCIIEncoding ByteConverter = new ASCIIEncoding();
// Create some bytes to be signed.
byte[] dataBytes = ByteConverter.GetBytes("Here is some data to sign!");
// Create a buffer for the memory stream.
byte[] buffer = new byte[dataBytes.Length];
// Create a MemoryStream.
MemoryStream mStream = new MemoryStream(buffer);
// Write the bytes to the stream and flush it.
mStream.Write(dataBytes, 0, dataBytes.Length);
mStream.Flush();
// Create a new instance of the RSACryptoServiceProvider class
// and automatically create a new key-pair.
RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();
// Export the key information to an RSAParameters object.
// You must pass true to export the private key for signing.
// However, you do not need to export the private key
// for verification.
RSAParameters Key = RSAalg.ExportParameters(true);
// Hash and sign the data.
byte[] signedData = HashAndSignBytes(mStream, Key);
// Verify the data and display the result to the
// console.
if(VerifySignedHash(dataBytes, signedData, Key))
{
Console.WriteLine("The data was verified.");
}
else
{
Console.WriteLine("The data does not match the signature.");
}
// Close the MemoryStream.
mStream.Close();
}
catch(ArgumentNullException)
{
Console.WriteLine("The data was not signed or verified");
}
}
public static byte[] HashAndSignBytes(Stream DataStream, RSAParameters Key)
{
try
{
// Reset the current position in the stream to
// the beginning of the stream (0). RSACryptoServiceProvider
// can't verify the data unless the stream position
// is set to the starting position of the data.
DataStream.Position = 0;
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();
RSAalg.ImportParameters(Key);
// Hash and sign the data. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg.SignData(DataStream, SHA256.Create());
}
catch(CryptographicException e)
{
Console.WriteLine(e.Message);
return null;
}
}
public static bool VerifySignedHash(byte[] DataToVerify, byte[] SignedData, RSAParameters Key)
{
try
{
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();
RSAalg.ImportParameters(Key);
// Verify the data using the signature. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData);
}
catch(CryptographicException e)
{
Console.WriteLine(e.Message);
return false;
}
}
}
Imports System.Security.Cryptography
Imports System.Text
Imports System.IO
Module RSACSPExample
Sub Main()
Try
Dim ByteConverter As New ASCIIEncoding
' Create some bytes to be signed.
Dim dataBytes As Byte() = ByteConverter.GetBytes("Here is some data to sign!")
' Create a buffer for the memory stream.
' VB automatically pads arrays with an extra
' Digit of "0".
' RSACryptoServiceProvider will not verify
' the buffer if the automatic padding is
' present. To remove the padding, decrement
' the buffer length by 1.
Dim buffer(dataBytes.Length - 1) As Byte
' Create a MemoryStream.
Dim mStream As New MemoryStream(buffer)
' Write the bytes to the stream and flush it.
mStream.Write(dataBytes, 0, dataBytes.Length)
mStream.Flush()
' Create a new instance of the RSACryptoServiceProvider class
' and automatically create a new key-pair.
Dim RSAalg As New RSACryptoServiceProvider
' Export the key information to an RSAParameters object.
' You must pass true to export the private key for signing.
' However, you do not need to export the private key
' for verification.
Dim Key As RSAParameters = RSAalg.ExportParameters(True)
' Hash and sign the data.
Dim signedData As Byte() = HashAndSignBytes(mStream, Key)
' Verify the data and display the result to the
' console.
If VerifySignedHash(dataBytes, signedData, Key) Then
Console.WriteLine("The data was verified.")
Else
Console.WriteLine("The data does not match the signature.")
End If
' Close the MemoryStream.
mStream.Close()
Catch e As ArgumentNullException
Console.WriteLine("The data was not signed or verified")
End Try
End Sub
Function HashAndSignBytes(ByVal DataStream As Stream, ByVal Key As RSAParameters) As Byte()
Try
' Reset the current position in the stream to
' the beginning of the stream (0). RSACryptoServiceProvider
' can't verify the data unless the stream position
' is set to the starting position of the data.
DataStream.Position = 0
' Create a new instance of RSACryptoServiceProvider using the
' key from RSAParameters.
Dim RSAalg As New RSACryptoServiceProvider
RSAalg.ImportParameters(Key)
' Hash and sign the data. Pass a new instance of SHA256
' to specify the hashing algorithm.
Return RSAalg.SignData(DataStream, SHA256.Create())
Catch e As CryptographicException
Console.WriteLine(e.Message)
Return Nothing
End Try
End Function
Function VerifySignedHash(ByVal DataToVerify() As Byte, ByVal SignedData() As Byte, ByVal Key As RSAParameters) As Boolean
Try
' Create a new instance of RSACryptoServiceProvider using the
' key from RSAParameters.
Dim RSAalg As New RSACryptoServiceProvider
RSAalg.ImportParameters(Key)
' Verify the data using the signature. Pass a new instance of SHA256
' to specify the hashing algorithm.
Return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData)
Catch e As CryptographicException
Console.WriteLine(e.Message)
Return False
End Try
End Function
End Module
Remarks
The halg parameter can accept a String, a HashAlgorithm, or a Type.
See also
Applies to
SignData(Byte[], Int32, Int32, Object)
Computes the hash value of a subset of the specified byte array using the specified hash algorithm, and signs the resulting hash value.
public:
cli::array <System::Byte> ^ SignData(cli::array <System::Byte> ^ buffer, int offset, int count, System::Object ^ halg);public byte[] SignData (byte[] buffer, int offset, int count, object halg);override this.SignData : byte[] * int * int * obj -> byte[]member this.SignData : byte[] * int * int * obj -> byte[]Public Function SignData (buffer As Byte(), offset As Integer, count As Integer, halg As Object) As Byte()Parameters
- buffer
- Byte[]
The input data to hash and sign.
- offset
- Int32
The offset into the array from which to begin using data.
- count
- Int32
The number of bytes in the array to use as data.
- halg
- Object
The hash algorithm to use to create the hash value.
Returns
Byte[]
The RSA signature for the specified data.
Exceptions
The halg parameter is null.
The halg parameter is not a valid type.
Examples
The following code example signs and verifies data.
using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Text;
array<Byte>^ HashAndSignBytes( array<Byte>^DataToSign, RSAParameters Key, int Index, int Length )
{
try
{
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
RSAalg->ImportParameters( Key );
// Hash and sign the data. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg->SignData( DataToSign, Index, Length, SHA256::Create() );
}
catch ( CryptographicException^ e )
{
Console::WriteLine( e->Message );
return nullptr;
}
}
bool VerifySignedHash( array<Byte>^DataToVerify, array<Byte>^SignedData, RSAParameters Key )
{
try
{
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
RSAalg->ImportParameters( Key );
// Verify the data using the signature. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg->VerifyData( DataToVerify, SHA256::Create(), SignedData );
}
catch ( CryptographicException^ e )
{
Console::WriteLine( e->Message );
return false;
}
}
int main()
{
try
{
// Create a UnicodeEncoder to convert between byte array and string.
ASCIIEncoding^ ByteConverter = gcnew ASCIIEncoding;
String^ dataString = "Data to Sign";
// Create byte arrays to hold original, encrypted, and decrypted data.
array<Byte>^originalData = ByteConverter->GetBytes( dataString );
array<Byte>^signedData;
array<Byte>^smallArray;
// Create a new instance of the RSACryptoServiceProvider class
// and automatically create a new key-pair.
RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
// Export the key information to an RSAParameters object.
// You must pass true to export the private key for signing.
// However, you do not need to export the private key
// for verification.
RSAParameters Key = RSAalg->ExportParameters( true );
// Hash and sign the data. Start at the fifth offset
// only use data from the next 7 bytes.
signedData = HashAndSignBytes( originalData, Key, 5, 7 );
// The previous method only signed one segment
// of the array. Create a new array for verification
// that only holds the data that was actually signed.
//
// Initialize the array.
smallArray = gcnew array<Byte>(7);
// Copy 7 bytes starting at the 5th index to
// the new array.
Array::Copy( originalData, 5, smallArray, 0, 7 );
// Verify the data and display the result to the
// console.
if ( VerifySignedHash( smallArray, signedData, Key ) )
{
Console::WriteLine( "The data was verified." );
}
else
{
Console::WriteLine( "The data does not match the signature." );
}
}
catch ( ArgumentNullException^ )
{
Console::WriteLine( "The data was not signed or verified" );
}
}
using System;
using System.Security.Cryptography;
using System.Text;
class RSACSPSample
{
static void Main()
{
try
{
// Create a UnicodeEncoder to convert between byte array and string.
ASCIIEncoding ByteConverter = new ASCIIEncoding();
string dataString = "Data to Sign";
// Create byte arrays to hold original, encrypted, and decrypted data.
byte[] originalData = ByteConverter.GetBytes(dataString);
byte[] signedData;
byte[] smallArray;
// Create a new instance of the RSACryptoServiceProvider class
// and automatically create a new key-pair.
RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();
// Export the key information to an RSAParameters object.
// You must pass true to export the private key for signing.
// However, you do not need to export the private key
// for verification.
RSAParameters Key = RSAalg.ExportParameters(true);
// Hash and sign the data. Start at the fifth offset
// only use data from the next 7 bytes.
signedData = HashAndSignBytes(originalData, Key, 5, 7 );
// The previous method only signed one segment
// of the array. Create a new array for verification
// that only holds the data that was actually signed.
//
// Initialize the array.
smallArray = new byte[7];
// Copy 7 bytes starting at the 5th index to
// the new array.
Array.Copy(originalData, 5 , smallArray, 0, 7);
// Verify the data and display the result to the
// console.
if(VerifySignedHash(smallArray, signedData, Key))
{
Console.WriteLine("The data was verified.");
}
else
{
Console.WriteLine("The data does not match the signature.");
}
}
catch(ArgumentNullException)
{
Console.WriteLine("The data was not signed or verified");
}
}
public static byte[] HashAndSignBytes(byte[] DataToSign, RSAParameters Key, int Index, int Length)
{
try
{
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();
RSAalg.ImportParameters(Key);
// Hash and sign the data. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg.SignData(DataToSign,Index,Length, SHA256.Create());
}
catch(CryptographicException e)
{
Console.WriteLine(e.Message);
return null;
}
}
public static bool VerifySignedHash(byte[] DataToVerify, byte[] SignedData, RSAParameters Key)
{
try
{
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();
RSAalg.ImportParameters(Key);
// Verify the data using the signature. Pass a new instance of SHA256
// to specify the hashing algorithm.
return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData);
}
catch(CryptographicException e)
{
Console.WriteLine(e.Message);
return false;
}
}
}
Imports System.Security.Cryptography
Imports System.Text
Module RSACSPExample
Sub Main()
Try
' Create a UnicodeEncoder to convert between byte array and string.
Dim ByteConverter As New ASCIIEncoding
Dim dataString As String = "Data to Sign"
' Create byte arrays to hold original, encrypted, and decrypted data.
Dim originalData As Byte() = ByteConverter.GetBytes(dataString)
Dim signedData() As Byte
Dim smallArray() As Byte
' Create a new instance of the RSACryptoServiceProvider class
' and automatically create a new key-pair.
Dim RSAalg As New RSACryptoServiceProvider
' Export the key information to an RSAParameters object.
' You must pass true to export the private key for signing.
' However, you do not need to export the private key
' for verification.
Dim Key As RSAParameters = RSAalg.ExportParameters(True)
' Hash and sign the data. Start at the fifth offset
' only use data from the next 7 bytes.
signedData = HashAndSignBytes(originalData, Key, 5, 7)
' The previous function only signed one segment
' of the array. Create a new array for verification
' that only holds the data that was actually signed.
'
' Initialize the array.
smallArray = New Byte(6) {}
' Copy 7 bytes starting at the 5th index to
' the new array.
Array.Copy(originalData, 5, smallArray, 0, 7)
' Verify the data and display the result to the
' console.
If VerifySignedHash(smallArray, signedData, Key) Then
Console.WriteLine("The data was verified.")
Else
Console.WriteLine("The data does not match the signature.")
End If
Catch e As ArgumentNullException
Console.WriteLine("The data was not signed or verified")
End Try
End Sub
Function HashAndSignBytes(ByVal DataToSign() As Byte, ByVal Key As RSAParameters, ByVal Index As Integer, ByVal Length As Integer) As Byte()
Try
' Create a new instance of RSACryptoServiceProvider using the
' key from RSAParameters.
Dim RSAalg As New RSACryptoServiceProvider
RSAalg.ImportParameters(Key)
' Hash and sign the data. Pass a new instance of SHA256
' to specify the hashing algorithm.
Return RSAalg.SignData(DataToSign, Index, Length, SHA256.Create())
Catch e As CryptographicException
Console.WriteLine(e.Message)
Return Nothing
End Try
End Function
Function VerifySignedHash(ByVal DataToVerify() As Byte, ByVal SignedData() As Byte, ByVal Key As RSAParameters) As Boolean
Try
' Create a new instance of RSACryptoServiceProvider using the
' key from RSAParameters.
Dim RSAalg As New RSACryptoServiceProvider
RSAalg.ImportParameters(Key)
' Verify the data using the signature. Pass a new instance of SHA256
' to specify the hashing algorithm.
Return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData)
Catch e As CryptographicException
Console.WriteLine(e.Message)
Return False
End Try
End Function
End Module
Remarks
This method creates a digital signature that is verified using the VerifyData method.
The halg parameter can accept a String, a HashAlgorithm, or a Type. The string value can be one of the following:
The object identifier (OID) friendly name of the hash algorithm to use, either a name registered in the crypto config file or one in the Crypto API OID table.
The OID value. The OID must be one recognized by the Crypto API.
For example, you could use SignData(new byte[5], "1.3.14.3.2.26") or SignData(new byte[5], "sha1"), or SignData(new byte[5], "SHA1").
See also
Applies to
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
