question

SUBRAMANIANPrabhakaran-8794 avatar image
0 Votes"
SUBRAMANIANPrabhakaran-8794 asked JunjieZhu-MSFT edited

How to implement NCryptSignHash and NCryptVerifySignature in C#?

Hi Team,
How to implement CNG Key storage functions NCryptSignHash and NCryptVerifySignature in C#?

https://docs.microsoft.com/en-us/windows/win32/seccng/cng-key-storage-functions

Please share me code in C#.

Regards,
Prabs

dotnet-csharpwindows-apidotnet-runtime
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JunjieZhu-MSFT avatar image
0 Votes"
JunjieZhu-MSFT answered SUBRAMANIANPrabhakaran-8794 commented

Hello,
Welcome to Microsoft Q&A!

In C# you can use the SignHash and VerifyHash methods of the RSACryptoServiceProvider class, which computes the signature for the specified hash value and verifies that a digital signature is valid. Here is an example of verify signature.

  public static void VerifyLegacySignVerifyHash(bool useLegacySign, bool useLegacyVerify)
         {
             byte[] dataHash, signature;
    
             using (HashAlgorithm hash = SHA256.Create())
             {
                 dataHash = hash.ComputeHash(TestData.HelloBytes);
             }
    
             using (var rsa = new RSACryptoServiceProvider())
             {
                 rsa.ImportParameters(TestData.RSA2048Params);
    
                 signature = useLegacySign ?
                     rsa.SignHash(dataHash, "SHA256") :
                     rsa.SignHash(dataHash, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
             }
    
             bool verified;
    
             using (var rsa = new RSACryptoServiceProvider())
             {
                 rsa.ImportParameters(
                     new RSAParameters
                     {
                         Modulus = TestData.RSA2048Params.Modulus,
                         Exponent = TestData.RSA2048Params.Exponent,
                     });
    
                 verified = useLegacyVerify ?
                     rsa.VerifyHash(dataHash, "SHA256", signature) :
                     rsa.VerifyHash(dataHash, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
             }
    
             Assert.True(verified);
         }

You can also load ncrypt.dll in c# by DllImport ,@Castorix31 already answered in your last question.

Thank you.


If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello, Thanks for your response.
@Castorix31 not mentioned NCryptSignHash and NCryptVerifySignature methods.
Please share me code about NCryptSignHash and NCryptVerifySignature methods using ncrypt.dll

0 Votes 0 ·
JunjieZhu-MSFT avatar image JunjieZhu-MSFT SUBRAMANIANPrabhakaran-8794 ·

You can look at this example ,how it call ncrypt.dll is here. I hope it helps.


0 Votes 0 ·

I have seen your example.
How to call these methods from main.
What are the parameter values needs to be passed for SignHash and VerifyHash methods?

0 Votes 0 ·
Show more comments
JunjieZhu-MSFT avatar image
0 Votes"
JunjieZhu-MSFT answered JunjieZhu-MSFT edited

In fact, the method of calling them is the same. I suggest you have a look at Castorix31's reply in your last qusetion How to implement NCryptEncrypt and NCryptDecrypt methods in C# using Microsoft Key Storage Provider? , Here is code sample [https://github.com/itbetaw/TPlus-.netCore-/search?q=NCryptSignHash].

     [DllImport("ncrypt.dll", CharSet=CharSet.None, ExactSpelling=false)]
     public static extern uint NCryptSignHash(SafeNCryptKeyHandle hKey, ref BCrypt.BCRYPT_PSS_PADDING_INFO pPaddingInfo, byte[] pbHashValue, int cbHashValue, byte[] pbSignature, int cbSignature, out uint pcbResult, uint dwFlags);
        
     [DllImport("ncrypt.dll", CharSet=CharSet.None, ExactSpelling=false)]
     public static extern uint NCryptVerifySignature(SafeNCryptKeyHandle hKey, ref BCrypt.BCRYPT_PSS_PADDING_INFO pPaddingInfo, byte[] pbHashValue, int cbHashValue, byte[] pbSignature, int cbSignature, uint dwFlags);


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.