Export (0) Print
Expand All

RSACryptoServiceProvider.SignHash Method

Computes the signature for the specified hash value by encrypting it with the private key.

Namespace: System.Security.Cryptography
Assembly: mscorlib (in mscorlib.dll)

public:
array<unsigned char>^ SignHash (
	array<unsigned char>^ rgbHash, 
	String^ str
)
public byte[] SignHash (
	byte[] rgbHash, 
	String str
)
public function SignHash (
	rgbHash : byte[], 
	str : String
) : byte[]
Not applicable.

Parameters

rgbHash

The hash value of the data to be signed.

str

The hash algorithm identifier (OID) used to create the hash value of the data.

Return Value

The RSA signature for the specified hash value.

Exception typeCondition

ArgumentNullException

The rgbHash parameter is a null reference (Nothing in Visual Basic).

CryptographicException

The cryptographic service provider (CSP) cannot be acquired.

-or-

There is no private key.

This method creates a digital signature that is verified using the VerifyHash method.

The valid hash algorithms are SHA1 and MD5. The algorithm identifier can be derived from the hash name by using the MapNameToOID method.

The following code example encrypts some data, creates a hash of the encrypted data, and then signs hash with a digital signature.

#using <System.dll>

using namespace System;
using namespace System::Text;
using namespace System::Security::Cryptography;
ref class Sender
{
private:
   RSAParameters rsaPubParams;
   RSAParameters rsaPrivateParams;

public:
   Sender()
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      
      //Generate public and private key data.
      rsaPrivateParams = rsaCSP->ExportParameters( true );
      rsaPubParams = rsaCSP->ExportParameters( false );
   }


   property RSAParameters PublicParameters 
   {
      RSAParameters get()
      {
         return rsaPubParams;
      }

   }

   //Manually performs hash and then signs hashed value.
   array<Byte>^ HashAndSign( array<Byte>^encrypted )
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      SHA1Managed^ hash = gcnew SHA1Managed;
      array<Byte>^hashedData;
      rsaCSP->ImportParameters( rsaPrivateParams );
      hashedData = hash->ComputeHash( encrypted );
      return rsaCSP->SignHash( hashedData, CryptoConfig::MapNameToOID( "SHA1" ) );
   }


   //Encrypts using only the public key data.
   array<Byte>^ EncryptData( RSAParameters rsaParams, array<Byte>^toEncrypt )
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      rsaCSP->ImportParameters( rsaParams );
      return rsaCSP->Encrypt( toEncrypt, false );
   }

};

ref class Receiver
{
private:
   RSAParameters rsaPubParams;
   RSAParameters rsaPrivateParams;

public:
   Receiver()
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      
      //Generate public and private key data.
      rsaPrivateParams = rsaCSP->ExportParameters( true );
      rsaPubParams = rsaCSP->ExportParameters( false );
   }


   property RSAParameters PublicParameters 
   {
      RSAParameters get()
      {
         return rsaPubParams;
      }

   }

   //Manually performs hash and then verifies hashed value.
   bool VerifyHash( RSAParameters rsaParams, array<Byte>^signedData, array<Byte>^signature )
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      SHA1Managed^ hash = gcnew SHA1Managed;
      array<Byte>^hashedData;
      rsaCSP->ImportParameters( rsaParams );
      hashedData = hash->ComputeHash( signedData );
      return rsaCSP->VerifyHash( hashedData, CryptoConfig::MapNameToOID( "SHA1" ), signature );
   }


   //Decrypt using the private key data.
   void DecryptData( array<Byte>^encrypted )
   {
      array<Byte>^fromEncrypt;
      String^ roundTrip;
      ASCIIEncoding^ myAscii = gcnew ASCIIEncoding;
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      rsaCSP->ImportParameters( rsaPrivateParams );
      fromEncrypt = rsaCSP->Decrypt( encrypted, false );
      roundTrip = myAscii->GetString( fromEncrypt );
      Console::WriteLine( "RoundTrip: {0}", roundTrip );
   }

};

int main()
{
   array<Byte>^toEncrypt;
   array<Byte>^encrypted;
   array<Byte>^signature;
   
   //Choose a small amount of data to encrypt.
   String^ original = "Hello";
   ASCIIEncoding^ myAscii = gcnew ASCIIEncoding;
   
   //Create a sender and receiver.
   Sender^ mySender = gcnew Sender;
   Receiver^ myReceiver = gcnew Receiver;
   
   //Convert the data string to a byte array.
   toEncrypt = myAscii->GetBytes( original );
   
   //Encrypt data using receiver's public key.
   encrypted = mySender->EncryptData( myReceiver->PublicParameters, toEncrypt );
   
   //Hash the encrypted data and generate a signature on the hash
   // using the sender's private key.
   signature = mySender->HashAndSign( encrypted );
   Console::WriteLine( "Original: {0}", original );
   
   //Verify the signature is authentic using the sender's public key.
   if ( myReceiver->VerifyHash( mySender->PublicParameters, encrypted, signature ) )
   {
      
      //Decrypt the data using the receiver's private key.
      myReceiver->DecryptData( encrypted );
   }
   else
   {
      Console::WriteLine( "Invalid signature" );
   }
}


package RSACryptoServiceProvider_Examples; 

import System.*;
import System.Text.*;
import System.Security.Cryptography.*;

class MyMainClass
{
    public static void main(String[] args)
    {
        ubyte toEncrypt[];
        ubyte encrypted[];
        ubyte signature[];

        // Choose a small amount of data to encrypt.
        String original = "Hello";
        ASCIIEncoding myAscii = new ASCIIEncoding();

        // Create a sender and receiver.
        Sender mySender = new Sender();
        Receiver myReceiver = new Receiver();

        // Convert the data string to a byte array.
        toEncrypt = myAscii.GetBytes(original);

        // Encrypt data using receiver's public key.
        encrypted = mySender.EncryptData(myReceiver.get_PublicParameters(),
            toEncrypt);

        // Hash the encrypted data and generate a signature on the hash
        // using the sender's private key.
        signature = mySender.HashAndSign(encrypted);
        Console.WriteLine("Original: {0}", original);

        // Verify the signature is authentic using the sender's public key.
        if (myReceiver.VerifyHash(mySender.get_PublicParameters(), 
                encrypted, signature)) {
            // Decrypt the data using the receiver's private key.
            myReceiver.DecryptData(encrypted);
        }
        else {
            Console.WriteLine("Invalid signature");
        }
    } //main
} //MyMainClass

class Sender
{
    private RSAParameters rsaPubParams;
    private RSAParameters rsaPrivateParams;

    public Sender()
    {
        RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();

        // Generate public and private key data.
        rsaPrivateParams = rsaCSP.ExportParameters(true);
        rsaPubParams = rsaCSP.ExportParameters(false);
    } //Sender

    /** @property 
     */
    public RSAParameters get_PublicParameters()
    {
        return rsaPubParams;
    } //get_PublicParameters

    // Manually performs hash and then signs hashed value.
    public ubyte[] HashAndSign(ubyte encrypted[])
    {
        RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
        SHA1Managed hash = new SHA1Managed();
        ubyte hashedData[];

        rsaCSP.ImportParameters(rsaPrivateParams);
        hashedData = hash.ComputeHash(encrypted);
        return rsaCSP.SignHash(hashedData, CryptoConfig.MapNameToOID("SHA1"));
    } //HashAndSign

    // Encrypts using only the public key data.
    public ubyte[] EncryptData(RSAParameters rsaParams, ubyte toEncrypt[])
    {
        RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();

        rsaCSP.ImportParameters(rsaParams);
        return rsaCSP.Encrypt(toEncrypt, false);
    } //EncryptData
} //Sender

class Receiver
{
    private RSAParameters rsaPubParams;
    private RSAParameters rsaPrivateParams;

    public Receiver()
    {
        RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();

        // Generate public and private key data.
        rsaPrivateParams = rsaCSP.ExportParameters(true);
        rsaPubParams = rsaCSP.ExportParameters(false);
    } //Receiver

    /** @property 
     */
    public RSAParameters get_PublicParameters()
    {
        return rsaPubParams;
    } //get_PublicParameters
    
    // Manually performs hash and then verifies hashed value.
    public boolean VerifyHash(RSAParameters rsaParams, 
        ubyte signedData[], ubyte signature[])
    {
        RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
        SHA1Managed hash = new SHA1Managed();
        ubyte hashedData[];

        rsaCSP.ImportParameters(rsaParams);
        hashedData = hash.ComputeHash(signedData);
        return rsaCSP.VerifyHash(hashedData, 
            CryptoConfig.MapNameToOID("SHA1"), signature);
    } //VerifyHash

    // Decrypt using the private key data.
    public void DecryptData(ubyte encrypted[])
    {
        ubyte fromEncrypt[];
        String roundTrip;
        ASCIIEncoding myAscii = new ASCIIEncoding();
        RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();

        rsaCSP.ImportParameters(rsaPrivateParams);
        fromEncrypt = rsaCSP.Decrypt(encrypted, false);
        roundTrip = myAscii.GetString(fromEncrypt);

        Console.WriteLine("RoundTrip: {0}", roundTrip);
    } //DecryptData
} //Receiver   

Windows 98, Windows Server 2000 SP4, Windows CE, Windows Millennium Edition, Windows Mobile for Pocket PC, Windows Mobile for Smartphone, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

.NET Framework

Supported in: 3.0, 2.0, 1.1, 1.0

.NET Compact Framework

Supported in: 2.0

Community Additions

ADD
Show:
© 2014 Microsoft