Home Library Learn Downloads Support Community
Sign in | United States - English | |
0 out of 1 rated this helpful - Rate this topic

RSACryptoServiceProvider.SignHash Method

.NET Framework 4

Computes the signature for the specified hash value by encrypting it with the private key.

Namespace:  System.Security.Cryptography
Assembly:  mscorlib (in mscorlib.dll)
C#
C++
F#
VB
Copy 
public byte[] SignHash(
	byte[] rgbHash,
	string str
)

Parameters

rgbHash
Type: System.Byte[]
The hash value of the data to be signed.
str
Type: System.String
The hash algorithm identifier (OID) used to create the hash value of the data.

Return Value

Type: System.Byte[]
The RSA signature for the specified hash value.
Exception Condition
ArgumentNullException

The rgbHash parameter is null.

CryptographicException

The cryptographic service provider (CSP) cannot be acquired.

-or-

There is no private key.

This method creates a digital signature that is verified using the VerifyHash method.

The valid hash algorithms are SHA1 and MD5. The algorithm identifier can be derived from the hash name by using the MapNameToOID method.

The following code example encrypts some data, creates a hash of the encrypted data, and then signs hash with a digital signature.

C++
VB
Copy 

#using <System.dll>

using namespace System;
using namespace System::Text;
using namespace System::Security::Cryptography;
ref class Sender
{
private:
   RSAParameters rsaPubParams;
   RSAParameters rsaPrivateParams;

public:
   Sender()
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;

      //Generate public and private key data.
      rsaPrivateParams = rsaCSP->ExportParameters( true );
      rsaPubParams = rsaCSP->ExportParameters( false );
   }


   property RSAParameters PublicParameters 
   {
      RSAParameters get()
      {
         return rsaPubParams;
      }

   }

   //Manually performs hash and then signs hashed value.
   array<Byte>^ HashAndSign( array<Byte>^encrypted )
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      SHA1Managed^ hash = gcnew SHA1Managed;
      array<Byte>^hashedData;
      rsaCSP->ImportParameters( rsaPrivateParams );
      hashedData = hash->ComputeHash( encrypted );
      return rsaCSP->SignHash( hashedData, CryptoConfig::MapNameToOID( "SHA1" ) );
   }


   //Encrypts using only the public key data.
   array<Byte>^ EncryptData( RSAParameters rsaParams, array<Byte>^toEncrypt )
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      rsaCSP->ImportParameters( rsaParams );
      return rsaCSP->Encrypt( toEncrypt, false );
   }

};

ref class Receiver
{
private:
   RSAParameters rsaPubParams;
   RSAParameters rsaPrivateParams;

public:
   Receiver()
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;

      //Generate public and private key data.
      rsaPrivateParams = rsaCSP->ExportParameters( true );
      rsaPubParams = rsaCSP->ExportParameters( false );
   }


   property RSAParameters PublicParameters 
   {
      RSAParameters get()
      {
         return rsaPubParams;
      }

   }

   //Manually performs hash and then verifies hashed value.
   bool VerifyHash( RSAParameters rsaParams, array<Byte>^signedData, array<Byte>^signature )
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      SHA1Managed^ hash = gcnew SHA1Managed;
      array<Byte>^hashedData;
      rsaCSP->ImportParameters( rsaParams );
	  bool dataOK = rsaCSP->VerifyData(signedData, CryptoConfig::MapNameToOID("SHA1"), signature);
      hashedData = hash->ComputeHash( signedData );
      return rsaCSP->VerifyHash( hashedData, CryptoConfig::MapNameToOID( "SHA1" ), signature );
   }


   //Decrypt using the private key data.
   void DecryptData( array<Byte>^encrypted )
   {
      array<Byte>^fromEncrypt;
      String^ roundTrip;
      ASCIIEncoding^ myAscii = gcnew ASCIIEncoding;
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      rsaCSP->ImportParameters( rsaPrivateParams );
      fromEncrypt = rsaCSP->Decrypt( encrypted, false );
      roundTrip = myAscii->GetString( fromEncrypt );
      Console::WriteLine( "RoundTrip: {0}", roundTrip );
   }

};

int main()
{
   array<Byte>^toEncrypt;
   array<Byte>^encrypted;
   array<Byte>^signature;

   //Choose a small amount of data to encrypt.
   String^ original = "Hello";
   ASCIIEncoding^ myAscii = gcnew ASCIIEncoding;

   //Create a sender and receiver.
   Sender^ mySender = gcnew Sender;
   Receiver^ myReceiver = gcnew Receiver;

   //Convert the data string to a byte array.
   toEncrypt = myAscii->GetBytes( original );

   //Encrypt data using receiver's public key.
   encrypted = mySender->EncryptData( myReceiver->PublicParameters, toEncrypt );

   //Hash the encrypted data and generate a signature on the hash
   // using the sender's private key.
   signature = mySender->HashAndSign( encrypted );
   Console::WriteLine( "Original: {0}", original );

   //Verify the signature is authentic using the sender's public key.
   if ( myReceiver->VerifyHash( mySender->PublicParameters, encrypted, signature ) )
   {

      //Decrypt the data using the receiver's private key.
      myReceiver->DecryptData( encrypted );
   }
   else
   {
      Console::WriteLine( "Invalid signature" );
   }
}

.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1, 1.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Did you find this helpful?
(1500 characters remaining)
Community Content Add
Annotations FAQ