RSACryptoServiceProvider::SignData Method (array<Byte>^, Int32, Int32, Object^)

 
System_CAPS_noteNote

The .NET API Reference documentation has a new home. Visit the .NET API Browser on docs.microsoft.com to see the new experience.

Computes the hash value of a subset of the specified byte array using the specified hash algorithm, and signs the resulting hash value.

Namespace:   System.Security.Cryptography
Assembly:  mscorlib (in mscorlib.dll)

public:
array<unsigned char>^ SignData(
	array<unsigned char>^ buffer,
	int offset,
	int count,
	Object^ halg
)

Parameters

buffer
Type: array<System::Byte>^

The input data for which to compute the hash.

offset
Type: System::Int32

The offset into the array from which to begin using data.

count
Type: System::Int32

The number of bytes in the array to use as data.

halg
Type: System::Object^

The hash algorithm to use to create the hash value.

Return Value

Type: array<System::Byte>^

The RSA signature for the specified data.

Exception Condition
ArgumentNullException

The halg parameter is null.

ArgumentException

The halg parameter is not a valid type.

This method creates a digital signature that is verified using the VerifyData method.

The halg parameter can accept a String, a HashAlgorithm, or a Type. The string value can be one of the following:

  • The object identifier (OID) friendly name of the hash algorithm to use, either a name registered in the crypto config file or one in the Crypto API OID table.

  • The OID value. The OID must be one recognized by the Crypto API.

For example, you could use SignData(new byte[5], "1.3.14.3.2.26") or SignData(new byte[5], "sha1"), or SignData(new byte[5], "SHA1").

The following code example signs and verifies data.

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Text;
array<Byte>^ HashAndSignBytes( array<Byte>^DataToSign, RSAParameters Key, int Index, int Length )
{
   try
   {

      // Create a new instance of RSACryptoServiceProvider using the 
      // key from RSAParameters.  
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
      RSAalg->ImportParameters( Key );

      // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider
      // to specify the use of SHA1 for hashing.
      return RSAalg->SignData( DataToSign, Index, Length, gcnew SHA1CryptoServiceProvider );
   }
   catch ( CryptographicException^ e ) 
   {
      Console::WriteLine( e->Message );
      return nullptr;
   }

}

bool VerifySignedHash( array<Byte>^DataToVerify, array<Byte>^SignedData, RSAParameters Key )
{
   try
   {

      // Create a new instance of RSACryptoServiceProvider using the 
      // key from RSAParameters.
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
      RSAalg->ImportParameters( Key );

      // Verify the data using the signature.  Pass a new instance of SHA1CryptoServiceProvider
      // to specify the use of SHA1 for hashing.
      return RSAalg->VerifyData( DataToVerify, gcnew SHA1CryptoServiceProvider, SignedData );
   }
   catch ( CryptographicException^ e ) 
   {
      Console::WriteLine( e->Message );
      return false;
   }

}

int main()
{
   try
   {

      // Create a UnicodeEncoder to convert between byte array and string.
      ASCIIEncoding^ ByteConverter = gcnew ASCIIEncoding;
      String^ dataString = "Data to Sign";

      // Create byte arrays to hold original, encrypted, and decrypted data.
      array<Byte>^originalData = ByteConverter->GetBytes( dataString );
      array<Byte>^signedData;
      array<Byte>^smallArray;

      // Create a new instance of the RSACryptoServiceProvider class 
      // and automatically create a new key-pair.
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;

      // Export the key information to an RSAParameters object.
      // You must pass true to export the private key for signing.
      // However, you do not need to export the private key
      // for verification.
      RSAParameters Key = RSAalg->ExportParameters( true );

      // Hash and sign the data.  Start at the fifth offset
      // only use data from the next 7 bytes.
      signedData = HashAndSignBytes( originalData, Key, 5, 7 );

      // The previous method only signed one segment
      // of the array.  Create a new array for verification
      // that only holds the data that was actually signed.
      //
      // Initialize the array.
      smallArray = gcnew array<Byte>(7);

      // Copy 7 bytes starting at the 5th index to 
      // the new array.
      Array::Copy( originalData, 5, smallArray, 0, 7 );

      // Verify the data and display the result to the 
      // console.  
      if ( VerifySignedHash( smallArray, signedData, Key ) )
      {
         Console::WriteLine( "The data was verified." );
      }
      else
      {
         Console::WriteLine( "The data does not match the signature." );
      }
   }
   catch ( ArgumentNullException^ ) 
   {
      Console::WriteLine( "The data was not signed or verified" );
   }

}

.NET Framework
Available since 1.1
Windows Phone Silverlight
Available since 7.1
Return to top
Show: