RSACryptoServiceProvider.SignData Method

Definition

Computes the hash value of the specified data and signs it.

Overloads

SignData(Byte[], Object)

Computes the hash value of the specified byte array using the specified hash algorithm, and signs the resulting hash value.

SignData(Stream, Object)

Computes the hash value of the specified input stream using the specified hash algorithm, and signs the resulting hash value.

SignData(Byte[], Int32, Int32, Object)

Computes the hash value of a subset of the specified byte array using the specified hash algorithm, and signs the resulting hash value.

SignData(Byte[], Object)

Computes the hash value of the specified byte array using the specified hash algorithm, and signs the resulting hash value.

public:
 cli::array <System::Byte> ^ SignData(cli::array <System::Byte> ^ buffer, System::Object ^ halg);
public byte[] SignData (byte[] buffer, object halg);
member this.SignData : byte[] * obj -> byte[]
Public Function SignData (buffer As Byte(), halg As Object) As Byte()

Parameters

buffer
Byte[]

The input data for which to compute the hash.

halg
Object

The hash algorithm to use to create the hash value.

Returns

Byte[]

The RSA signature for the specified data.

Exceptions

The halg parameter is null.

The halg parameter is not a valid type.

Examples

The following code example signs and verifies data.

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Text;
array<Byte>^ HashAndSignBytes( array<Byte>^DataToSign, RSAParameters Key )
{
   try
   {
      
      // Create a new instance of RSACryptoServiceProvider using the 
      // key from RSAParameters.  
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
      RSAalg->ImportParameters( Key );
      
      // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider
      // to specify the use of SHA1 for hashing.
      return RSAalg->SignData( DataToSign, gcnew SHA1CryptoServiceProvider );
   }
   catch ( CryptographicException^ e ) 
   {
      Console::WriteLine( e->Message );
      return nullptr;
   }

}

bool VerifySignedHash( array<Byte>^DataToVerify, array<Byte>^SignedData, RSAParameters Key )
{
   try
   {
      
      // Create a new instance of RSACryptoServiceProvider using the 
      // key from RSAParameters.
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
      RSAalg->ImportParameters( Key );
      
      // Verify the data using the signature.  Pass a new instance of SHA1CryptoServiceProvider
      // to specify the use of SHA1 for hashing.
      return RSAalg->VerifyData( DataToVerify, gcnew SHA1CryptoServiceProvider, SignedData );
   }
   catch ( CryptographicException^ e ) 
   {
      Console::WriteLine( e->Message );
      return false;
   }

}

int main()
{
   try
   {
      
      // Create a UnicodeEncoder to convert between byte array and string.
      ASCIIEncoding^ ByteConverter = gcnew ASCIIEncoding;
      String^ dataString = "Data to Sign";
      
      // Create byte arrays to hold original, encrypted, and decrypted data.
      array<Byte>^originalData = ByteConverter->GetBytes( dataString );
      array<Byte>^signedData;
      
      // Create a new instance of the RSACryptoServiceProvider class 
      // and automatically create a new key-pair.
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
      
      // Export the key information to an RSAParameters object.
      // You must pass true to export the private key for signing.
      // However, you do not need to export the private key
      // for verification.
      RSAParameters Key = RSAalg->ExportParameters( true );
      
      // Hash and sign the data.
      signedData = HashAndSignBytes( originalData, Key );
      
      // Verify the data and display the result to the 
      // console.
      if ( VerifySignedHash( originalData, signedData, Key ) )
      {
         Console::WriteLine( "The data was verified." );
      }
      else
      {
         Console::WriteLine( "The data does not match the signature." );
      }
   }
   catch ( ArgumentNullException^ ) 
   {
      Console::WriteLine( "The data was not signed or verified" );
   }

}

using System;
using System.Security.Cryptography;
using System.Text;

class RSACSPSample
{
    static void Main()
    {
        try
        {
            // Create a UnicodeEncoder to convert between byte array and string.
            ASCIIEncoding ByteConverter = new ASCIIEncoding();

            string dataString = "Data to Sign";

            // Create byte arrays to hold original, encrypted, and decrypted data.
            byte[] originalData = ByteConverter.GetBytes(dataString);
            byte[] signedData;

            // Create a new instance of the RSACryptoServiceProvider class 
            // and automatically create a new key-pair.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();

            // Export the key information to an RSAParameters object.
            // You must pass true to export the private key for signing.
            // However, you do not need to export the private key
            // for verification.
            RSAParameters Key = RSAalg.ExportParameters(true);

            // Hash and sign the data.
            signedData = HashAndSignBytes(originalData, Key);

            // Verify the data and display the result to the 
            // console.
            if(VerifySignedHash(originalData, signedData, Key))
            {
                Console.WriteLine("The data was verified.");
            }
            else
            {
                Console.WriteLine("The data does not match the signature.");
            }

        }
        catch(ArgumentNullException)
        {
            Console.WriteLine("The data was not signed or verified");

        }
    }
    public static byte[] HashAndSignBytes(byte[] DataToSign, RSAParameters Key)
    {
        try
        {   
            // Create a new instance of RSACryptoServiceProvider using the 
            // key from RSAParameters.  
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();

            RSAalg.ImportParameters(Key);

            // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider
            // to specify the use of SHA1 for hashing.
            return RSAalg.SignData(DataToSign, new SHA1CryptoServiceProvider());
        }
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);

            return null;
        }
    }

    public static bool VerifySignedHash(byte[] DataToVerify, byte[] SignedData, RSAParameters Key)
    {
        try
        {
            // Create a new instance of RSACryptoServiceProvider using the 
            // key from RSAParameters.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();

            RSAalg.ImportParameters(Key);

            // Verify the data using the signature.  Pass a new instance of SHA1CryptoServiceProvider
            // to specify the use of SHA1 for hashing.
            return RSAalg.VerifyData(DataToVerify, new SHA1CryptoServiceProvider(), SignedData); 

        }
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);

            return false;
        }
    }
}
Imports System.Security.Cryptography
Imports System.Text

Module RSACSPExample

    Sub Main()
        Try
            ' Create a UnicodeEncoder to convert between byte array and string.
            Dim ByteConverter As New ASCIIEncoding

            Dim dataString As String = "Data to Sign"

            ' Create byte arrays to hold original, encrypted, and decrypted data.
            Dim originalData As Byte() = ByteConverter.GetBytes(dataString)
            Dim signedData() As Byte

            ' Create a new instance of the RSACryptoServiceProvider class 
            ' and automatically create a new key-pair.
            Dim RSAalg As New RSACryptoServiceProvider

            ' Export the key information to an RSAParameters object.
            ' You must pass true to export the private key for signing.
            ' However, you do not need to export the private key
            ' for verification.
            Dim Key As RSAParameters = RSAalg.ExportParameters(True)

            ' Hash and sign the data.
            signedData = HashAndSignBytes(originalData, Key)

            ' Verify the data and display the result to the 
            ' console.
            If VerifySignedHash(originalData, signedData, Key) Then
                Console.WriteLine("The data was verified.")
            Else
                Console.WriteLine("The data does not match the signature.")
            End If

        Catch e As ArgumentNullException
            Console.WriteLine("The data was not signed or verified.")
        End Try
    End Sub

    Function HashAndSignBytes(ByVal DataToSign() As Byte, ByVal Key As RSAParameters) As Byte()
        Try
            ' Create a new instance of RSACryptoServiceProvider using the 
            ' key from RSAParameters.  
            Dim RSAalg As New RSACryptoServiceProvider

            RSAalg.ImportParameters(Key)

            ' Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider
            ' to specify the use of SHA1 for hashing.
            Return RSAalg.SignData(DataToSign, New SHA1CryptoServiceProvider)
        Catch e As CryptographicException
            Console.WriteLine(e.Message)

            Return Nothing
        End Try
    End Function


    Function VerifySignedHash(ByVal DataToVerify() As Byte, ByVal SignedData() As Byte, ByVal Key As RSAParameters) As Boolean
        Try
            ' Create a new instance of RSACryptoServiceProvider using the 
            ' key from RSAParameters.
            Dim RSAalg As New RSACryptoServiceProvider

            RSAalg.ImportParameters(Key)

            ' Verify the data using the signature.  Pass a new instance of SHA1CryptoServiceProvider
            ' to specify the use of SHA1 for hashing.
            Return RSAalg.VerifyData(DataToVerify, New SHA1CryptoServiceProvider, SignedData)

        Catch e As CryptographicException
            Console.WriteLine(e.Message)

            Return False
        End Try
    End Function
End Module

Remarks

This method creates a digital signature that is verified using the VerifyData method.

The halg parameter can accept a String, a HashAlgorithm, or a Type.

See also

SignData(Stream, Object)

Computes the hash value of the specified input stream using the specified hash algorithm, and signs the resulting hash value.

public:
 cli::array <System::Byte> ^ SignData(System::IO::Stream ^ inputStream, System::Object ^ halg);
public byte[] SignData (System.IO.Stream inputStream, object halg);
member this.SignData : System.IO.Stream * obj -> byte[]
Public Function SignData (inputStream As Stream, halg As Object) As Byte()

Parameters

inputStream
Stream

The input data for which to compute the hash.

halg
Object

The hash algorithm to use to create the hash value.

Returns

Byte[]

The RSA signature for the specified data.

Exceptions

The halg parameter is null.

The halg parameter is not a valid type.

Examples

The following code example signs and verifies data.

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Text;
using namespace System::IO;
array<Byte>^ HashAndSignBytes( Stream^ DataStream, RSAParameters Key )
{
   try
   {
      
      // Reset the current position in the stream to 
      // the beginning of the stream (0). RSACryptoServiceProvider
      // can't verify the data unless the stream position
      // is set to the starting position of the data.
      DataStream->Position = 0;
      
      // Create a new instance of RSACryptoServiceProvider using the 
      // key from RSAParameters.  
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
      RSAalg->ImportParameters( Key );
      
      // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider
      // to specify the use of SHA1 for hashing.
      return RSAalg->SignData( DataStream, gcnew SHA1CryptoServiceProvider );
   }
   catch ( CryptographicException^ e ) 
   {
      Console::WriteLine( e->Message );
      return nullptr;
   }

}

bool VerifySignedHash( array<Byte>^DataToVerify, array<Byte>^SignedData, RSAParameters Key )
{
   try
   {
      
      // Create a new instance of RSACryptoServiceProvider using the 
      // key from RSAParameters.
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
      RSAalg->ImportParameters( Key );
      
      // Verify the data using the signature.  Pass a new instance of SHA1CryptoServiceProvider
      // to specify the use of SHA1 for hashing.
      return RSAalg->VerifyData( DataToVerify, gcnew SHA1CryptoServiceProvider, SignedData );
   }
   catch ( CryptographicException^ e ) 
   {
      Console::WriteLine( e->Message );
      return false;
   }

}

int main()
{
   try
   {
      ASCIIEncoding^ ByteConverter = gcnew ASCIIEncoding;
      
      // Create some bytes to be signed.
      array<Byte>^dataBytes = ByteConverter->GetBytes( "Here is some data to sign!" );
      
      // Create a buffer for the memory stream.
      array<Byte>^buffer = gcnew array<Byte>(dataBytes->Length);
      
      // Create a MemoryStream.
      MemoryStream^ mStream = gcnew MemoryStream( buffer );
      
      // Write the bytes to the stream and flush it.
      mStream->Write( dataBytes, 0, dataBytes->Length );
      mStream->Flush();
      
      // Create a new instance of the RSACryptoServiceProvider class 
      // and automatically create a new key-pair.
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
      
      // Export the key information to an RSAParameters object.
      // You must pass true to export the private key for signing.
      // However, you do not need to export the private key
      // for verification.
      RSAParameters Key = RSAalg->ExportParameters( true );
      
      // Hash and sign the data.
      array<Byte>^signedData = HashAndSignBytes( mStream, Key );
      
      // Verify the data and display the result to the 
      // console.
      if ( VerifySignedHash( dataBytes, signedData, Key ) )
      {
         Console::WriteLine( "The data was verified." );
      }
      else
      {
         Console::WriteLine( "The data does not match the signature." );
      }
      
      // Close the MemoryStream.
      mStream->Close();
   }
   catch ( ArgumentNullException^ ) 
   {
      Console::WriteLine( "The data was not signed or verified" );
   }

}

using System;
using System.Security.Cryptography;
using System.Text;
using System.IO;

class RSACSPSample
{
    static void Main()
    {
        try
        {
            ASCIIEncoding ByteConverter = new ASCIIEncoding();

            // Create some bytes to be signed.
            byte[] dataBytes = ByteConverter.GetBytes("Here is some data to sign!");
   
            // Create a buffer for the memory stream.
            byte[] buffer = new byte[dataBytes.Length];

            // Create a MemoryStream.
            MemoryStream mStream = new MemoryStream(buffer);

            // Write the bytes to the stream and flush it.
            mStream.Write(dataBytes, 0, dataBytes.Length);

            mStream.Flush();

            // Create a new instance of the RSACryptoServiceProvider class 
            // and automatically create a new key-pair.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();

            // Export the key information to an RSAParameters object.
            // You must pass true to export the private key for signing.
            // However, you do not need to export the private key
            // for verification.
            RSAParameters Key = RSAalg.ExportParameters(true);

            // Hash and sign the data.
            byte[] signedData = HashAndSignBytes(mStream, Key);
           

            // Verify the data and display the result to the 
            // console.
            if(VerifySignedHash(dataBytes, signedData, Key))
            {
                Console.WriteLine("The data was verified.");
            }
            else
            {
                Console.WriteLine("The data does not match the signature.");
            } 
            
            // Close the MemoryStream.
            mStream.Close();

        }
        catch(ArgumentNullException)
        {
            Console.WriteLine("The data was not signed or verified");

        }
    }
    public static byte[] HashAndSignBytes(Stream DataStream, RSAParameters Key)
    {
        try
        { 
            // Reset the current position in the stream to 
            // the beginning of the stream (0). RSACryptoServiceProvider
            // can't verify the data unless the stream position
            // is set to the starting position of the data.
            DataStream.Position = 0;

            // Create a new instance of RSACryptoServiceProvider using the 
            // key from RSAParameters.  
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();

            RSAalg.ImportParameters(Key);

            // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider
            // to specify the use of SHA1 for hashing.
            return RSAalg.SignData(DataStream, new SHA1CryptoServiceProvider());
        }
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);

            return null;
        }
    }

    public static bool VerifySignedHash(byte[] DataToVerify, byte[] SignedData, RSAParameters Key)
    {
        try
        {
            // Create a new instance of RSACryptoServiceProvider using the 
            // key from RSAParameters.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();

            RSAalg.ImportParameters(Key);

            // Verify the data using the signature.  Pass a new instance of SHA1CryptoServiceProvider
            // to specify the use of SHA1 for hashing.
            return RSAalg.VerifyData(DataToVerify, new SHA1CryptoServiceProvider(), SignedData); 

        }
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);

            return false;
        }
    }
}
Imports System.Security.Cryptography
Imports System.Text
Imports System.IO

Module RSACSPExample

    Sub Main()
        Try
            Dim ByteConverter As New ASCIIEncoding

            ' Create some bytes to be signed.
            Dim dataBytes As Byte() = ByteConverter.GetBytes("Here is some data to sign!")

            ' Create a buffer for the memory stream.
            ' VB automatically pads arrays with an extra 
            ' Digit of "0".
            ' RSACryptoServiceProvider will not verify
            ' the buffer if the automatic padding is 
            ' present.  To remove the padding, decrement
            ' the buffer length by 1.
            Dim buffer(dataBytes.Length - 1) As Byte

            ' Create a MemoryStream.
            Dim mStream As New MemoryStream(buffer)

            ' Write the bytes to the stream and flush it.
            mStream.Write(dataBytes, 0, dataBytes.Length)

            mStream.Flush()

            ' Create a new instance of the RSACryptoServiceProvider class 
            ' and automatically create a new key-pair.
            Dim RSAalg As New RSACryptoServiceProvider

            ' Export the key information to an RSAParameters object.
            ' You must pass true to export the private key for signing.
            ' However, you do not need to export the private key
            ' for verification.
            Dim Key As RSAParameters = RSAalg.ExportParameters(True)

            ' Hash and sign the data.
            Dim signedData As Byte() = HashAndSignBytes(mStream, Key)


            ' Verify the data and display the result to the 
            ' console.
            If VerifySignedHash(dataBytes, signedData, Key) Then
                Console.WriteLine("The data was verified.")
            Else
                Console.WriteLine("The data does not match the signature.")
            End If

            ' Close the MemoryStream.
            mStream.Close()

        Catch e As ArgumentNullException
            Console.WriteLine("The data was not signed or verified")
        End Try
    End Sub 

    Function HashAndSignBytes(ByVal DataStream As Stream, ByVal Key As RSAParameters) As Byte()
        Try
            ' Reset the current position in the stream to 
            ' the beginning of the stream (0). RSACryptoServiceProvider
            ' can't verify the data unless the stream position
            ' is set to the starting position of the data.
            DataStream.Position = 0

            ' Create a new instance of RSACryptoServiceProvider using the 
            ' key from RSAParameters.  
            Dim RSAalg As New RSACryptoServiceProvider

            RSAalg.ImportParameters(Key)

            ' Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider
            ' to specify the use of SHA1 for hashing.
            Return RSAalg.SignData(DataStream, New SHA1CryptoServiceProvider)
        Catch e As CryptographicException
            Console.WriteLine(e.Message)

            Return Nothing
        End Try
    End Function 


    Function VerifySignedHash(ByVal DataToVerify() As Byte, ByVal SignedData() As Byte, ByVal Key As RSAParameters) As Boolean
        Try
            ' Create a new instance of RSACryptoServiceProvider using the 
            ' key from RSAParameters.
            Dim RSAalg As New RSACryptoServiceProvider

            RSAalg.ImportParameters(Key)

            ' Verify the data using the signature.  Pass a new instance of SHA1CryptoServiceProvider
            ' to specify the use of SHA1 for hashing.
            Return RSAalg.VerifyData(DataToVerify, New SHA1CryptoServiceProvider, SignedData)

        Catch e As CryptographicException
            Console.WriteLine(e.Message)

            Return False
        End Try
    End Function 
End Module

Remarks

The halg parameter can accept a String, a HashAlgorithm, or a Type.

See also

SignData(Byte[], Int32, Int32, Object)

Computes the hash value of a subset of the specified byte array using the specified hash algorithm, and signs the resulting hash value.

public:
 cli::array <System::Byte> ^ SignData(cli::array <System::Byte> ^ buffer, int offset, int count, System::Object ^ halg);
public byte[] SignData (byte[] buffer, int offset, int count, object halg);
member this.SignData : byte[] * int * int * obj -> byte[]
Public Function SignData (buffer As Byte(), offset As Integer, count As Integer, halg As Object) As Byte()

Parameters

buffer
Byte[]

The input data for which to compute the hash.

offset
Int32

The offset into the array from which to begin using data.

count
Int32

The number of bytes in the array to use as data.

halg
Object

The hash algorithm to use to create the hash value.

Returns

Byte[]

The RSA signature for the specified data.

Exceptions

The halg parameter is null.

The halg parameter is not a valid type.

Examples

The following code example signs and verifies data.

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Text;
array<Byte>^ HashAndSignBytes( array<Byte>^DataToSign, RSAParameters Key, int Index, int Length )
{
   try
   {
      
      // Create a new instance of RSACryptoServiceProvider using the 
      // key from RSAParameters.  
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
      RSAalg->ImportParameters( Key );
      
      // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider
      // to specify the use of SHA1 for hashing.
      return RSAalg->SignData( DataToSign, Index, Length, gcnew SHA1CryptoServiceProvider );
   }
   catch ( CryptographicException^ e ) 
   {
      Console::WriteLine( e->Message );
      return nullptr;
   }

}

bool VerifySignedHash( array<Byte>^DataToVerify, array<Byte>^SignedData, RSAParameters Key )
{
   try
   {
      
      // Create a new instance of RSACryptoServiceProvider using the 
      // key from RSAParameters.
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
      RSAalg->ImportParameters( Key );
      
      // Verify the data using the signature.  Pass a new instance of SHA1CryptoServiceProvider
      // to specify the use of SHA1 for hashing.
      return RSAalg->VerifyData( DataToVerify, gcnew SHA1CryptoServiceProvider, SignedData );
   }
   catch ( CryptographicException^ e ) 
   {
      Console::WriteLine( e->Message );
      return false;
   }

}

int main()
{
   try
   {
      
      // Create a UnicodeEncoder to convert between byte array and string.
      ASCIIEncoding^ ByteConverter = gcnew ASCIIEncoding;
      String^ dataString = "Data to Sign";
      
      // Create byte arrays to hold original, encrypted, and decrypted data.
      array<Byte>^originalData = ByteConverter->GetBytes( dataString );
      array<Byte>^signedData;
      array<Byte>^smallArray;
      
      // Create a new instance of the RSACryptoServiceProvider class 
      // and automatically create a new key-pair.
      RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider;
      
      // Export the key information to an RSAParameters object.
      // You must pass true to export the private key for signing.
      // However, you do not need to export the private key
      // for verification.
      RSAParameters Key = RSAalg->ExportParameters( true );
      
      // Hash and sign the data.  Start at the fifth offset
      // only use data from the next 7 bytes.
      signedData = HashAndSignBytes( originalData, Key, 5, 7 );
      
      // The previous method only signed one segment
      // of the array.  Create a new array for verification
      // that only holds the data that was actually signed.
      //
      // Initialize the array.
      smallArray = gcnew array<Byte>(7);
      
      // Copy 7 bytes starting at the 5th index to 
      // the new array.
      Array::Copy( originalData, 5, smallArray, 0, 7 );
      
      // Verify the data and display the result to the 
      // console.  
      if ( VerifySignedHash( smallArray, signedData, Key ) )
      {
         Console::WriteLine( "The data was verified." );
      }
      else
      {
         Console::WriteLine( "The data does not match the signature." );
      }
   }
   catch ( ArgumentNullException^ ) 
   {
      Console::WriteLine( "The data was not signed or verified" );
   }

}

using System;
using System.Security.Cryptography;
using System.Text;

class RSACSPSample
{
    static void Main()
    {
        try
        {
            // Create a UnicodeEncoder to convert between byte array and string.
            ASCIIEncoding ByteConverter = new ASCIIEncoding();

            string dataString = "Data to Sign";

            // Create byte arrays to hold original, encrypted, and decrypted data.
            byte[] originalData = ByteConverter.GetBytes(dataString);
            byte[] signedData;
            byte[] smallArray;

            // Create a new instance of the RSACryptoServiceProvider class 
            // and automatically create a new key-pair.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();

            // Export the key information to an RSAParameters object.
            // You must pass true to export the private key for signing.
            // However, you do not need to export the private key
            // for verification.
            RSAParameters Key = RSAalg.ExportParameters(true);

            // Hash and sign the data.  Start at the fifth offset
            // only use data from the next 7 bytes.
            signedData = HashAndSignBytes(originalData, Key, 5, 7 );

            // The previous method only signed one segment
            // of the array.  Create a new array for verification
            // that only holds the data that was actually signed.
            //
            // Initialize the array.
            smallArray = new byte[7];
            // Copy 7 bytes starting at the 5th index to 
            // the new array.
            Array.Copy(originalData, 5 , smallArray, 0, 7); 

            // Verify the data and display the result to the 
            // console.  
            if(VerifySignedHash(smallArray, signedData, Key))
            {
                Console.WriteLine("The data was verified.");
            }
            else
            {
                Console.WriteLine("The data does not match the signature.");
            }

        }
        catch(ArgumentNullException)
        {
            Console.WriteLine("The data was not signed or verified");

        }
    }
    public static byte[] HashAndSignBytes(byte[] DataToSign, RSAParameters Key, int Index, int Length)
    {
        try
        {   
            // Create a new instance of RSACryptoServiceProvider using the 
            // key from RSAParameters.  
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();

            RSAalg.ImportParameters(Key);

            // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider
            // to specify the use of SHA1 for hashing.
            return RSAalg.SignData(DataToSign,Index,Length, new SHA1CryptoServiceProvider());
        }
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);

            return null;
        }
    }

    public static bool VerifySignedHash(byte[] DataToVerify, byte[] SignedData, RSAParameters Key)
    {
        try
        {
            // Create a new instance of RSACryptoServiceProvider using the 
            // key from RSAParameters.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();

            RSAalg.ImportParameters(Key);

            // Verify the data using the signature.  Pass a new instance of SHA1CryptoServiceProvider
            // to specify the use of SHA1 for hashing.
            return RSAalg.VerifyData(DataToVerify, new SHA1CryptoServiceProvider(), SignedData); 

        }
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);

            return false;
        }
    }
}
Imports System.Security.Cryptography
Imports System.Text

Module RSACSPExample

    Sub Main()
        Try
            ' Create a UnicodeEncoder to convert between byte array and string.
            Dim ByteConverter As New ASCIIEncoding

            Dim dataString As String = "Data to Sign"

            ' Create byte arrays to hold original, encrypted, and decrypted data.
            Dim originalData As Byte() = ByteConverter.GetBytes(dataString)
            Dim signedData() As Byte
            Dim smallArray() As Byte

            ' Create a new instance of the RSACryptoServiceProvider class 
            ' and automatically create a new key-pair.
            Dim RSAalg As New RSACryptoServiceProvider

            ' Export the key information to an RSAParameters object.
            ' You must pass true to export the private key for signing.
            ' However, you do not need to export the private key
            ' for verification.
            Dim Key As RSAParameters = RSAalg.ExportParameters(True)

            ' Hash and sign the data.  Start at the fifth offset
            ' only use data from the next 7 bytes.
            signedData = HashAndSignBytes(originalData, Key, 5, 7)

            ' The previous function only signed one segment
            ' of the array.  Create a new array for verification
            ' that only holds the data that was actually signed.
            '
            ' Initialize the array.
            smallArray = New Byte(6) {}
            ' Copy 7 bytes starting at the 5th index to 
            ' the new array.
            Array.Copy(originalData, 5, smallArray, 0, 7)

            ' Verify the data and display the result to the 
            ' console.  
            If VerifySignedHash(smallArray, signedData, Key) Then
                Console.WriteLine("The data was verified.")
            Else
                Console.WriteLine("The data does not match the signature.")
            End If

        Catch e As ArgumentNullException
            Console.WriteLine("The data was not signed or verified")
        End Try
    End Sub

    Function HashAndSignBytes(ByVal DataToSign() As Byte, ByVal Key As RSAParameters, ByVal Index As Integer, ByVal Length As Integer) As Byte()
        Try
            ' Create a new instance of RSACryptoServiceProvider using the 
            ' key from RSAParameters.  
            Dim RSAalg As New RSACryptoServiceProvider

            RSAalg.ImportParameters(Key)

            ' Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider
            ' to specify the use of SHA1 for hashing.
            Return RSAalg.SignData(DataToSign, Index, Length, New SHA1CryptoServiceProvider)
        Catch e As CryptographicException
            Console.WriteLine(e.Message)

            Return Nothing
        End Try
    End Function


    Function VerifySignedHash(ByVal DataToVerify() As Byte, ByVal SignedData() As Byte, ByVal Key As RSAParameters) As Boolean
        Try
            ' Create a new instance of RSACryptoServiceProvider using the 
            ' key from RSAParameters.
            Dim RSAalg As New RSACryptoServiceProvider

            RSAalg.ImportParameters(Key)

            ' Verify the data using the signature.  Pass a new instance of SHA1CryptoServiceProvider
            ' to specify the use of SHA1 for hashing.
            Return RSAalg.VerifyData(DataToVerify, New SHA1CryptoServiceProvider, SignedData)

        Catch e As CryptographicException
            Console.WriteLine(e.Message)

            Return False
        End Try
    End Function
End Module

Remarks

This method creates a digital signature that is verified using the VerifyData method.

The halg parameter can accept a String, a HashAlgorithm, or a Type. The string value can be one of the following:

  • The object identifier (OID) friendly name of the hash algorithm to use, either a name registered in the crypto config file or one in the Crypto API OID table.

  • The OID value. The OID must be one recognized by the Crypto API.

For example, you could use SignData(new byte[5], "1.3.14.3.2.26") or SignData(new byte[5], "sha1"), or SignData(new byte[5], "SHA1").

See also

Applies to