RSACryptoServiceProvider.SignHash RSACryptoServiceProvider.SignHash RSACryptoServiceProvider.SignHash RSACryptoServiceProvider.SignHash Method

定義

指定したハッシュ値を秘密キーで暗号化することにより、そのハッシュ値の署名を計算します。Computes the signature for the specified hash value by encrypting it with the private key.

オーバーロード

SignHash(Byte[], String) SignHash(Byte[], String) SignHash(Byte[], String) SignHash(Byte[], String)

指定したハッシュ値を秘密キーで暗号化することにより、そのハッシュ値の署名を計算します。Computes the signature for the specified hash value by encrypting it with the private key.

SignHash(Byte[], HashAlgorithmName, RSASignaturePadding) SignHash(Byte[], HashAlgorithmName, RSASignaturePadding) SignHash(Byte[], HashAlgorithmName, RSASignaturePadding) SignHash(Byte[], HashAlgorithmName, RSASignaturePadding)

指定したパディングを使用して秘密キーで暗号化し、指定したハッシュ値の署名を計算します。Computes the signature for the specified hash value by encrypting it with the private key using the specified padding.

SignHash(Byte[], String) SignHash(Byte[], String) SignHash(Byte[], String) SignHash(Byte[], String)

指定したハッシュ値を秘密キーで暗号化することにより、そのハッシュ値の署名を計算します。Computes the signature for the specified hash value by encrypting it with the private key.

public:
 cli::array <System::Byte> ^ SignHash(cli::array <System::Byte> ^ rgbHash, System::String ^ str);
public byte[] SignHash (byte[] rgbHash, string str);
member this.SignHash : byte[] * string -> byte[]
Public Function SignHash (rgbHash As Byte(), str As String) As Byte()

パラメーター

rgbHash
Byte[]

署名されたデータのハッシュ値。The hash value of the data to be signed.

str
String String String String

データのハッシュ値の作成に使用するハッシュ アルゴリズム識別子 (OID)。The hash algorithm identifier (OID) used to create the hash value of the data.

戻り値

Byte[]

指定したハッシュ値に対する RSA 署名。The RSA signature for the specified hash value.

例外

rgbHash パラメーターが null です。The rgbHash parameter is null.

暗号化サービス プロバイダー (CSP) を取得できません。The cryptographic service provider (CSP) cannot be acquired.

- または --or-

秘密キーがありません。There is no private key.

次のコード例では、一部のデータを暗号化し、暗号化されたデータのハッシュを作成した後、デジタル署名を使用してハッシュに署名します。The following code example encrypts some data, creates a hash of the encrypted data, and then signs hash with a digital signature.

#using <System.dll>

using namespace System;
using namespace System::Text;
using namespace System::Security::Cryptography;
ref class Sender
{
private:
   RSAParameters rsaPubParams;
   RSAParameters rsaPrivateParams;

public:
   Sender()
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      
      //Generate public and private key data.
      rsaPrivateParams = rsaCSP->ExportParameters( true );
      rsaPubParams = rsaCSP->ExportParameters( false );
   }


   property RSAParameters PublicParameters 
   {
      RSAParameters get()
      {
         return rsaPubParams;
      }

   }

   //Manually performs hash and then signs hashed value.
   array<Byte>^ HashAndSign( array<Byte>^encrypted )
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      SHA1Managed^ hash = gcnew SHA1Managed;
      array<Byte>^hashedData;
      rsaCSP->ImportParameters( rsaPrivateParams );
      hashedData = hash->ComputeHash( encrypted );
      return rsaCSP->SignHash( hashedData, CryptoConfig::MapNameToOID( "SHA1" ) );
   }


   //Encrypts using only the public key data.
   array<Byte>^ EncryptData( RSAParameters rsaParams, array<Byte>^toEncrypt )
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      rsaCSP->ImportParameters( rsaParams );
      return rsaCSP->Encrypt( toEncrypt, false );
   }

};

ref class Receiver
{
private:
   RSAParameters rsaPubParams;
   RSAParameters rsaPrivateParams;

public:
   Receiver()
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      
      //Generate public and private key data.
      rsaPrivateParams = rsaCSP->ExportParameters( true );
      rsaPubParams = rsaCSP->ExportParameters( false );
   }


   property RSAParameters PublicParameters 
   {
      RSAParameters get()
      {
         return rsaPubParams;
      }

   }

   //Manually performs hash and then verifies hashed value.
   bool VerifyHash( RSAParameters rsaParams, array<Byte>^signedData, array<Byte>^signature )
   {
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      SHA1Managed^ hash = gcnew SHA1Managed;
      array<Byte>^hashedData;
      rsaCSP->ImportParameters( rsaParams );
	  bool dataOK = rsaCSP->VerifyData(signedData, CryptoConfig::MapNameToOID("SHA1"), signature);
      hashedData = hash->ComputeHash( signedData );
      return rsaCSP->VerifyHash( hashedData, CryptoConfig::MapNameToOID( "SHA1" ), signature );
   }


   //Decrypt using the private key data.
   void DecryptData( array<Byte>^encrypted )
   {
      array<Byte>^fromEncrypt;
      String^ roundTrip;
      ASCIIEncoding^ myAscii = gcnew ASCIIEncoding;
      RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
      rsaCSP->ImportParameters( rsaPrivateParams );
      fromEncrypt = rsaCSP->Decrypt( encrypted, false );
      roundTrip = myAscii->GetString( fromEncrypt );
      Console::WriteLine( "RoundTrip: {0}", roundTrip );
   }

};

int main()
{
   array<Byte>^toEncrypt;
   array<Byte>^encrypted;
   array<Byte>^signature;
   
   //Choose a small amount of data to encrypt.
   String^ original = "Hello";
   ASCIIEncoding^ myAscii = gcnew ASCIIEncoding;
   
   //Create a sender and receiver.
   Sender^ mySender = gcnew Sender;
   Receiver^ myReceiver = gcnew Receiver;
   
   //Convert the data string to a byte array.
   toEncrypt = myAscii->GetBytes( original );
   
   //Encrypt data using receiver's public key.
   encrypted = mySender->EncryptData( myReceiver->PublicParameters, toEncrypt );
   
   //Hash the encrypted data and generate a signature on the hash
   // using the sender's private key.
   signature = mySender->HashAndSign( encrypted );
   Console::WriteLine( "Original: {0}", original );
   
   //Verify the signature is authentic using the sender's public key.
   if ( myReceiver->VerifyHash( mySender->PublicParameters, encrypted, signature ) )
   {
      
      //Decrypt the data using the receiver's private key.
      myReceiver->DecryptData( encrypted );
   }
   else
   {
      Console::WriteLine( "Invalid signature" );
   }
}

using System;
using System.Text;
using System.Security.Cryptography;

namespace RSACryptoServiceProvider_Examples
{
    class MyMainClass
    {
        static void Main()
        {
            byte[] toEncrypt;
            byte[] encrypted;
            byte[] signature;
            //Choose a small amount of data to encrypt.
            string original = "Hello";
            ASCIIEncoding myAscii = new ASCIIEncoding();

            //Create a sender and receiver.
            Sender mySender = new Sender();
            Receiver myReceiver = new Receiver();

            //Convert the data string to a byte array.
            toEncrypt = myAscii.GetBytes(original);

            //Encrypt data using receiver's public key.
            encrypted = mySender.EncryptData(myReceiver.PublicParameters, toEncrypt);

            //Hash the encrypted data and generate a signature on the hash
            // using the sender's private key.
            signature = mySender.HashAndSign(encrypted);

            Console.WriteLine("Original: {0}", original);

            //Verify the signature is authentic using the sender's public key.
            if (myReceiver.VerifyHash(mySender.PublicParameters, encrypted, signature))
            {
                //Decrypt the data using the receiver's private key.
                myReceiver.DecryptData(encrypted);
            }
            else
            {
                Console.WriteLine("Invalid signature");
            }
        }
    }

    class Sender
    {
        RSAParameters rsaPubParams;
        RSAParameters rsaPrivateParams;

        public Sender()
        {
            RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();

            //Generate public and private key data.
            rsaPrivateParams = rsaCSP.ExportParameters(true);
            rsaPubParams = rsaCSP.ExportParameters(false);
        }

        public RSAParameters PublicParameters
        {
            get
            {
                return rsaPubParams;
            }
        }

        //Manually performs hash and then signs hashed value.
        public byte[] HashAndSign(byte[] encrypted)
        {
            RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
            SHA1Managed hash = new SHA1Managed();
            byte[] hashedData;

            rsaCSP.ImportParameters(rsaPrivateParams);

            hashedData = hash.ComputeHash(encrypted);
            return rsaCSP.SignHash(hashedData, CryptoConfig.MapNameToOID("SHA1"));
        }

        //Encrypts using only the public key data.
        public byte[] EncryptData(RSAParameters rsaParams, byte[] toEncrypt)
        {
            RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();

            rsaCSP.ImportParameters(rsaParams);
            return rsaCSP.Encrypt(toEncrypt, false);
        }
    }

    class Receiver
    {
        RSAParameters rsaPubParams;
        RSAParameters rsaPrivateParams;

        public Receiver()
        {
            RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();

            //Generate public and private key data.
            rsaPrivateParams = rsaCSP.ExportParameters(true);
            rsaPubParams = rsaCSP.ExportParameters(false);
        }

        public RSAParameters PublicParameters
        {
            get
            {
                return rsaPubParams;
            }
        }

        //Manually performs hash and then verifies hashed value.
        public bool VerifyHash(RSAParameters rsaParams, byte[] signedData, byte[] signature)
        {
            RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
            SHA1Managed hash = new SHA1Managed();
            byte[] hashedData;

            rsaCSP.ImportParameters(rsaParams);
            bool dataOK = rsaCSP.VerifyData(signedData, CryptoConfig.MapNameToOID("SHA1"), signature);
            hashedData = hash.ComputeHash(signedData);
            return rsaCSP.VerifyHash(hashedData, CryptoConfig.MapNameToOID("SHA1"), signature);
        }

        //Decrypt using the private key data.
        public void DecryptData(byte[] encrypted)
        {
            byte[] fromEncrypt;
            string roundTrip;
            ASCIIEncoding myAscii = new ASCIIEncoding();
            RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();

            rsaCSP.ImportParameters(rsaPrivateParams);
            fromEncrypt = rsaCSP.Decrypt(encrypted, false);
            roundTrip = myAscii.GetString(fromEncrypt);

            Console.WriteLine("RoundTrip: {0}", roundTrip);
        }
    }
}
Imports System.Text
Imports System.Security.Cryptography

Namespace RSACryptoServiceProvider_Examples
    Class MyMainClass
        Shared Sub Main()
            Dim toEncrypt() As Byte
            Dim encrypted() As Byte
            Dim signature() As Byte
            'Choose a small amount of data to encrypt.
            Dim original As String = "Hello"
            Dim myAscii As New ASCIIEncoding()

            'Create a sender and receiver.
            Dim mySender As New Sender()
            Dim myReceiver As New Receiver()

            'Convert the data string to a byte array.
            toEncrypt = myAscii.GetBytes(original)

            'Encrypt data using receiver's public key.
            encrypted = mySender.EncryptData(myReceiver.PublicParameters, toEncrypt)

            'Hash the encrypted data and generate a signature on the hash
            ' using the sender's private key.
            signature = mySender.HashAndSign(encrypted)

            Console.WriteLine("Original: {0}", original)

            'Verify the signature is authentic using the sender's public key.
            If myReceiver.VerifyHash(mySender.PublicParameters, encrypted, signature) Then
                'Decrypt the data using the receiver's private key.
                myReceiver.DecryptData(encrypted)
            Else
                Console.WriteLine("Invalid signature")
            End If
        End Sub
    End Class 'MyMainClass

    Class Sender
        Private rsaPubParams As RSAParameters
        Private rsaPrivateParams As RSAParameters

        Public Sub New()
            Dim rsaCSP As New RSACryptoServiceProvider()

            'Generate public and private key data.
            rsaPrivateParams = rsaCSP.ExportParameters(True)
            rsaPubParams = rsaCSP.ExportParameters(False)
        End Sub

        Public ReadOnly Property PublicParameters() As RSAParameters
            Get
                Return rsaPubParams
            End Get
        End Property

        'Manually performs hash and then signs hashed value.
        Public Function HashAndSign(ByVal encrypted() As Byte) As Byte()
            Dim rsaCSP As New RSACryptoServiceProvider()
            Dim hash As New SHA1Managed()
            Dim hashedData() As Byte

            rsaCSP.ImportParameters(rsaPrivateParams)

            hashedData = hash.ComputeHash(encrypted)
            Return rsaCSP.SignHash(hashedData, CryptoConfig.MapNameToOID("SHA1"))
        End Function 'HashAndSign

        'Encrypts using only the public key data.
        Public Function EncryptData(ByVal rsaParams As RSAParameters, ByVal toEncrypt() As Byte) As Byte()
            Dim rsaCSP As New RSACryptoServiceProvider()

            rsaCSP.ImportParameters(rsaParams)
            Return rsaCSP.Encrypt(toEncrypt, False)
        End Function 'EncryptData
    End Class 'Sender

    Class Receiver
        Private rsaPubParams As RSAParameters
        Private rsaPrivateParams As RSAParameters

        Public Sub New()
            Dim rsaCSP As New RSACryptoServiceProvider()

            'Generate public and private key data.
            rsaPrivateParams = rsaCSP.ExportParameters(True)
            rsaPubParams = rsaCSP.ExportParameters(False)
        End Sub

        Public ReadOnly Property PublicParameters() As RSAParameters
            Get
                Return rsaPubParams
            End Get
        End Property

        'Manually performs hash and then verifies hashed value.
        Public Function VerifyHash(ByVal rsaParams As RSAParameters, ByVal signedData() As Byte, ByVal signature() As Byte) As Boolean
            Dim rsaCSP As New RSACryptoServiceProvider()
            Dim hash As New SHA1Managed()
            Dim hashedData() As Byte
            Dim dataOK As Boolean

            rsaCSP.ImportParameters(rsaParams)
            dataOK = rsaCSP.VerifyData(signedData, CryptoConfig.MapNameToOID("SHA1"), signature)
            hashedData = hash.ComputeHash(signedData)
            Return rsaCSP.VerifyHash(hashedData, CryptoConfig.MapNameToOID("SHA1"), signature)
        End Function 'VerifyHash

        'Decrypt using the private key data.
        Public Sub DecryptData(ByVal encrypted() As Byte)
            Dim fromEncrypt() As Byte
            Dim roundTrip As String
            Dim myAscii As New ASCIIEncoding()
            Dim rsaCSP As New RSACryptoServiceProvider()

            rsaCSP.ImportParameters(rsaPrivateParams)
            fromEncrypt = rsaCSP.Decrypt(encrypted, False)
            roundTrip = myAscii.GetString(fromEncrypt)

            Console.WriteLine("RoundTrip: {0}", roundTrip)
        End Sub
    End Class 'Receiver
End Namespace 'RSACryptoServiceProvider_Examples

注釈

このメソッドは、 VerifyHashメソッドを使用して検証されるデジタル署名を作成します。This method creates a digital signature that is verified using the VerifyHash method.

有効なハッシュアルゴリズムはSHA1MD5です。The valid hash algorithms are SHA1 and MD5. アルゴリズム識別子は、 MapNameToOIDメソッドを使用してハッシュ名から派生させることができます。The algorithm identifier can be derived from the hash name by using the MapNameToOID method.

SHA1 と MD5 の衝突の問題により、SHA256 以上に基づくセキュリティモデルをお勧めします。Due to collision problems with SHA1 and MD5, Microsoft recommends a security model based on SHA256 or better.

セキュリティ

KeyContainerPermissionAccessEntryCollection
キーを使用してファイルに署名するためのアクセス許可。for permission to sign a file using the key. セキュリティアクション: DemandSecurity action: Demand. 関連付けられた列挙型:SignAssociated enumeration: Sign

こちらもご覧ください

SignHash(Byte[], HashAlgorithmName, RSASignaturePadding) SignHash(Byte[], HashAlgorithmName, RSASignaturePadding) SignHash(Byte[], HashAlgorithmName, RSASignaturePadding) SignHash(Byte[], HashAlgorithmName, RSASignaturePadding)

指定したパディングを使用して秘密キーで暗号化し、指定したハッシュ値の署名を計算します。Computes the signature for the specified hash value by encrypting it with the private key using the specified padding.

public:
 override cli::array <System::Byte> ^ SignHash(cli::array <System::Byte> ^ hash, System::Security::Cryptography::HashAlgorithmName hashAlgorithm, System::Security::Cryptography::RSASignaturePadding ^ padding);
public override byte[] SignHash (byte[] hash, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, System.Security.Cryptography.RSASignaturePadding padding);
override this.SignHash : byte[] * System.Security.Cryptography.HashAlgorithmName * System.Security.Cryptography.RSASignaturePadding -> byte[]
Public Overrides Function SignHash (hash As Byte(), hashAlgorithm As HashAlgorithmName, padding As RSASignaturePadding) As Byte()

パラメーター

hash
Byte[]

署名されたデータのハッシュ値。The hash value of the data to be signed.

hashAlgorithm
HashAlgorithmName HashAlgorithmName HashAlgorithmName HashAlgorithmName

データのハッシュ値を作成するために使用されるハッシュ アルゴリズム名。The hash algorithm name used to create the hash value of the data.

戻り値

Byte[]

指定したハッシュ値に対する RSA 署名。The RSA signature for the specified hash value.

例外

hashAlgorithmnull または Empty です。hashAlgorithm is null or Empty.

hashnullです。hash is null.

- または --or- paddingnullです。padding is null.

paddingPkcs1 と一致しません。padding does not equal Pkcs1.

適用対象