====== Digitale Signaturen ======

Kompakte Beispiele für Signaturen. → **Details:** [[de:int:pqcrypt:szenarien:signaturen:start|Signatur-Szenarien]]

----

===== RSA Hybrid-Signatur =====

<code csharp>
using var rsa = RSA.Create(4096);
byte[] data = Encoding.UTF8.GetBytes("Zu signierende Daten");

// Hybrid-Signatur (RSA + ML-DSA)
byte[] signature = rsa.SignData(data,
    HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1,
    CryptoMode.Hybrid);

// Verifizieren
bool valid = rsa.VerifyData(data, signature,
    HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1,
    CryptoMode.Hybrid);
</code>

----

===== ECDSA Hybrid-Signatur =====

<code csharp>
using var ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP384);
byte[] data = Encoding.UTF8.GetBytes("Zu signierende Daten");

byte[] signature = ecdsa.SignData(data,
    HashAlgorithmName.SHA384, CryptoMode.Hybrid);

bool valid = ecdsa.VerifyData(data, signature,
    HashAlgorithmName.SHA384, CryptoMode.Hybrid);
</code>

----

===== CMS/PKCS#7 Signatur =====

<code csharp>
var cert = new X509Certificate2("signing.pfx", "passwort");
byte[] content = File.ReadAllBytes("document.pdf");

var contentInfo = new ContentInfo(content);
var signedCms = new SignedCms(contentInfo, detached: true);

var signer = new CmsSigner(cert);
signer.DigestAlgorithm = new Oid("2.16.840.1.101.3.4.2.1"); // SHA-256

signedCms.ComputeSignature(signer, CryptoMode.Hybrid);
byte[] signature = signedCms.Encode();
</code>

→ **Details:** [[de:int:pqcrypt:szenarien:signaturen:dokument_signieren|Dokument signieren]]

----

===== Signatur verifizieren =====

<code csharp>
var signedCms = new SignedCms();
signedCms.Decode(signatureBytes);
signedCms.CheckSignature(verifySignatureOnly: true);

foreach (var signerInfo in signedCms.SignerInfos)
{
    var cert = signerInfo.Certificate;
    bool hasPq = cert.HasPqSignature();
}
</code>

→ **Details:** [[de:int:pqcrypt:szenarien:signaturen:signatur_verifizieren|Signatur verifizieren]]

----

===== Signatur-Typen =====

^  Typ  ^  Verwendung  ^  API  ^
| RSA Hybrid | Legacy-Kompatibilität | RsaExtensions |
| ECDSA Hybrid | Modern, kompakt | ECDsaExtensions |
| ML-DSA Pure | PQ-only | MlDsaSigner |
| CMS/PKCS#7 | Dokumente | SignedCmsExtensions |

----

<< [[.:start|← Kurzreferenz]] | [[de:int:pqcrypt:szenarien:signaturen:start|→ Signatur-Szenarien (Details)]] >>

----
//Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional//

{{tag>kurzreferenz signaturen rsa ecdsa cms hybrid}}