====== WvdS.System.Security.Cryptography.Signatures Namespace ======

Contains extension methods for digital signatures with PQ support.

----

===== Classes =====

^  Class  ^  Description  ^
| [[.:signatureextensions|SignatureExtensions]] | Extensions for RSA, ECDsa, and X509Certificate2 signatures |
| [[.:signeddataextensions|SignedDataExtensions]] | Extensions for CMS/PKCS#7 SignedCms |
| [[.:hybridsignatureinfo|HybridSignatureInfo]] | Container for hybrid signature data |

----

===== Static Classes =====

^  Class  ^  Description  ^
| [[.:pqsignedcmshelper|PqSignedCmsHelper]] | High-level API for PQ-capable CMS operations |

----

===== Extended Types =====

^  .NET Type  ^  Extension Class  ^
| ''System.Security.Cryptography.RSA''((Microsoft Docs: https://learn.microsoft.com/dotnet/api/system.security.cryptography.rsa)) | SignatureExtensions |
| ''System.Security.Cryptography.ECDsa''((Microsoft Docs: https://learn.microsoft.com/dotnet/api/system.security.cryptography.ecdsa)) | SignatureExtensions |
| ''System.Security.Cryptography.Pkcs.SignedCms''((Microsoft Docs: https://learn.microsoft.com/dotnet/api/system.security.cryptography.pkcs.signedcms)) | SignedDataExtensions |

----

===== Hybrid Signature Format =====

In Hybrid mode, two signatures are created:

<code>
+------------------------------------------+
| Hybrid Signature                         |
+------------------------------------------+
| [4 Bytes] Length of classic signature    |
| [n Bytes] Classic signature (RSA/ECDSA)  |
| [m Bytes] PQ signature (ML-DSA)          |
+------------------------------------------+
</code>

----

===== Example =====

<code csharp>
using WvdS.System.Security.Cryptography;
using WvdS.System.Security.Cryptography.Signatures;

CryptoConfig.DefaultMode = CryptoMode.Hybrid;

using var rsa = RSA.Create(2048);
byte[] data = Encoding.UTF8.GetBytes("Data to sign");

// Create hybrid signature
byte[] signature = rsa.SignData(
    data,
    HashAlgorithmName.SHA256,
    RSASignaturePadding.Pkcs1);

// Verify
bool valid = rsa.VerifyData(
    data,
    signature,
    HashAlgorithmName.SHA256,
    RSASignaturePadding.Pkcs1);
</code>

----

===== See Also =====

  * [[..:x509certificates:start|X509Certificates Namespace]]
  * [[..:keyexchange:start|KeyExchange Namespace]]
  * [[en:int:pqcrypt:api:start|API Overview]]

{{tag>namespace signatures}}

----
//Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional//