====== Signatures prostor imena ======
**Prostor imena:** ''WvdS.System.Security.Cryptography.Signatures''
Sadrži extension metode za digitalne potpise s PQ podrškom.
----
===== Klase =====
^ Klasa ^ Opis ^
| SignatureExtensions | Proširenja za RSA, ECDsa i X509Certificate2 potpise |
| SignedDataExtensions | Proširenja za CMS/PKCS#7 SignedCms |
| HybridSignatureInfo | Kontejner za hibridne podatke potpisa |
| PqSignedCmsHelper | High-level API za PQ-sposobne CMS operacije |
----
===== Prošireni tipovi =====
^ .NET tip ^ Klasa proširenja ^
| ''System.Security.Cryptography.RSA''((Microsoft Docs: https://learn.microsoft.com/dotnet/api/system.security.cryptography.rsa)) | SignatureExtensions |
| ''System.Security.Cryptography.ECDsa''((Microsoft Docs: https://learn.microsoft.com/dotnet/api/system.security.cryptography.ecdsa)) | SignatureExtensions |
| ''System.Security.Cryptography.Pkcs.SignedCms''((Microsoft Docs: https://learn.microsoft.com/dotnet/api/system.security.cryptography.pkcs.signedcms)) | SignedDataExtensions |
----
===== Načini potpisa =====
| Način | Klasično | ML-DSA | Upotreba |
| Classic | Da | - | Standardno .NET ponašanje |
| Hybrid | Da | Da | Maksimalna sigurnost |
| PostQuantum | - | Da | Čisto post-kvantno |
----
===== Format hibridnog potpisa =====
U hibridnom načinu rada generiraju se dva potpisa:
+---------------------------------------------+
| Hibridni potpis |
+---------------------------------------------+
| [4 bajta] Duljina klasičnog potpisa |
| [n bajtova] Klasični potpis (RSA/ECDSA) |
| [m bajtova] PQ potpis (ML-DSA) |
+---------------------------------------------+
^ Komponenta ^ Tipična veličina ^
| RSA-2048 potpis | 256 bajtova |
| ECDSA P-256 potpis | ~70 bajtova |
| ML-DSA-65 potpis | 3.293 bajta |
| **Hibridni RSA** | **~3.553 bajta** |
----
===== Primjer =====
using WvdS.System.Security.Cryptography;
using WvdS.System.Security.Cryptography.Signatures;
CryptoConfig.DefaultMode = CryptoMode.Hybrid;
using var rsa = RSA.Create(2048);
byte[] data = Encoding.UTF8.GetBytes("Podaci za potpisivanje");
// Kreiranje hibridnog potpisa
byte[] signature = rsa.SignData(
data,
HashAlgorithmName.SHA256,
RSASignaturePadding.Pkcs1);
// Verifikacija
bool valid = rsa.VerifyData(
data,
signature,
HashAlgorithmName.SHA256,
RSASignaturePadding.Pkcs1);
----
===== Metode SignatureExtensions =====
==== RSA proširenja ====
^ Metoda ^ Parametri ^ Povratna vrijednost ^
| ''SignData(data, hash, padding, mode)'' | byte[], HashAlgorithmName, RSASignaturePadding, CryptoMode? | byte[] |
| ''SignData(stream, hash, padding, mode)'' | Stream, HashAlgorithmName, RSASignaturePadding, CryptoMode? | byte[] |
| ''VerifyData(data, sig, hash, padding, mode)'' | byte[], byte[], HashAlgorithmName, RSASignaturePadding, CryptoMode? | bool |
==== ECDsa proširenja ====
^ Metoda ^ Parametri ^ Povratna vrijednost ^
| ''SignData(data, hash, mode)'' | byte[], HashAlgorithmName, CryptoMode? | byte[] |
| ''VerifyData(data, sig, hash, mode)'' | byte[], byte[], HashAlgorithmName, CryptoMode? | bool |
==== Samostalni ML-DSA ====
^ Metoda ^ Parametri ^ Povratna vrijednost ^
| ''GenerateMlDsaKeyPair()'' | - | (byte[] PublicKey, byte[] PrivateKey) |
| ''SignMlDsa(data, privateKey)'' | byte[], byte[] | byte[] |
| ''VerifyMlDsa(data, sig, publicKey)'' | byte[], byte[], byte[] | bool |
----
===== Vidi također =====
* [[.:x509certificates:start|X509Certificates prostor imena]]
* [[.:keyexchange|KeyExchange prostor imena]]
* [[.:start|API-pregled]]
{{tag>namespace signaturen ml-dsa}}
----
//Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional//