====== Namespace Signatures ======
**Namespace:** ''WvdS.System.Security.Cryptography.Signatures''
Contiene Extension Methods per firme digitali con supporto PQ.
----
===== Classi =====
^ Classe ^ Descrizione ^
| SignatureExtensions | Extension per firme RSA, ECDsa e X509Certificate2 |
| SignedDataExtensions | Extension per CMS/PKCS#7 SignedCms |
| HybridSignatureInfo | Container per dati di firma ibrida |
| PqSignedCmsHelper | API high-level per operazioni CMS PQ-ready |
----
===== Tipi estesi =====
^ Tipo .NET ^ Classe Extension ^
| ''System.Security.Cryptography.RSA''((Microsoft Docs: https://learn.microsoft.com/dotnet/api/system.security.cryptography.rsa)) | SignatureExtensions |
| ''System.Security.Cryptography.ECDsa''((Microsoft Docs: https://learn.microsoft.com/dotnet/api/system.security.cryptography.ecdsa)) | SignatureExtensions |
| ''System.Security.Cryptography.Pkcs.SignedCms''((Microsoft Docs: https://learn.microsoft.com/dotnet/api/system.security.cryptography.pkcs.signedcms)) | SignedDataExtensions |
----
===== Modalita di firma =====
| Modalita | Classico | ML-DSA | Utilizzo |
| Classic | ? | - | Comportamento standard .NET |
| Hybrid | ? | ? | Massima sicurezza |
| PostQuantum | - | ? | Puramente post-quantum |
----
===== Formato firma ibrida =====
In modalita Hybrid vengono generate due firme:
+---------------------------------------------+
| Firma ibrida |
+---------------------------------------------+
| [4 Bytes] Lunghezza firma classica |
| [n Bytes] Firma classica (RSA/ECDSA) |
| [m Bytes] Firma PQ (ML-DSA) |
+---------------------------------------------+
^ Componente ^ Dimensione tipica ^
| Firma RSA-2048 | 256 Bytes |
| Firma ECDSA P-256 | ~70 Bytes |
| Firma ML-DSA-65 | 3.293 Bytes |
| **Hybrid RSA** | **~3.553 Bytes** |
----
===== Esempio =====
using WvdS.System.Security.Cryptography;
using WvdS.System.Security.Cryptography.Signatures;
CryptoConfig.DefaultMode = CryptoMode.Hybrid;
using var rsa = RSA.Create(2048);
byte[] data = Encoding.UTF8.GetBytes("Dati da firmare");
// Creare firma ibrida
byte[] signature = rsa.SignData(
data,
HashAlgorithmName.SHA256,
RSASignaturePadding.Pkcs1);
// Verificare
bool valid = rsa.VerifyData(
data,
signature,
HashAlgorithmName.SHA256,
RSASignaturePadding.Pkcs1);
----
===== Metodi SignatureExtensions =====
==== Extension RSA ====
^ Metodo ^ Parametri ^ Ritorno ^
| ''SignData(data, hash, padding, mode)'' | byte[], HashAlgorithmName, RSASignaturePadding, CryptoMode? | byte[] |
| ''SignData(stream, hash, padding, mode)'' | Stream, HashAlgorithmName, RSASignaturePadding, CryptoMode? | byte[] |
| ''VerifyData(data, sig, hash, padding, mode)'' | byte[], byte[], HashAlgorithmName, RSASignaturePadding, CryptoMode? | bool |
==== Extension ECDsa ====
^ Metodo ^ Parametri ^ Ritorno ^
| ''SignData(data, hash, mode)'' | byte[], HashAlgorithmName, CryptoMode? | byte[] |
| ''VerifyData(data, sig, hash, mode)'' | byte[], byte[], HashAlgorithmName, CryptoMode? | bool |
==== ML-DSA Standalone ====
^ Metodo ^ Parametri ^ Ritorno ^
| ''GenerateMlDsaKeyPair()'' | - | (byte[] PublicKey, byte[] PrivateKey) |
| ''SignMlDsa(data, privateKey)'' | byte[], byte[] | byte[] |
| ''VerifyMlDsa(data, sig, publicKey)'' | byte[], byte[], byte[] | bool |
----
===== Vedi anche =====
* [[.:x509certificates:start|Namespace X509Certificates]]
* [[.:keyexchange|Namespace KeyExchange]]
* [[.:start|Panoramica API]]
{{tag>namespace signaturen ml-dsa}}
----
//Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional//