Compact examples for signatures. → Details: Signature Scenarios
using var rsa = RSA.Create(4096); byte[] data = Encoding.UTF8.GetBytes("Data to sign"); // Hybrid signature (RSA + ML-DSA) byte[] signature = rsa.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1, CryptoMode.Hybrid); // Verify bool valid = rsa.VerifyData(data, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1, CryptoMode.Hybrid);
using var ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP384); byte[] data = Encoding.UTF8.GetBytes("Data to sign"); byte[] signature = ecdsa.SignData(data, HashAlgorithmName.SHA384, CryptoMode.Hybrid); bool valid = ecdsa.VerifyData(data, signature, HashAlgorithmName.SHA384, CryptoMode.Hybrid);
var cert = new X509Certificate2("signing.pfx", "password"); byte[] content = File.ReadAllBytes("document.pdf"); var contentInfo = new ContentInfo(content); var signedCms = new SignedCms(contentInfo, detached: true); var signer = new CmsSigner(cert); signer.DigestAlgorithm = new Oid("2.16.840.1.101.3.4.2.1"); // SHA-256 signedCms.ComputeSignature(signer, CryptoMode.Hybrid); byte[] signature = signedCms.Encode();
→ Details: Sign Document
var signedCms = new SignedCms(); signedCms.Decode(signatureBytes); signedCms.CheckSignature(verifySignatureOnly: true); foreach (var signerInfo in signedCms.SignerInfos) { var cert = signerInfo.Certificate; bool hasPq = cert.HasPqSignature(); }
→ Details: Verify Signature
| Type | Usage | API |
|---|---|---|
| RSA Hybrid | Legacy compatibility | RsaExtensions |
| ECDSA Hybrid | Modern, compact | ECDsaExtensions |
| ML-DSA Pure | PQ-only | MlDsaSigner |
| CMS/PKCS#7 | Documents | SignedCmsExtensions |
« <- Quick Reference | -> Signature Scenarios (Details) »
Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional