Inhaltsverzeichnis
Digitale Signaturen
Kompakte Beispiele für Signaturen. → Details: Signatur-Szenarien
RSA Hybrid-Signatur
using var rsa = RSA.Create(4096); byte[] data = Encoding.UTF8.GetBytes("Zu signierende Daten"); // Hybrid-Signatur (RSA + ML-DSA) byte[] signature = rsa.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1, CryptoMode.Hybrid); // Verifizieren bool valid = rsa.VerifyData(data, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1, CryptoMode.Hybrid);
ECDSA Hybrid-Signatur
using var ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP384); byte[] data = Encoding.UTF8.GetBytes("Zu signierende Daten"); byte[] signature = ecdsa.SignData(data, HashAlgorithmName.SHA384, CryptoMode.Hybrid); bool valid = ecdsa.VerifyData(data, signature, HashAlgorithmName.SHA384, CryptoMode.Hybrid);
CMS/PKCS#7 Signatur
var cert = new X509Certificate2("signing.pfx", "passwort"); byte[] content = File.ReadAllBytes("document.pdf"); var contentInfo = new ContentInfo(content); var signedCms = new SignedCms(contentInfo, detached: true); var signer = new CmsSigner(cert); signer.DigestAlgorithm = new Oid("2.16.840.1.101.3.4.2.1"); // SHA-256 signedCms.ComputeSignature(signer, CryptoMode.Hybrid); byte[] signature = signedCms.Encode();
→ Details: Dokument signieren
Signatur verifizieren
var signedCms = new SignedCms(); signedCms.Decode(signatureBytes); signedCms.CheckSignature(verifySignatureOnly: true); foreach (var signerInfo in signedCms.SignerInfos) { var cert = signerInfo.Certificate; bool hasPq = cert.HasPqSignature(); }
→ Details: Signatur verifizieren
Signatur-Typen
| Typ | Verwendung | API |
|---|---|---|
| RSA Hybrid | Legacy-Kompatibilität | RsaExtensions |
| ECDSA Hybrid | Modern, kompakt | ECDsaExtensions |
| ML-DSA Pure | PQ-only | MlDsaSigner |
| CMS/PKCS#7 | Dokumente | SignedCmsExtensions |
« ← Kurzreferenz | → Signatur-Szenarien (Details) »
Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional
Zuletzt geändert: den 29.01.2026 um 15:12
