Knowing little about cryptography I have great problems with what seems to be a simple task.
I have .pem certificate, bytes of data, and signature of that data. I want to check if someone changed the data by matching it against signature.
My try:
private bool VerifySignature(byte[] data, byte[] signature)
{
try
{
X509Certificate certificate = new X509Certificate("cert_filename.pem");
if (certificate == null)
return false;
DSACryptoServiceProvider dsa = (DSACryptoServiceProvider)certificate.PublicKey.Key;
return dsa.VerifyData(data, signatureData);
}
catch
{
return false;
}
}
But it gives me an error
'Algorithm of certificates key is not supported' (System.NotSupportedException).
Looking into loaded certificate it says that the signature algorithm is 'sha1ecdsa'.
I am trying only to verify data against signature. What am I missing here? I would like to do it without any external solutions as it seems to be really trivial task.
Update: I am trying to achieve same functionality as in below Java code:
private boolean verify(byte[] data, byte[] signature)
{
boolean isLicenseCorrect = false;
Signature sig = Signature.getInstance("SHA1WithECDSA");
sig.initVerify(certificate.getPublicKey());
sig.update(data);
return sig.verify(signature);
}
The recipient uses the sender's public key to decrypt the digital signature's hash. The recipient's computer calculates the hash of the original file and compares it with the decrypted hash. If the two hashes match, the signature is verified.
For applications such as web browsers the canonical approach to verifying the authenticity of a public key is to sign it with another public key that you trust. These certificates are chained together with public key signatures signed by a trusted certificate authority in a hierarchal model.
RSA Digital Signatures To sign a message m, just apply the RSA function with the private key to produce a signature s; to verify, apply the RSA function with the public key to the signature, and check that the result equals the expected message.
Although DSA and ECDSA are related, they are not the same. Why not try ECDsaCryptoServiceProvider
? Note that the ECDSA support for Elliptic Curves only includes NIST named curves.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With