Tuesday, December 31, 2013

RSA Digital Signature C#

Using .net libraries we can easily implement RSA digital signature scheme. I wrote this blog post to explain how RSA digital signature algorithm works.

Here I get private and public key pair out of rsa object for more understandability of the code.

//Get rsaKeys
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(2048);
string publicKey = RSA.ToXmlString(false);
string privateKey = RSA.ToXmlString(true);
view raw rsaKeys hosted with ❤ by GitHub

The following method will explain how to sign a message. You need to provide a private key and a message need to be signed. This method will be returned signed message.

//Sign message
/// <summary>
/// Signs the message.
/// </summary>
/// <param name="message">The message.</param>
/// <param name="privateKey">The private key.</param>
/// <returns>signed message</returns>
private static string SignMessage(string message, string privateKey)
{
string signedMessage;
try
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(2048);
//Initiate a new instanse with 2048 bit key size
rsa.FromXmlString(privateKey);
// Load private key
signedMessage = Convert.ToBase64String(rsa.SignData(Encoding.UTF8.GetBytes(message), CryptoConfig.MapNameToOID("SHA512")));
//rsa.SignData( buffer, hash algorithm) - For signed data. Here I used SHA512 for hash.
//Encoding.UTF8.GetBytes(string) - convert string to byte messafe
//Convert.ToBase64String(string) - convert back to a string.
}
catch (Exception)
{
signedMessage = string.Empty;
}
return signedMessage;
}
view raw signRsa hosted with ❤ by GitHub

Next step is verify the message that you signed using your private key. You need to pass original message, signed message and public key to method. This method will be returned boolean value verified or not.

//Verify message
/// <summary>
/// Verifies the message.
/// </summary>
/// <param name="originalMessage">The original message.</param>
/// <param name="signedMessage">The signed message.</param>
/// <param name="publicKey">The public key.</param>
/// <returns>verify status</returns>
private static bool VerifyMessage(string originalMessage, string signedMessage, string publicKey)
{
bool verified;
try
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(2048);
rsa.FromXmlString(publicKey);
// load public key
verified = rsa.VerifyData(Encoding.UTF8.GetBytes(originalMessage), CryptoConfig.MapNameToOID("SHA512"), Convert.FromBase64String(signedMessage));
}
catch (Exception)
{
verified = false;
}
return verified;
}
view raw verifyRsa hosted with ❤ by GitHub

To this point we are done with methods we need to sign and verify. Lets see how to use them. I wrote it in main method.

//RSA main
static void Main(string[] args)
{
bool verifyState = false;
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(2048);
string publicKey = RSA.ToXmlString(false);
string privateKey = RSA.ToXmlString(true);
string plainText = "originalMessage";
string tamperMessage = "origiinalMessage";
string signedMessage = SignMessage(plainText, privateKey);
verifyState = VerifyMessage(plainText, signedMessage, publicKey); // return true
verifyState = VerifyMessage(tamperMessage, signedMessage, publicKey); // return false
}
view raw rsaMain hosted with ❤ by GitHub


at 4 comments:
Subscribe to: Posts (Atom)