C# Sign Data with RSA using BouncyCastle

c# bouncycastle
w.donahue picture w.donahue · Jan 12, 2012 · Viewed 25.8k times · Source

Does anyone know of a simple tutorial or sample code of how to sign data in c# using bouncy castle. In Java there are tons of tutorials and samples. I can't find a single example in c#. Does anyone know how to do this?

Answer

w.donahue picture w.donahue · Jan 13, 2012

Okay I could not find any documentation on how to do this. But I ended up figuring it out. I am pasting the full code here so hopefully it can help someone in the future.

This class will calculate a RSA signature with a sha1 hash for the provided string and verify it as well.

using System;
using System.IO;
using System.Text;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.OpenSsl;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities.Encoders;

namespace API.Crypto
{
    public class RsaSha1Signing
    {
        private RsaKeyParameters MakeKey(String modulusHexString, String exponentHexString, bool isPrivateKey)
        {
            var modulus = new Org.BouncyCastle.Math.BigInteger(modulusHexString, 16);
            var exponent = new Org.BouncyCastle.Math.BigInteger(exponentHexString, 16);

            return new RsaKeyParameters(isPrivateKey, modulus, exponent);
        }

        public String Sign(String data, String privateModulusHexString, String privateExponentHexString)
        {
            /* Make the key */
            RsaKeyParameters key = MakeKey(privateModulusHexString, privateExponentHexString, true);

            /* Init alg */
            ISigner sig = SignerUtilities.GetSigner("SHA1withRSA");

            /* Populate key */
            sig.Init(true, key);

            /* Get the bytes to be signed from the string */
            var bytes = Encoding.UTF8.GetBytes(data);

            /* Calc the signature */
            sig.BlockUpdate(bytes, 0, bytes.Length);
            byte[] signature = sig.GenerateSignature();

            /* Base 64 encode the sig so its 8-bit clean */
            var signedString = Convert.ToBase64String(signature);

            return signedString;
        }

        public bool Verify(String data, String expectedSignature, String publicModulusHexString, String publicExponentHexString)
        {
            /* Make the key */
            RsaKeyParameters key = MakeKey(publicModulusHexString, publicExponentHexString, false);

            /* Init alg */
            ISigner signer = SignerUtilities.GetSigner("SHA1withRSA");

            /* Populate key */
            signer.Init(false, key);

            /* Get the signature into bytes */
            var expectedSig = Convert.FromBase64String(expectedSignature);

            /* Get the bytes to be signed from the string */
            var msgBytes = Encoding.UTF8.GetBytes(data);

            /* Calculate the signature and see if it matches */
            signer.BlockUpdate(msgBytes, 0, msgBytes.Length);
            return signer.VerifySignature(expectedSig);
        }
    }
}

Related questions

How can I sign a file using RSA and SHA256 with .NET?

My application will take a set of files and sign them. (I'm not trying to sign an assembly.) There is a .p12 file that I get the private key from. This is the code I was trying to use, but …

Read More
Generate a self-signed certificate on the fly

I searched around, but I didn't find a clear example. I want to create a self-signed (self-)trusted certificate programmatically (C#), following these steps: STEP 1: Create a root CA certificate on the fly and add it to the certificate store …

Read More
Encrypt/Decrypt using Bouncy Castle in C#

I am using the "BouncyCastle.Crypto.dll" for encrypt/decrypt a string in my app. I am using the following code from this blog: I have a class BCEngine, exactly the same as the one given in the link mentioned …

Read More