Hello,
I am attempting to create a digital signature using the RSACryptoServiceProvider with a 2048 bit key as the signing algorithm and SHA-512 as the message digest algorithm.
It appears that this is not possible using the default RSACryptoServiceProvider class provided with the framework.
For instance, the following code generates an exception:
<code>
string plainText = "This is the text to encrypt";
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSA.FromXmlString(this.PrivateKey);
SHA512Managed hash = new SHA512Managed();
UnicodeEncoding encoding = new UnicodeEncoding();
byte[] hashedData = hash.ComputeHash(encoding.GetBytes(plainText));
byte[] signedData = RSA.SignHash( hashedData,
CryptoConfig.MapNameToOID("SHA512")
);
</code>
This is the exception:
System.Security.Cryptography.CryptographicException: Object identifier (OID) is unknown.
at System.Security.Cryptography.RSACryptoServiceProvider.MapOIDToCalg(String str)
at System.Security.Cryptography.RSACryptoServiceProvider.SignHash(Byte[] rgbHash, String str)
I have several questions:
1. Is it possible to create a signature with SHA-512 with the RSACryptoServiceProvider?
2. I am constrained by requirements to create the signature using SHA-512 and RSA. If I cannot do this with the default RSACryptoServiceProvider, how can I accomplish this?
3. Why does the RSACryptoServiceProvider.SignHash method only allow MD5 and SHA-1 to be used as hashing algorithms?
4. While I understand that the typical use case of asymmetric encryption is to encrypt with the public key and decrypt with the private key I believe that encrypting with the private key and decrypting with the public key is an equally valid operation. Furthermore it is the essence of signing. Why isn't it possible to encrypt with the private key and decrypt with the public key using the RSACryptoServiceProvider?.
Any help would be greatly appreciated as I have spent the past week ramming my head against this problem.
Thanks in advance.
I am attempting to create a digital signature using the RSACryptoServiceProvider with a 2048 bit key as the signing algorithm and SHA-512 as the message digest algorithm.
It appears that this is not possible using the default RSACryptoServiceProvider class provided with the framework.
For instance, the following code generates an exception:
<code>
string plainText = "This is the text to encrypt";
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSA.FromXmlString(this.PrivateKey);
SHA512Managed hash = new SHA512Managed();
UnicodeEncoding encoding = new UnicodeEncoding();
byte[] hashedData = hash.ComputeHash(encoding.GetBytes(plainText));
byte[] signedData = RSA.SignHash( hashedData,
CryptoConfig.MapNameToOID("SHA512")
);
</code>
This is the exception:
System.Security.Cryptography.CryptographicException: Object identifier (OID) is unknown.
at System.Security.Cryptography.RSACryptoServiceProvider.MapOIDToCalg(String str)
at System.Security.Cryptography.RSACryptoServiceProvider.SignHash(Byte[] rgbHash, String str)
I have several questions:
1. Is it possible to create a signature with SHA-512 with the RSACryptoServiceProvider?
2. I am constrained by requirements to create the signature using SHA-512 and RSA. If I cannot do this with the default RSACryptoServiceProvider, how can I accomplish this?
3. Why does the RSACryptoServiceProvider.SignHash method only allow MD5 and SHA-1 to be used as hashing algorithms?
4. While I understand that the typical use case of asymmetric encryption is to encrypt with the public key and decrypt with the private key I believe that encrypting with the private key and decrypting with the public key is an equally valid operation. Furthermore it is the essence of signing. Why isn't it possible to encrypt with the private key and decrypt with the public key using the RSACryptoServiceProvider?.
Any help would be greatly appreciated as I have spent the past week ramming my head against this problem.
Thanks in advance.