Patrick M
Reputation: 93
RSACryptoServiceProvider.SignHash with SHA256 returns 128 bytes instead of 32?
I'm new to cryptography, so perhaps I'm confused on what should happen here. I start with a 32 byte message digest and attempt to sign it using my private key. The output of RSA.SignHash is a 128 bytes. I am expecting 32.
static private byte[] RSAHashAndSignData(byte[] data, RSAParameters privateKey)
{
byte[] signedHash;
//Create a new instance of RSACryptoServiceProvider.
using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
{
//Import the public key
RSA.ImportParameters(privateKey);
//Encrypt the passed byte array
var sha = SHA256Managed.Create();
var digest = sha.ComputeHash(data);
signedHash = RSA.SignHash(digest, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
}
return signedHash;
}
Upvotes: 2
Views: 2517
Answers (1)
vcsjones
Reputation: 141638
I am expecting 32.
That is an incorrect assumption. Signing does not produce a size equal to the size of the input.
Using PKCS#1 padding, using a 1024-bit RSA key will produce as 128-byte signature. The size of a signature is related to the size of the modulus of the signing key.
Upvotes: 5
Related Questions
- RSA.SignHash SHA512 and SHA256 give the same signature length
- rsacryptoserviceprovider verifydata SHA512CryptoServiceProvider always false c#
- Can RSACryptoServiceProvider (.NET's RSA) use SHA256 for encryption (not signing) instead of SHA1?
- Why is SHA256 and invalid hash algorithm when signing with RSA?
- Why does RSACryptoServiceProvider.VerifyHash have a “hash algorithm identifier” parameter?
- Using the RSACryptoServiceProvider to sign a hash from a server and then verifying the hash from client side
- Do I use RSACryptoServiceProvider.SignHash to sign data?
- Why does this method for computing a SHA-256 hash always return a string of 44 characters?
- RSA_sign and RSACryptoProvider.VerifySignature
- ArgumentException "Value was invalid" when calling RSACryptoServiceProvider.SignData