Create keys, sign data and verify signatures using the ECDSA implementation from .NET
Generates an ECDsaP256 key pair.
The public key is exported in the clear to pkey
.
The private key under the name "key1"
is stored using Microsoft Software Key Storage Provider as a User-key in folder \AppData\Roaming\Microsoft\Crypto\Keys
.
Relevant:
- https://msdn.microsoft.com/en-us/library/windows/desktop/bb204778(v=vs.85).aspx
- https://msdn.microsoft.com/en-us/library/windows/desktop/bb931355(v=vs.85).aspx
- https://msdn.microsoft.com/en-us/library/f5cs0acs.aspx
ECDsaP256 can be changed by
- ECDsaP384
- ECDsaP521
Relevant:
If there is already a key stored under the name "key1"
, the key is overwritten.
SYNTAX
key_gen_cngkey.exe
Generates an ECDsa key pair using curve brainpoolP256t1.
To see available curves for this constructor run certutil –displayEccCurve
.
More info here:
This allows the usage of more curves than NIST curves, but there is no support by Microsoft Software Key Storage Provider.
As a consequence, either another KSP must be used, or keys must be exported on the clear, as done here.
The program creates two files: pkey
holding the public key using GenericPublicBlob format, and skey
using Private Key Information Syntax Standard (PKCS #8) key BLOB.
SYNTAX
key_gen.exe
Assuming key_gen_cngkey.cs
has run successfully and a key under the name "key1"
is already stored using Microsoft Software Key Storage Provider, signs a document doc
with this key, generating a file called signature
containing the signature of the document.
SYNTAX
sign_cngkey.exe doc
Signs a document doc
with a key provided in a file skey
, obtained by running key_gen.exe
.
This generates a file called signature
containing the signature of the document.
SYNTAX
sign.exe doc skey
Given a document doc
, a signature signature
(either generated by sign_cngkey.exe doc
or sign.exe doc skey
) and a public key pkey
(either generated by key_gen.exe
or key_gen_cngkey.exe
), returns information about the validity of the signature.
SYNTAX
vrfy.exe doc signature pkey