Create keys, sign data and verify signatures using the ECDSA implementation from .NET
Generates an ECDsaP256 key pair.
The public key is exported in the clear to pkey.
The private key under the name "key1" is stored using Microsoft Software Key Storage Provider as a User-key in folder \AppData\Roaming\Microsoft\Crypto\Keys.
Relevant:
- https://msdn.microsoft.com/en-us/library/windows/desktop/bb204778(v=vs.85).aspx
- https://msdn.microsoft.com/en-us/library/windows/desktop/bb931355(v=vs.85).aspx
- https://msdn.microsoft.com/en-us/library/f5cs0acs.aspx
ECDsaP256 can be changed by
- ECDsaP384
- ECDsaP521
Relevant:
If there is already a key stored under the name "key1", the key is overwritten.
SYNTAX
key_gen_cngkey.exe
Generates an ECDsa key pair using curve brainpoolP256t1.
To see available curves for this constructor run certutil –displayEccCurve.
More info here:
This allows the usage of more curves than NIST curves, but there is no support by Microsoft Software Key Storage Provider.
As a consequence, either another KSP must be used, or keys must be exported on the clear, as done here.
The program creates two files: pkey holding the public key using GenericPublicBlob format, and skey using Private Key Information Syntax Standard (PKCS #8) key BLOB.
SYNTAX
key_gen.exe
Assuming key_gen_cngkey.cs has run successfully and a key under the name "key1" is already stored using Microsoft Software Key Storage Provider, signs a document doc with this key, generating a file called signature containing the signature of the document.
SYNTAX
sign_cngkey.exe doc
Signs a document doc with a key provided in a file skey, obtained by running key_gen.exe.
This generates a file called signature containing the signature of the document.
SYNTAX
sign.exe doc skey
Given a document doc, a signature signature (either generated by sign_cngkey.exe doc or sign.exe doc skey) and a public key pkey (either generated by key_gen.exe or key_gen_cngkey.exe), returns information about the validity of the signature.
SYNTAX
vrfy.exe doc signature pkey