Closed SCLDGit closed 1 year ago
For anyone struggling with this in the future, the solution was to manually specify the DSASignatureFormat in the VerifyHash method, like so:
ecdsa.VerifyHash(hash, signature, DSASignatureFormat.Rfc3279DerSequence);
Cheers!
Hello,
Please tell me if I'm completely misunderstanding this functionality, but I'm having a hell of a time figuring out how to sign the hash of some arbitrary data and then later validate that hash using a distributed public key. Our goal is to use the PIV module's signing capability to sign the SHA256 hash of a file, and then distribute that file to customers at which point they will use one of our applications to import that file, which will have its signature validated against the one generated on our end using an embedded public key.
I've figured out how to sign the hash using code like the following:
My signature is generated as expected, but I can't for the life of me figure out how I can then retrieve the public key of the cert in the signing slot and use it to validate that signature. Am I missing something obvious?
I've tried various permutations of the following without much luck, VerifyHash and VerifyData always fail: