UWP: Signing and Verifying

Recently I had the joy of busting open the cryptographic documentation to figure out how to sign a file, and verify that signature.
There are a lot of documentations for .NET Framework - but it's pretty damn sparse for working in UWP, and I assume .NET Core.

This is serving as my external brain on how to sign and verify for UWP.

We're just signing a file to be able to prove it came from ourselves. Some on-prem and cloud based communication verification.

The Signing Code

byte[] certificateBytes = File.ReadAllBytes(pathToCertificate));

X509Certificate2 x509Certificate = new X509Certificate2(certificateBytes, certificatePassword);

RSA rsaPrivateKey = x509Cert.GetRSAPrivateKey();

byte[] signatureData = rsaPrivateKey.SignData(byteArrayToSign, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);

Pretty straigt forward. It's just finding the order of doing things when it's not documented that becomes a PIA.

The Verify Code

IBuffer certBytes = await FileIO.ReadBufferAsync(await StorageFile.GetFileFromApplicationUriAsync(_certificateLocationUri));

X509Certificate2 publicKeyCert = new X509Certificate2(certBytes.ToArray());
AsymmetricKeyAlgorithmProvider asymmetricKeyAlgorithmProvider = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithmNames.RsaSignPkcs1Sha256);

CryptographicKey cryptoKey asymmetricKeyAlgorithmProvider.ImportPublicKey(publicKeyCert.PublicKey.EncodedKeyValue.RawData.AsBuffer(), CryptographicPublicKeyBlobType.Pkcs1RsaPublicKey);

bool verified = CryptographicEngine.VerifySignature(cryptoKey, byteArrayOfSigned, signatureData);

The byteArrayOfSigned is the same data as byteArrayToSign and the signatureData is the same data in signing and verifying.

Again - This is all really simple - unless you don't know how to do it. Then it's a giant pain.
I managed to figure it out by a few "shot in the dark" attempts.

That's all for this quick shot.

Quinn Gil

Quinn Gil

Seattle Code Crafter. Quinn beats the drum of FAST Agile, Extreme Programming and Object Oriented Design through MicroObjects. He blogs for fun and frustration of exploring new concepts.

Read More
UWP: Signing and Verifying
Share this