For interoperability with the openssl dgst command, we can use the DidiSoft.OpenSsl.OpenSslDigest class. The provided methods can create hash digest, signatures with private keys and HMAC (hashed message authentication code.
Hash digest
Signing with a private key
Hash digest
Hash digest is just produced by applying a hash function over the input data.
Raw hash as byte array is produced with the OpenSslDigest.Hash method. If we need a hexadecimal representation of the hash like the one produced with openssl dgst -hex then the OpenSslDigest.HashAsHex method shall be used instead.
Hash of a string
C# example
DidiSoft.OpenSsl.OpenSslDigest dgst = new DidiSoft.OpenSsl.OpenSslDigest(); byte[] digest = dgst.Hash(HashAlgorithm.Sha1, "Hello World"); Console.WriteLine(OpenSslUtil.ToHexString(digest)); |
VB.NET example
Dim dgst As New DidiSoft.OpenSsl.OpenSslDigest() Dim digest As Byte() = dgst.Hash(HashAlgorithm.Sha1, "Hello World") Console.WriteLine(OpenSslUtil.ToHexString(digest)) |
Hash of a File
C# example
DidiSoft.OpenSsl.OpenSslDigest dgst = new DidiSoft.OpenSsl.OpenSslDigest(); byte[] digest = dgst.Hash(HashAlgorithm.Sha1, new FileInfo("myfile.dat")); Console.WriteLine(OpenSslUtil.ToHexString(digest)); |
VB.NET example
Dim dgst As New DidiSoft.OpenSsl.OpenSslDigest() Dim digest As Byte() = dgst.Hash(HashAlgorithm.Sha1, New FileInfo("myfile.dat")) Console.WriteLine(OpenSslUtil.ToHexString(digest)) |
Hash of a Stream
C# example
DidiSoft.OpenSsl.OpenSslDigest dgst = new DidiSoft.OpenSsl.OpenSslDigest(); using (Stream s = File.OpenRead("myfile.dat")) { byte[] digest = dgst.Hash(HashAlgorithm.Sha1, s); Console.WriteLine(OpenSslUtil.ToHexString(digest)); } |
VB.NET example
Dim dgst As New DidiSoft.OpenSsl.OpenSslDigest() Using s As Stream = File.OpenRead("myfile.dat") Dim digest As Byte() = dgst.Hash(HashAlgorithm.Sha1, New FileInfo("myfile.dat")) Console.WriteLine(OpenSslUtil.ToHexString(digest)) End Using |
Hash of a byte array
C# example
DidiSoft.OpenSsl.OpenSslDigest dgst = new DidiSoft.OpenSsl.OpenSslDigest(); byte[] data = new byte[] { 1, 2, 3, 4, 5 }; byte[] digest = dgst.Hash(HashAlgorithm.Sha1, data); Console.WriteLine(OpenSslUtil.ToHexString(digest)); |
VB.NET example
Dim dgst As New DidiSoft.OpenSsl.OpenSslDigest() Dim input As Byte() = New Byte() {1, 2, 3, 4, 5} Dim digest As Byte() = dgst.Hash(HashAlgorithm.Sha1, input) Console.WriteLine(OpenSslUtil.ToHexString(digest)) |
Signing with a private key and verifying with a public key
Signing with a private key performed with the OpenSslDigest.Sign methods are equivalent of openssl dgst -sign. An additional benefit provided by this method is that the format of the private key doesn’t have to be specified, as it is automatically determined by the library.
Verifying a signature with the OpenSslDigest.Verify methods are similar to openssl dgst -verify.
Sign/verify a string
The signature produced when signing a String message can be a hexadecimal string or base-64 encoded (using OpenSslDigest.SignString) or a byte array (OpenSslDigest.SignStringRaw). The example below illustrates both approaches:
C# example
using System; using DidiSoft.OpenSsl; public class SignVerifyString { public static void Demo() { string inputData = "Hello world"; OpenSslDigest dgst = new OpenSslDigest(); // Equivalent of openssl dgst -sha256 -sign Data\private_key.pem byte[] signature = dgst.SignStringRaw(inputData, @"Data\private_key.pem", HashAlgorithm.Sha256); bool base64Encode = true; // Equivalent of openssl dgst -sha256 -sign Data\private_key.pem -hex string signatureAsBase64 = dgst.SignString(inputData, @"Data\private_key.pem", HashAlgorithm.Sha256, base64Encode); bool signatureCheck = dgst.VerifyString(inputData, signature, @"Data\public.crt", HashAlgorithm.Sha256); } } |
VB.NET example
Imports System Imports DidiSoft.OpenSsl Public Class SignVerifyString Public Shared Sub Demo() Dim inputData As String = "Hello world" Dim dgst As New OpenSslDigest() // Equivalent of openssl dgst -sha256 -sign Data\private_key.pem Dim signature As Byte() = dgst.SignStringRaw(inputData, "Data\private_key.pem", HashAlgorithm.Sha256) ' Equivalent of openssl dgst -sha256 -sign Data\private_key.pem -hex Dim signatureInBase64 As String = dgst.SignString(inputData, "Data\private_key.pem", HashAlgorithm.Sha256, base64Encode:=True) Dim signatureCheck As Boolean = dgst.VerifyString(inputData, signature, "Data\public.crt", HashAlgorithm.Sha256) End Sub End Class |
Sign/verify a File
C# example
using System; using DidiSoft.OpenSsl; public class SignVerifyFile { public static void Demo() { OpenSslDigest dgst = new OpenSslDigest(); // Equivalent of openssl dgst -sha256 -sign Data\private_key.pem ... dgst.SignFile(@"Data\Input.txt", @"Data\private_key.pem", @"Data\signature.sig", HashAlgorithm.Sha256); bool signatureCheck = dgst.VerifyFile(@"Data\Input.txt", @"Data\signature.sig", @"Data\public.crt", HashAlgorithm.Sha256); } } |
VB.NET example
Imports System Imports DidiSoft.OpenSsl Public Class SignVerifyFile Public Shared Sub Demo() Dim dgst As New OpenSslDigest() ' Equivalent of openssl dgst -sha256 -sign Data\private_key.pem ... dgst.SignFile("Data\Input.txt", "Data\private_key.pem", "Data\signature.sig", HashAlgorithm.Sha256) Dim signatureCheck As Boolean = dgst.VerifyFile("Data\Input.txt", "Data\signature.sig", "Data\public.crt", HashAlgorithm.Sha256) End Sub End Class |
Sign/verify a Stream
C# example
using System; using System.IO; using DidiSoft.OpenSsl; public class SignVerifyStream { public static void Demo() { byte[] signature; OpenSslDigest dgst = new OpenSslDigest(); using (Stream inputStream = File.OpenRead(@"Data\Input.txt")) { signature = dgst.SignStream(inputStream, @"Data\private_key.pem", HashAlgorithm.Sha256); } // since the content and verification certificate are inside we don't need other parameters using (Stream inputStream = File.OpenRead(@"Data\Input.txt")) { bool verifiedSignature = dgst.VerifyStream(inputStream, signature, @"Data\public.crt"); } } } |
VB.NET example
Imports System Imports System.IO Imports DidiSoft.OpenSsl Public Class SignVerifyStream Public Shared Sub Demo() Dim signature As Byte() Dim dgst As New OpenSslDigest() Using inputStream As Stream = File.OpenRead("Data\Input.txt") signature = dgst.SignStream(inputStream, "Data\private_key.pem", HashAlgorithm.Sha256) End Using ' since the content and verification certificate are inside we don't need other parameters Using inputStream As Stream = File.OpenRead("Data\Input.txt") Dim verifiedSignature As Boolean = dgst.VerifyStream(inputStream, signature, "Data\public.crt") End Using End Sub End Class |
Sign/verify a byte array
C# example
using System; using DidiSoft.OpenSsl; public class SignVerifyByteArray { public void Demo() { OpenSslDigest dgst = new OpenSslDigest(); byte[] data = new byte[] { 1, 2, 3 }; byte[] signature = dgst.SignBytes(data, @"Data\private_key.pem", HashAlgorithm.Sha256); bool signatureCheck = dgst.VerifyBytes(data, signature, @"Data\public.crt"); } } |
VB.NET example
Imports System Imports DidiSoft.OpenSsl Public Class SignVerifyByteArray Public Sub Demo() Dim dgst As New OpenSslDigest() Dim data As Byte() = New Byte() {1, 2, 3} Dim signature As Byte() = dgst.SignBytes(data, "Data\private_key.pem", HashAlgorithm.Sha256) Dim signatureCheck As Boolean = dgst.VerifyBytes(data, signature, "Data\public.crt") End Sub End Class |
Summary
This tutorial chapter discussed how to create hash digest in similar to OpenSSL dgst command. When creating digest based signatures, the signature algorithm is selected depending on the asymmetric algorithm of the private key.
