Luca

Luca

  • NA
  • 2
  • 0

Hash algorithm and X509 certificate

Sep 26 2007 1:12 PM

Hi,

I'm writing a module in C# to sign and verify digital signatures.

The method to verify has these parameters: the doc to verify, the signedHash and the X509 certificate of the signer; to verify, if I understod well, I've to decrypt the signedHash, calculate the hash of the doc and verify that the two hashes are the same... The problem is: how can I know the hash algorithm (I'm using RSA) used by the signer from some field of the X509 certificate? 

Or I'm wrong in something?
This is a piece of code:

public bool VerifyDigitalSignature(Stream document, byte[] signedHash)
        {
            PublicKey pk = this.cert.PublicKey;
            RSACryptoServiceProvider rsa = pk.Key as RSACryptoServiceProvider;
            RSAPKCS1SignatureDeformatter rsaDeformatter = new RSAPKCS1SignatureDeformatter(rsa);
            byte[] hash = WhatAlgorithmToCalculateHash(documet);
            return rsaDeformatter.VerifySignature(hash,signedHash);
        }

In WhatAlgorithmToCalculateHash is the problem.
I thinked to find substring like MD5, SHA1 in some field of the certificate, but how can I know the length of the hash...