Thursday, March 21, 2024

Create an ECDSA signature with C# that can be verified using OpenSSL

 .net framework includes a handy library that can be used for generating digital signatures. However, the default output format is not DER and it cannot be verified using OpenSSL. There are many solutions in the Internet but they are super complex. The real solution is really simple, literaly half line of additional code. So here is some C# code that outputs DER encoded ECDSA signature that can be verified using OpenSSL:



  //assume data is a byte array that includes the data to be signed
  var ecdsa = ECDsa.Create(); // generates asymmetric key pair
  byte[] signature = ecdsa.SignData(data, HashAlgorithmName.SHA256, 
				DSASignatureFormat.Rfc3279DerSequence);

The last parameted of SignData does all the job :) You can find the official documentation of this method overload here