I'm trying to use the DSACryproServiceProvider.
But im a bit confused, because I can't see the Difference between
a) dsa.VerifySignature()
b) dsa.VerifyData()
Additionaly I expect that dsa.CreateSignature() just creates the signature for the given data while dsa.SignData() returns the signed data. Is this correct?
Thanks for your replies.
The difference is that CreateSignature expects a hashed value. It doesn't perform hashing, and similarly, VerifySignature expects a hashed value to verify. This can be used if you want a custom hash, for example.
SignData and VerifyData perform hashing on the data buffer. The hash itself is SHA1, quoting:
DSA uses the SHA1 hash algorithm.
DSACryptoServiceProvider is a bit old though, and if you can, you should use RSACryptoServiceProvider, quoting from MSDN:
Newer asymmetric algorithms are available. Consider using the RSACryptoServiceProvider class instead of the DSACryptoServiceProvider class. Use DSACryptoServiceProvider only for compatibility with legacy applications and data.