1

Since RSACryptoServiceProvider.SignHash signs an already hashed message - why does it need to know which hash algorithm was used?

ispiro
  • 26,556
  • 38
  • 136
  • 291

1 Answers1

2

It seems that in order to make the signature more useful to the recipient, the OID of the hashing algorithm that was used is included in the signature (per PKCS1). That way, it does not have to be communicated separately.

Community
  • 1
  • 1
Thilo
  • 257,207
  • 101
  • 511
  • 656
  • Thanks. I wonder why I didn't find that answer. (Although, from a comment there it seems that it does matter for the correct padding to be applied. For security, I suppose.) – ispiro May 05 '13 at 13:05
  • That padding comment is a bit puzzling. Let us know if you find out more about that. – Thilo May 05 '13 at 13:06