Difference between SignData() and CreateSignature() in .NET Cryptography

Question

Basically, what is the difference between the two:

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.SignData(..)

and

RSAPKCS1SignatureFormatter RSAFormatter = new RSAPKCS1SignatureFormatter(rsa);
RSAFormatter.CreateSignature(...)

Both at the end of the day sign the message, difference being that SignData computes the hash value and then signs, whereas CreateSignature already requires hashed message, is this correct?

Answer 1

The output of both should be identical.

The first one, RSACryptoServiceProvider, provides a high level API. The actual software implementation is hidden. This way the API can also be used with special hardware such as a smart card; the provider is just a front end for an actual implementation. It may not take a pre-calculated hash-value because the hardware may not offer that kind of functionality. Finally, the API could also be used for signatures that use PSS padding - if an implementation of PSS is available.

The second one, RSAPKCS1SignatureFormatter provides only part of the functionality. For instance, it doesn't offer the hashing part of the calculation and it doesn't perform signature verification. Very likely it is used for the implementation of RSACryptoServiceProvider in managed code. It's part of a lower level API that directly implements cryptographic primitives.

... difference being that SignData computes the hash value and then signs, whereas CreateSignature already requires hashed message, is this correct?

Yes, even though the description of rgbHash reads "data to be signed", this is just another fuckup by the .NET documentation. The example code makes it clear that the bytes of the hash are indeed required, rather than the message itself. The signature generation includes hashing the data, so describing it as "data to be signed" is plain wrong.