GenerateDigitalSignature

GenerateDigitalSignature[expr,key]

generates a digital signature for expr using the specified private key.

GenerateDigitalSignature[key]

represents an operator form of GenerateDigitalSignature that can be applied to expressions.

Details and Options

  • GenerateDigitalSignature returns a DigitalSignature object.
  • The key is a PrivateKey object generated with GenerateAsymmetricKeyPair[type]. Possible types of keys are "EllipticCurve" and "RSA".
  • GenerateDigitalSignature has the following option:
  • MethodAutomaticdetails of signature method
  • With the setting Methodassoc, the association assoc gives details of the signature method to use.
  • The type of signature is determined by the type of the key. If the type of the key cannot be determined, it must be specified by the "Type" element in the association. Possible types include "RSA" and "EllipticCurve".
  • For "RSA", the following elements may be included in the association:
  • "HashingMethod""SHA256"how to hash the original expression
    "HashName"Automatichash name to use in padding
    "Padding""PKCS1"padding scheme to use
  • Currently supported padding schemes are "PKCS1" and "X931".
  • "HashName" usually has the same value as "HashingMethod". If "HashingMethod" is set to None, then "HashName" must be provided.
  • For "EllipticCurve", the following elements may be included in the association:
  • "CurveName""secp256k1"elliptic curve to use
    "HashingMethod""SHA256"how to hash the original expression
    "SignatureType"Automaticmode of digital signature generation
  • "HashingMethod"->None directly constructs a digital signature for expr and does not hash it. In this case, expr must be a byte array or hex string.
  • "HashingMethod"->"h" effectively hashes expr using Hash[expr,"h"].
  • The only elliptic curve currently supported is "secp256k1". Cryptocurrencies using this curve can also be used as settings for "EllipticCurve". That includes "Bitcoin" and "Ethereum". Using a cryptocurrency will yield the appropriate additional parameters in the DigitalSignature object.
  • Possible settings for "SignatureType" include:
  • "Deterministic"use expr as a source of pseudorandomness
    "NonDeterministic"use a system-specific source of randomness
    Automaticuse non-deterministic methods when possible; deterministic otherwise
  • For hashing methods "Adler32", "CRC32" and None, "SignatureType""Deterministic" uses "SHA256" to derive pseudo-randomness from the input.

Examples

open allclose all

Basic Examples  (4)

Generate an elliptic curvebased key pair:�based key pair:

Generate a digital signature using your private key. This message appears in block 0 of the "Bitcoin" blockchain:

Verify a digital signature using your public key:

Sign and verify a message using RSA key pair:

Sign a message using a hashing function of your choice:

Verify the signature:

This is equivalent to manually constructing a digest and using "HashingMethod" -> None:

Verify the signature:

Sign a message using RSA keys and a hashing function of your choice:

Scope  (4)

Message Types  (3)

Generate a digital signature of an existing message digest given as a string:

Use "HashingMethod"None since you have an already hashed digest:

When verifying the signature, the digest will not be hashed again:

You may also provide your already hashed digest as a ByteArray:

Use "HashingMethod"None since you have an already hashed digest:

When verifying the signature, the digest will not be hashed again:

Generate a digital signature of an arbitrary expression:

Verify the signature:

Operator Form  (1)

Generate an elliptic curvebased key pair:

Generate a digital signature using your private key:

Verify a digital signature using your public key:

Options  (7)

Method  (7)

Use a full Method option layout to generate a deterministic digital signature based on pseudo-randomness derived from your input:

Generate an asymmetric key pair of type "RSA":

Generate a digital signature with the private key for the given string using the "SHA1" hashing method:

Check the digital signature:

Generate an asymmetric key pair of type "RSA":

Generate a digital signature with the private key for the given string using the "MD5" hashing method:

Check the digital signature:

Generate an asymmetric key pair of type "RSA":

Generate a digital signature with the private key for the given string using the "X931" padding method:

Check the digital signature:

Generate an asymmetric key pair of type "EllipticCurve":

Generate a digital signature with the private key for the given string using the "Keccak512" hashing method:

Check the digital signature:

Specify "Bitcoin" to get an additional parameter in the signature:

Generate a Bitcoin blockchain digital signature:

Retrieve a DER-encoded digital signature:

Specify "Ethereum" to get an additional parameter in the signature:

Generate an Ethereum blockchain digital signature:

Retrieve the recovery parameter of the signature:

Applications  (3)

Cryptocurrencies Networks  (2)

Generate a digital signature compatible with Bitcoin network requirements:

Generate a digital signature compatible with Ethereum network requirements:

Sign Files  (1)

Generate a pair of elliptic curve keys:

Import the contents of the file you wish to sign:

Create a signature for the imported bytes of the file:

Equivalently, this can be done using GenerateFileSignature on the file directly:

Both signatures are verifiable:

Possible Issues  (1)

Incompatible Private Keys  (1)

When the type of the PrivateKey and the "Type" specified by the Method option of GenerateDigitalSignature do not match, a warning is issued and the type of the private key is used to compute the digital signature:

Here, GenerateDigitalSignature uses "RSA":

Introduced in 2019
 (12.0)
 |
Updated in 2020
 (12.1)