GenerateFileSignature

GenerateFileSignature["file",key]

generates a digital signature of file using the specified private key.

GenerateFileSignature[{"file",range},key]

generates a digital signature of the specified range of bytes in the file.

GenerateFileSignature[{{"file1",range1},{"file2",range2},},key]

generates digital signatures for each specified filei and rangei.

GenerateFileSignature[key]

represents an operator form of GenerateFileSignature that can be applied to files.

Details and Options

  • GenerateFileSignature returns a DigitalSignature object.
  • Values produced by GenerateFileSignature are based on the raw bytes in a file.
  • The type of signature is determined by the type of the key.
  • The key is a PrivateKey object. Possible types of keys are "EllipticCurve" and "RSA".
  • GenerateFileSignature supports the following range specifications:
  • nfirst n bytes
    -nlast n bytes
    {m,n}bytes m through n
    0no bytes
    Allall bytes
  • Range specification All is equivalent to {1,-1}.
  • GenerateFileSignature[File["file"],] and GenerateFileSignature[CloudObject[],] are also supported.
  • GenerateFileSignature has the following option:
  • MethodAutomaticdetails of signature method
  • With the setting Methodassoc, the association assoc gives details of the signature method to use.
  • For "RSA", the following elements may be included in the association:
  • "HashingMethod""SHA256"how to hash the contents of the file
    "Padding""PKCS1"padding scheme to use
  • Currently supported padding schemes are "PKCS1" and "X931".
  • For "EllipticCurve", the following elements may be included in the association:
  • "CurveName""secp256k1"elliptic curve to use
    "HashingMethod""SHA256"how to hash the contents of the file
    "SignatureType"Automaticmode of digital signature generation
  • The only elliptic curve currently supported is "secp256k1".
  • "HashingMethod""h" effectively hashes the bytes in the file using Hash[...,"h"].
  • Possible settings for "SignatureType" include:
  • "Deterministic"use expr as a source of pseudorandomness
    "NonDeterministic"use a system-specific source of randomness
    Automaticuse non-deterministic methods when possible, and deterministic otherwise
  • For hashing methods "Adler32" and "CRC32", "SignatureType""Deterministic" uses "SHA256" to derive pseudorandomness from the input.

Examples

open allclose all

Basic Examples  (2)

Choose a file to generate a digital signature for:

Generate an elliptic curvebased key pair:

Generate a digital signature using your private key:

Verify a digital signature using your public key:

Sign and verify the signature for a file using an RSA key pair:

Scope  (5)

File Types  (2)

Digitally sign a CloudObject:

Create a signature of the file specified by a File object:

Byte Ranges  (1)

Sign different parts of the file separately:

Compute a signature for the first 100 bytes of a file:

Compute a signature for the last 100 bytes:

Compute a signature for bytes 100 through 200:

Compute a signature for all bytes except for the first 100:

Verify them all at once:

Operator Form  (1)

Generate an elliptic curvebased key pair:

Apply the operator form of GenerateDigitalSignature to a file:

Verify a digital signature using your public key:

Multiple Files  (1)

Sign several files with the same set of keys:

Verify their signatures:

Options  (1)

Method  (1)

Use a full Method option layout to generate a deterministic digital signature based on pseudorandomness derived from your input using the SHA512 hashing function:

Generate a signature using double SHA256 hashing:

Properties & Relations  (1)

Uploading a file to the Wolfram Cloud keeps the contents of the file intact. When verifying the digital signatures of the original file and the cloud copy, they are both valid:

Copy a file to the cloud:

Create the signature for the local file:

Create the signature for the file in the cloud:

All possible combinations of files and signatures are valid:

Introduced in 2020
 (12.1)