GenerateDigitalSignature

GenerateDigitalSignature[expr,key]

generates a digital signature for expr using the specified private key.

GenerateDigitalSignature[key]

represents an operator form of GenerateDigitalSignature that can be applied to expressions.

Details and Options

  • A digital signature is used for verifying the authenticity of a message. It is dependent on both the data being signed and the private key.
  • GenerateDigitalSignature returns a DigitalSignature object.
  • A DigitalSignature object can be verified with VerifyDigitalSignature.
  • The key is a PrivateKey object generated with GenerateAsymmetricKeyPair[type]. Possible types of keys are "EllipticCurve", "EdwardsCurve" and "RSA".
  • GenerateDigitalSignature has the following option:
  • Method Automaticdetails of signature method
  • With the setting Methodassoc, the association assoc gives details of the signature method to use.
  • The type of signature is determined by the type of the key. If the type of the key cannot be determined, it must be specified by the "Type" element in the association. Possible types include "RSA", "EllipticCurve", "Schnorr" and "EdwardsCurve".
  • The "EllipticCurve" signature algorithm uses the FIPS 186-4 specification for the Elliptic Curve Digital Signature Algorithm (ECDSA).
  • The "EdwardsCurve" signature algorithm uses the RFC 8032 specification for the Edwards-Curve Digital Signature Algorithm (EdDSA).
  • For "RSA", the following elements may be included in the association:
  • "HashingMethod""SHA256"how to hash the original expression
    "HashName"Automatichash name to use in padding
    "Padding""PKCS1"padding scheme to use
  • Currently supported padding schemes are "PKCS1" and "X931".
  • "HashName" usually has the same value as "HashingMethod". If "HashingMethod" is set to None, then "HashName" must be provided.
  • For "RSA", not all hash functions are supported in "HashingMethod". Supported hashes include "MD4", "MD5", "RIPEMD160", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3-224", "SHA3-256", "SHA3-384" and "SHA3-512".
  • For "EllipticCurve" and "Schnorr", the following elements may be included in the association:
  • "CurveName""secp256k1"elliptic curve to use
    "HashingMethod""SHA256"how to hash the original expression
    "SignatureType"Automaticmode of digital signature generation
  • For "EdwardsCurve", the following elements may be included in the association:
  • "CurveName""ed25519"twisted Edwards curve to use
    "HashingMethod""SHA512"how to hash the original expression
    "SignatureType"Automaticmode of digital signature generation
  • Possible settings for "CurveName" are listed in $CryptographicEllipticCurveNames.
  • Cryptocurrencies using the curve "secp256k1" may also be used as settings for "CurveName". That includes "Bitcoin" and "Ethereum". Using a cryptocurrency will yield the appropriate additional parameters in the DigitalSignature object.
  • "HashingMethod"->None directly constructs a digital signature for expr and does not hash it. In this case, expr must be a byte array or hex string.
  • "HashingMethod"->"h" effectively hashes expr using Hash[expr,"h"].
  • Possible settings for "SignatureType" include:
  • "Deterministic"use expr as a source of pseudorandomness
    "NonDeterministic"use a system-specific source of randomness
    Automaticuse non-deterministic methods when possible; deterministic otherwise
  • For hashing methods "Adler32", "CRC32" and None, "SignatureType""Deterministic" uses "SHA256" to derive pseudo-randomness from the input.

Examples

open allclose all

Basic Examples  (5)

Generate an elliptic curvebased key pair:

Generate a digital signature using your private key. This message appears in block 0 of the Bitcoin blockchain:

Verify a digital signature using your public key:

Sign and verify a message using RSA key pair:

Sign a message using a hashing function of your choice:

Verify the signature:

This is equivalent to manually constructing a digest and using "HashingMethod" -> None:

Verify the signature:

Sign a message using RSA keys and a hashing function of your choice:

Sign a message with Edwards curve digital signature algorithm:

Scope  (4)

Message Types  (3)

Generate a digital signature of an existing message digest given as a string:

Use "HashingMethod"None since you have an already hashed digest:

When verifying the signature, the digest will not be hashed again:

You may also provide your already hashed digest as a ByteArray:

Use "HashingMethod"None since you have an already hashed digest:

When verifying the signature, the digest will not be hashed again:

Generate a digital signature of an arbitrary expression:

Verify the signature:

Operator Form  (1)

Generate an elliptic curvebased key pair:

Generate a digital signature using your private key:

Verify a digital signature using your public key:

Options  (8)

Method  (8)

Use a full Method option layout to generate a deterministic digital signature based on pseudo-randomness derived from your input:

Sign a message with a Schnorr digital signature algorithm using elliptic curvebased keys:

Generate an asymmetric key pair of type "RSA":

Generate a digital signature with the private key for the given string using the "SHA1" hashing method:

Check the digital signature:

Generate an asymmetric key pair of type "RSA":

Generate a digital signature with the private key for the given string using the "MD5" hashing method:

Check the digital signature:

Generate an asymmetric key pair of type "RSA":

Generate a digital signature with the private key for the given string using the "X931" padding method:

Check the digital signature:

Generate an asymmetric key pair of type "EllipticCurve":

Generate a digital signature with the private key for the given string using the "Keccak512" hashing method:

Check the digital signature:

Specify "Bitcoin" to get an additional parameter in the signature:

Generate a Bitcoin blockchain digital signature:

Retrieve a DER-encoded digital signature:

Specify "Ethereum" to get an additional parameter in the signature:

Generate an Ethereum blockchain digital signature:

Retrieve the recovery parameter of the signature:

Applications  (3)

Cryptocurrencies Networks  (2)

Generate a digital signature compatible with Bitcoin network requirements:

Generate a digital signature compatible with Ethereum network requirements:

Sign Files  (1)

Generate a pair of elliptic curve keys:

Import the contents of the file you wish to sign:

Create a signature for the imported bytes of the file:

Equivalently, this can be done using GenerateFileSignature on the file directly:

Both signatures are verifiable:

Possible Issues  (2)

When the type of the PrivateKey and the "Type" specified by the Method option of GenerateDigitalSignature do not match, a warning is issued and the type of the private key is used to compute the digital signature:

Here, GenerateDigitalSignature uses "RSA":

Digital Signature Algorithm (DSA) is not supported:

Wolfram Research (2019), GenerateDigitalSignature, Wolfram Language function, https://reference.wolfram.com/language/ref/GenerateDigitalSignature.html (updated 2020).

Text

Wolfram Research (2019), GenerateDigitalSignature, Wolfram Language function, https://reference.wolfram.com/language/ref/GenerateDigitalSignature.html (updated 2020).

CMS

Wolfram Language. 2019. "GenerateDigitalSignature." Wolfram Language & System Documentation Center. Wolfram Research. Last Modified 2020. https://reference.wolfram.com/language/ref/GenerateDigitalSignature.html.

APA

Wolfram Language. (2019). GenerateDigitalSignature. Wolfram Language & System Documentation Center. Retrieved from https://reference.wolfram.com/language/ref/GenerateDigitalSignature.html

BibTeX

@misc{reference.wolfram_2024_generatedigitalsignature, author="Wolfram Research", title="{GenerateDigitalSignature}", year="2020", howpublished="\url{https://reference.wolfram.com/language/ref/GenerateDigitalSignature.html}", note=[Accessed: 22-December-2024 ]}

BibLaTeX

@online{reference.wolfram_2024_generatedigitalsignature, organization={Wolfram Research}, title={GenerateDigitalSignature}, year={2020}, url={https://reference.wolfram.com/language/ref/GenerateDigitalSignature.html}, note=[Accessed: 22-December-2024 ]}