Sign and verify a message digest. RSA supports both MD5 and SHA signatures
whereas DSA and EC keys only support SHA. ED25591 can sign any payload so you can
set hash to NULL to sign the raw input data.
Arguments
- data
raw data vector or file path for message to be signed. If
hash == NULLthendatamust be a hash string or raw vector.- hash
the digest function to use. Must be one of
md5(),sha1(),sha256(),sha512()orNULL.- key
private key or file path. See
read_key().- password
string or a function to read protected keys. See
read_key().- sig
raw vector or file path for the signature data.
- pubkey
public key or file path. See
read_pubkey().- r
bignum value for r parameter
- s
bignum value for s parameter
Details
The ecdsa_parse and ecdsa_write functions convert (EC)DSA signatures
between the conventional DER format and the raw (r,s) bignum pair. Most
users won't need this, it is mostly here to support the JWT format (which does not
use DER).
Examples
# Generate a keypair
key <- rsa_keygen()
pubkey <- key$pubkey
# Sign a file
data <- system.file("DESCRIPTION")
sig <- signature_create(data, sha256, key = key)
stopifnot(signature_verify(data, sig, sha256, pubkey = pubkey))
# Sign raw data
data <- serialize(iris, NULL)
sig <- signature_create(data, sha256, key = key)
stopifnot(signature_verify(data, sig, sha256, pubkey = pubkey))
# Sign a hash
md <- md5(data)
sig <- signature_create(md, hash = sha256, key = key)
stopifnot(signature_verify(md, sig, hash = sha256, pubkey = pubkey))
#
# ECDSA example
data <- serialize(iris, NULL)
key <- ec_keygen()
pubkey <- key$pubkey
sig <- signature_create(data, sha256, key = key)
stopifnot(signature_verify(data, sig, sha256, pubkey = pubkey))
# Convert signature to (r, s) parameters and then back
params <- ecdsa_parse(sig)
out <- ecdsa_write(params$r, params$s)
identical(sig, out)
#> [1] TRUE