Components All New MacOS Windows Linux iOS
Examples Mac & Win Server Client Guides Statistic FMM Blog Deprecated Old

RSA.Sign

Signs data with RSA digital signature.

Component Version macOS Windows Linux Server iOS SDK
Sign 6.2 ✅ Yes ✅ Yes ✅ Yes ✅ Yes ✅ Yes
MBS( "RSA.Sign"; Algorithm; InputType; InputData; InputEncoding; KeyType; KeyData; KeyEncoding; PasswordType; PasswordData; PasswordEncoding; OutputType; OutputInfo )   More

Parameters

Parameter Description Example
Algorithm Which algorithm to use. Can be MD4, MD5, SHA, SHA1, MDC2, RIPEMD160, SHA224, SHA256, SHA384 or SHA512. "SHA512"
InputType The type of input data.
Can be Text, Container, Image, Path, PDF, Data, base64 or Hex.
"Text"
InputData The actual input data.
Text, container or file path.
"Hello World"
InputEncoding The text encoding for text input.
Parameter is ignored for other cases.
"UTF-8"
KeyType The type of input for private key.
Can be Text, Container, Image, Path, PDF, Data, base64 or Hex.
"Path"
KeyData The actual input data for the key.
Text, container or file path. Must not be longer than the maximum key length of the given algorithm. If key is too short, we pad it with zero bytes.
"/Users/cs/desktop/test.pem"
KeyEncoding The text encoding for text input for the key.
Parameter is ignored for other cases.
PasswordType The type of input for the password of the private key.
Can be Text, Container, Image, Path, PDF, Data, base64 or Hex.
"Text"
PasswordData The actual input data for the password of the private key.
Text, container or file path. Must not be longer than the maximum key length of the given algorithm. If key is too short, we pad it with zero bytes.
"Hello World"
PasswordEncoding The text encoding for text input.
Parameter is ignored for other cases.
"UTF-8"
OutputType The output type.
Can be Base64, Hex, Text, File, Path.
Added Base64URL as option for plugin version 10.3.
"Hex"
OutputInfo The addition info for output.
For text it is the text encoding, for file container the file name and for path the actual native file path.
""

Result

Returns signature or error.

Description

Signs data with RSA digital signature.
Returns signature data in the format specified in OutputType.

Internally we make a hash of the data with given algorithm, open the private RSA key and do a RSA sign operation. We return the signature.

Optional you can pass a password to read password protected keys.

You pass data as triplet of type, data and encoding. For the types use:
Text: Pass text and encoding.
Data or File: Pass a container to read its content as data.
PDF: Pass a container containing a PDF document.
Container: Pass a container, which will be serialized.
Image: Pass a container containing an image, e.g. JPEG, TIFF, PNG, GIF, etc.
GIF: Pass a container containing a GIF document.
JPEG: Pass a container containing a JPEG document.
PNG: Pass a container containing a PNG document.
TIFF: Pass a container containing a TIFF document.
Path: Pass a file name as data. The file is read and it's content is used.
Hex: Pass a hex encoded value as text.
Hash: Pass the hex encoded hash to use instead of hashing data.

Examples

Sign data with private key file:

MBS( "RSA.Sign"; "SHA512";
"Text"; "Hello World. This is test data to sign."; "UTF8";
"Path";
"/Users/cs/Desktop/Sign and Verify/test.pem";
"UTF8";
"text"; ""; "";
"hex"; "" )

How to create keys and test in command line on macOS:

Create private key:

openssl genrsa -out test.pem 4096

Create public key:

openssl rsa -in test.pem -pubout -out test.pub

Sign datafile.txt:

openssl dgst -sha1 -sign test.pem -out signature.sha1 Create\ Keys.rtf

Verify signature

openssl dgst -sha1 -verify test.pub -signature signature.sha1 Create\ Keys.rtf

To encrypt the private key, use a command like this:

openssl genrsa -des3 -out test.pem 2048

Sign call with private key included as text:

MBS( "RSA.Sign"; "SHA512";
"Text"; "Hello World. This is test data to sign."; "UTF8";
"Text";
"-----BEGIN RSA PRIVATE KEY-----" & ¶ &
"MIIJKQIBAAKCAgEAz71qzCQEpcV4BbBl1+D0IKmjOy+gzxY8CqPAkZTzQhHw8UE9" & ¶ &
"KrnAjWm8Ze+9TNMs0Ar3ttJzLwnY4+12I5L9H0HTsW4hrzZI8kv0GtS98KJxAJ+x" & ¶ &
"7k6Om5N6ZQj/wgkBbR1PC+89k+IkVwvwQ9nLq9pLocEabvfeesIdEYqrpPc3K35O" & ¶ &
"T1hcPY3B5ISUmLC51S9yGvJdnp8+7GWpthCL46SVtl0VUZkEQGDWNquvnECJD99L" & ¶ &
"9TdWz0WV1SOksjNNzEYCotKtco27AoL4wNoZklAi0RbrfxPHZ8G2E9ZdDWmUkIKZ" & ¶ &
"aE5YYAAIu57ZIBW7E2UqczkhHi+qXnZ/wlH3mBh5R8+rC6Vvuw+ufxZbcIG2O/Lj" & ¶ &
"L9UduSvFVw900JJeoIrmAWSchs4Ut/Gtl5L3fHB8rB1UnkFOVPyZ/O712a/GmQbB" & ¶ &
"sBYb/NLz0ATDF0yUW0cB/0+uyfhUiLHH3C47M7BJlAKLZuHr4Sj+iNFgv3+tYypN" & ¶ &
"nnEfEFnwWUzRWmHqEAdagE5c22EJZ4a4jRcTWORD2CVzDFPCI5GuIe7BlUgEChUE" & ¶ &
"Sr7fi6eN5q2YKmJ+ck+tH3JloJyVLt4/xb08JwYPRlKsnjZUAc/dWCsc5R9sGVMf" & ¶ &
"NYmMpn2nR8iejw6zfkUE564zU8xNTNK4Qb6R9dR3JfHQ4/162hjZOHr4kx8CAwEA" & ¶ &
"AQKCAgEAyD8ZJECP7k9j+2/nK+oeySFcRCAMDbKsG8FvTaXbutNaguPVF0tIrce/" & ¶ &
"oC8xNU3WQ5Be6e8AstX2KPdsSqxUrH2ilsTHWYKlXFIUsoxhrwSWkvhc5o747kSB" & ¶ &
"1cSP7LULl+eJm8J4hAWX7ASJDI5zwmtBPmHKni72WTSmGpOmEvVuS9GLoPZWq8rq" & ¶ &
"nOGj729jInmCrzDzR4TPfcYdim92uO+clNYzR52NOJVfyAFE3QRkWlVvfadjWZcE" & ¶ &
"8BhUmKXVl1PhFJyqLuMp4ijnqdZSkfQHK6/BP5SMQZq7bXHT7qrYV1hckev7Skae" & ¶ &
"JGThfQkVdIOvILRwFQ3zVu05B9JFK6xUhtAthnyqwVbLSYK/F0yPUzayV6fWhtDB" & ¶ &
"szBLUqEns/amvD1KztbbHkRWdETeT9DXwqpRUhyYCfs9GcdGZlDG/Js4hQkoaaF8" & ¶ &
"Wag3B95H3EdQ9OfKqoc2coM1GyM3pKaUxOC03n59Qaiwc9MLvqimOAMyQrIiLaqQ" & ¶ &
"nIv4eAMgHbJqKHPJ1AQSDLY4d56zYuHctPJv9dv0tk5dCgx4fBA9/0wQT0p1q/+f" & ¶ &
"FZkTSCyfNjLLGOzr/fdFnw4vMQNtDfYEu9S+qnnJehJuFLuVdTCKO2V3K2ugAZjK" & ¶ &
"01wkuw85Cuhxws9d1lRMeZlzyEZL6BB7a1QHvAFxaHCVc+aXcwkCggEBAPofx0Js" & ¶ &
"8yWrpr0hJZcs/vxpVuuAd54fuY9eKKkQh/Ymwp7BeGUiarLQKBhusVrdXoNx2vYi" & ¶ &
"d+8i0o2VQrltdpCdrbPTOF9icUwBpeO87SoFWCfuokA9xP8J8aCwSVVTtzFGoTcv" & ¶ &
"HgfzUXXQNqquuUeCcC6irEDWviSZd07UVUut4HLtA29U8Sn4u9Po1RQTDfZrw7iz" & ¶ &
"o3iqYs4fTa0YTp7lQgAQ+iHDPVKa/loKaeiZyXeo4l4YZfE0jCm3KKhYpQ2BPCZm" & ¶ &
"J5KywDEQd2ZRZnkeQZiGFNp/9cfmB7HwErBSHyVlRfgEI+YY+h13h2EfV9k+H9fu" & ¶ &
"JoO2qKhXkRBwK7UCggEBANSevovGNC0LRn0PFKvbNjUpjxccT/iX2AWylXSmYc5O" & ¶ &
"40xpci/k+muqub6BWf940Fa4tcJBcAFlytYMq4Fv1vIXn0fOqNqikJ8R24btFIKk" & ¶ &
"K98KCsxgaFFn9GPa5WvGZCUCx8jisUy3/H50hqnppvy8fb4REOl66FhuhhkvB7j4" & ¶ &
"K/Rv173cdlJrFoJ1NsTctvGfXiL/xJ4u9bY3VTZ6hZAB6x9UhHwi+naBkvyr6JY6" & ¶ &
"1XPEmfWcAfGBXHM9r0ECtI1e/QRciztA2/if1+pph50L+MXqA2kMHCGAYSXdjJUW" & ¶ &
"PHUncx8BE5Ss+HEgg0bhHpwi2JQ/IDPiv5iwrPax0AMCggEBAL4SLA+UT2lO+ZQ7" & ¶ &
"fh9VeCdDvWOU6lFk9lO2T9u5zjgF2Ftf1ie0cbSUbgOzCl9sXYgxmxzzsIQuyCYD" & ¶ &
"SQMz5aebywYd+naxjjsd/XwEc409JnKh6vY6elr8qXtcuz12Mn3lmFkhGwcbpcmL" & ¶ &
"gh9OS0nGG4203IUhKrkRThK/VFoANdHfvn555BHrDIDKLDHnEPMzjTXsfMsTX6YX" & ¶ &
"L6XcFNK2kOMQA6Rog08krSirRTQWuXyPAAZVMBKNxf1lTCYxxqtui9D6TBQ0dcxT" & ¶ &
"IQjFzsM3dM19BpfMKW/QpARZ1TncDgMS5IrGSqluTZLa5Cuv78gMZ5JlTStGQQA8" & ¶ &
"GuaM9wkCggEAG+4Sd8f8mKIvi0QM4hp0v30LF+0XMD+6F92CtoUYugIw55u+bT42" & ¶ &
"CyitJ7JUQTP8oje3YKI59WUKxR169hDb+odR3BvwoG/UcaDl5o6EMDkirjTigEB1" & ¶ &
"06PFPczGcGbqRtZbqi7lPX+5wl7KRc20quST3ADf6NvFY8B5Cxvbdtfa5kw+2ej4" & ¶ &
"/hClL1P4ctnPimP1+MECcgkXK+2O2w4zN1yZJ09x6+CoaCLTTS/D6OAnpAKCevoY" & ¶ &
"Y0IsA9Npjy+syhldQVJq08jMXJeaxGdCckXdUxpPgmAd3eTAXjoBOqBmJrmc7Mi2" & ¶ &
"asRiCnJL7GasH7SQIME+GLLDmmoy/mETQwKCAQBkbiATEB+4XFaQTdDlhD8TkN2k" & ¶ &
"cRvLdwHwMR/xDZhoDr35DBD+MHt/3eChSQoXkF13LFnaM24zwuJA5lP/4+yHsGIh" & ¶ &
"psV5EEYpzJFg3APiMAixU9PaqIm6UPyIvD8XzIi/lBc2fqpendKJ+BswaNMKM0gj" & ¶ &
"hfZOXFo/XcirEeJB0b8i9e2OwpZx9JbxMhKSql/D1hDGQ9S+dxMIu+ui55xLTR8Q" & ¶ &
"Rxk/wyQffVZvQVH556A1Ubtnl5MwmnQkXmRQnWk+HWPHUDF60Ghn5+RgZ3wjqBx8" & ¶ &
"ilmfH0p2YN6/QTpH1EdPVCoFcGDsxRmva9OYiUIPcNLt8Ro5g0akJh6IW5E1" & ¶ &
"-----END RSA PRIVATE KEY-----" & ¶;
"UTF8";
"text"; ""; "";
"hex"; "" )

Sign some text:

Set Field [Table::Signature; MBS( "RSA.Sign"; Table::Algorithm; "Text"; Table::Text to Sign; "UTF8"; "text"; Table::PrivateKey; "UTF8"; ""; ""; ""; "hex"; "" )]

Calculate JWT with RS256:

Let ( [
secret = "secretkey";
header = JWT RS256::Header;
payload = JWT RS256::Payload;
encodedString = MBS( "Text.EncodeToBase64URL"; header; "UTF-8" ) & "." & MBS( "Text.EncodeToBase64URL"; payload; "UTF-8" );

// calculate hash
hash = MBS( "RSA.Sign"; "SHA256";
"Text"; encodedString; "UTF-8";
"Text"; JWT RS256::Key; "UTF-8";
"text"; JWT RS256::Password; "UTF-8";
"base64url"; "");

// and built final result:
result = encodedString & "." & hash
]; result )

See also

Release notes

Example Databases

Blog Entries

This function checks for a license.

Created 12nd March 2016, last changed 17th July 2022


RSA.PublicEncrypt - RSA.Verify