|
This function uses the public key source to verify
the digital signature of the variables. To create the signature use xp_dsa_sign. The XP_CRYPT makes
DSA-SHA1 signature. For this operation keys that are longer then
512 bytes are required. If you use demo version of the XP_CRYPT,
you can not generate keys other then 256 bits length. Free version
contains 2 pre-generated keys dsa_publickey512.pem and
dsa_privatekey512.pem. You can use them for testing.
Syntax
xp_dsa_verify { variable1 [, variable2 , variable3
...] , public_key_src, signature, result OUTPUT}
Arguments
variable1 [, variable2 , variable3 ...]
One or more variables to sign. The order of the variables is
important. If you put the same variables in another order the
digital sign will be completely different.
public_key_src
VARCHAR. Source of the public key. It can be handle, filename or key
body.
signature
VARCHAR or VARBINARY. The signature previously created by xp_dsa_sign.
result
INT. Get the result of the sign verification. 0 means sign is not
correct, 1 - sign is correct, NULL - error happened
Permissions
Execute permissions default to the public role.
Return Code Values
0 - success, or Error code if failed.
Example
|
-- Shows new bulk encryption feature
declare @name as varchar (100)
declare @dateofbirth as datetime
declare @department int
declare @result int
declare @sign VARCHAR(8000)
select @name=name_field , @dateofbirth=dateofbirth_field ,
@department = department_field from employees
exec xp_dsa_sign @name, @dateofbirth , @department ,
'<private.pem' , @sign OUTPUT, 'MyPassword'
-- @sign contains the base64 encoded sign of 3 fields joined
together. If you modify any of those fields xp_dsa_verify
will fail
-- Let's check the signature
exec xp_dsa_verify @name, @dateofbirth , @department ,
'<publickey.pem', @sign , @result OUTPUT
if @result is not null and @result = 1
begin
-- Exactly this variables was signed by our private key!
...
else
-- Someone has altered our data ! Probably it is not valid !
...
end
|
|
