Home

XP_CRYPT Online Help

Prev Next

How To use XP_CRYPT GUI Introduction What is XP_CRYPT System requirements Free version limitations End user license agreement Installing XP_CRYPT Installation procedure Activation XP_CRYPT API What's new Encryption methods overview Session xp_crypt_set_var xp_crypt_get_var xp_crypt_close_session xp_crypt_init_session xp_crypt_set_option Asymmetric keys DSA xp_dsa_free_key xp_dsa_load_key xp_dsa_save_key xp_dsa_generate_couple RSA xp_rsa_generate_couple xp_rsa_generate_pub_key xp_rsa_load_key xp_rsa_priv_dec xp_rsa_pub_enc xp_rsa_save_key xp_rsa_free_key Digital signatures DSA xp_dsa_verify xp_dsa_sign RSA xp_rsa_sign xp_rsa_verify Hashing xp_crypt xp_md5 xp_sha1 Symmetric encryption AES128 xp_aes128_decrypt xp_aes128_encrypt AES xp_aes_decrypt xp_aes_encrypt DESX xp_desx_decrypt xp_desx_encrypt RC4 xp_rc4_decrypt xp_rc4_encrypt Triple DES xp_des3_encrypt xp_des3_decrypt Error codes Tutorial How to use GUI Advanced technique (Old) Table encryption (Old) Troubleshooting Troubleshooting overview

xp_rsa_sign This function uses the private key handle to sign the data. To verify the signature use xp_rsa_verify. XP_CRYPT makes RSA-MD5 signature. For this operation the keys that are longer than 512 bytes are required. If you use the demo version of XP_CRYPT you cannot generate keys longer than 256 bits. The free version contains 2 pregenerated keys: publickey512.pem and privatekey512.pem. You can use them for testing. The password for the private key is xp_crypt. Syntax xp_rsa_sign  { variable1 [, variable2 , variable3 ...] , private_key_src, signature OUTPUT, [src_password]} Arguments variable1 [, variable2 , variable3 ...]  One or more variables to sign. The order of the variables is important. If you put the same variables in another order the digital sign will be completely different. private_key_src VARCHAR. Source of the private key. It can be a handle, a filename or a key body. signature VARCHAR or VARBINARY. A unique signature value for this set of variables. The output length of this variable does not depend on the amount of data you sign, but only on the size of the key you use. src_password VARCHAR. Password for reading the key if its source is in the file of key string. If the pswd_cache option is set to yes and the given password is '?'  XP_CRYPT will try to load the key with the password stored in the session. See xp_crypt_set_option for more information about pswd_cache option. Permissions Execute permissions default to the public role. Return Code Values 0 - success, or Error code if failed. Signature IS NOT NULL (success) or IS NULL (failure) Example -- String signung with key stored in .pem file. Key will be loaded and freed automatically exec xp_rsa_sign  'Show must go on' , '<pubkey.pem' , @sign OUTPUT -- Shows new bulk encryption feature  declare @name as varchar (100) declare @dateofbirth as datetime declare @department int declare @sign VARCHAR(8000) select @name=name_field , @dateofbirth=dateofbirth_field , @department = department_field from employees  exec xp_rsa_sign @name, @dateofbirth , @department  ,  '<privatekey.pem' , @sign output, 'MyPassword' -- @sign  contains the base64 encoded sign of 3 fields joined together. If you modify any of those fields xp_rsa_verify will fail  -- Let's check the signature  exec xp_rsa_verify @name, @dateofbirth , @department , '<publickey.pem', @sign , @result OUTPUT if @result is not null and @result = 1 begin -- Exactly this variables was signed by our private key! ... else -- Someone has modificated our data ! Probably it is not valid ! ... end