Home    XP_CRYPT Online Help Prev Next
How To use XP_CRYPT GUI
Introduction
What is XP_CRYPT
System requirements
Free version limitations
End user license agreement
Installing XP_CRYPT
Installation procedure
Activation
XP_CRYPT API
What's new
Encryption methods overview
Session
xp_crypt_set_var
xp_crypt_get_var
xp_crypt_close_session
xp_crypt_init_session
xp_crypt_set_option
Asymmetric keys
DSA
xp_dsa_free_key
xp_dsa_load_key
xp_dsa_save_key
xp_dsa_generate_couple
RSA
xp_rsa_generate_couple
xp_rsa_generate_pub_key
xp_rsa_load_key
xp_rsa_priv_dec
xp_rsa_pub_enc
xp_rsa_save_key
xp_rsa_free_key
Digital signatures
DSA
xp_dsa_verify
xp_dsa_sign
RSA
xp_rsa_sign
xp_rsa_verify
Hashing
xp_crypt
xp_md5
xp_sha1
Symmetric encryption
AES128
xp_aes128_decrypt
xp_aes128_encrypt
AES
xp_aes_decrypt
xp_aes_encrypt
DESX
xp_desx_decrypt
xp_desx_encrypt
RC4
xp_rc4_decrypt
xp_rc4_encrypt
Triple DES
xp_des3_encrypt
xp_des3_decrypt
Error codes
Tutorial
How to use GUI
Advanced technique (Old)
Table encryption (Old)
Troubleshooting
Troubleshooting overview

xp_rsa_sign

This function uses the private key handle to sign the data. To verify the signature use xp_rsa_verify. XP_CRYPT makes RSA-MD5 signature. For this operation the keys that are longer than 512 bytes are required. If you use the demo version of XP_CRYPT you cannot generate keys longer than 256 bits. The free version contains 2 pregenerated keys: publickey512.pem and privatekey512.pem. You can use them for testing. The password for the private key is xp_crypt.

Syntax

xp_rsa_sign  { variable1 [, variable2 , variable3 ...] , private_key_src, signature OUTPUT, [src_password]}

Arguments

variable1 [, variable2 , variable3 ...] 

One or more variables to sign. The order of the variables is important. If you put the same variables in another order the digital sign will be completely different.

private_key_src

VARCHAR. Source of the private key. It can be a handle, a filename or a key body.

signature

VARCHAR or VARBINARY. A unique signature value for this set of variables. The output length of this variable does not depend on the amount of data you sign, but only on the size of the key you use.

src_password

VARCHAR. Password for reading the key if its source is in the file of key string. If the pswd_cache option is set to yes and the given password is '?'  XP_CRYPT will try to load the key with the password stored in the session. See xp_crypt_set_option for more information about pswd_cache option.

Permissions

Execute permissions default to the public role.

Return Code Values

0 - success, or Error code if failed. Signature IS NOT NULL (success) or IS NULL (failure)

Example

-- String signung with key stored in .pem file. Key will be loaded and freed automatically
exec xp_rsa_sign  'Show must go on' , '<pubkey.pem' , @sign OUTPUT


-- Shows new bulk encryption feature 
declare @name as varchar (100)
declare @dateofbirth as datetime
declare @department int
declare @sign VARCHAR(8000)

select @name=name_field , @dateofbirth=dateofbirth_field , @department = department_field from employees 
exec xp_rsa_sign @name, @dateofbirth , @department  ,  '<privatekey.pem' , @sign output, 'MyPassword'
-- @sign  contains the base64 encoded sign of 3 fields joined together. If you modify any of those fields xp_rsa_verify will fail 
-- Let's check the signature 
exec xp_rsa_verify @name, @dateofbirth , @department , '<publickey.pem', @sign , @result OUTPUT
if @result is not null and @result = 1
begin
-- Exactly this variables was signed by our private key!
...
else
-- Someone has modificated our data ! Probably it is not valid !
...
end

 
2004-2011 (c) Active Crypt Software. All rights reserved.

Browser Based Help. Published by chm2web software.