|
This function uses the public key source to verify the
digital signature of the variables. To create the signature use xp_rsa_sign.
XP_CRYPT makes RSA-MD5 signature. For this operation the keys that are
longer than 512 bytes are required. If you use the demo version of
XP_CRYPT you cannot generate
keys longer than 256 bits. The free version contains 2 pregenerated keys:
publickey512.pem and privatekey512.pem. You can use them for testing.
Syntax
xp_rsa_verify { variable1 [, variable2 , variable3 ...] ,
public_key_src, signature, result OUTPUT}
Arguments
variable1 [, variable2 , variable3 ...]
One or more variables to sign. The order of the variables is important.
If you put the same variables in another order the digital sign will be
completely different.
public_key_src
VARCHAR. Source of the public key. It can be a handle, a filename or a key body.
signature
VARCHAR or VARBINARY. The signature previously created by xp_rsa_sign.
result
INT. Get the result of the sign verification. 0 means that the sign is not correct, 1
- sign is correct, NULL - error happened
Permissions
Execute permissions default to the public role.
Return Code Values
0 - success, or Error code if failed.
Example
|
-- Shows new bulk encryption feature
declare @name as varchar (100)
declare @dateofbirth as datetime
declare @department int
declare @result int
declare @sign VARCHAR(8000)
select @name=name_field , @dateofbirth=dateofbirth_field ,
@department = department_field from employees
exec xp_rsa_sign @name, @dateofbirth , @department , '<private.pem' ,
@sign OUTPUT, 'MyPassword'
-- @sign contains the base64 encoded sign of 3 fields joined together. If you modify any of those fields xp_rsa_verify will
fail
-- Let's check the signature
exec xp_rsa_verify @name, @dateofbirth , @department , '<publickey.pem',
@sign , @result OUTPUT
if @result is not null and @result = 1
begin
-- Exactly this variables was signed by our private key!
...
else
-- Someone has modificated our data ! Probably it is not valid !
...
end
|
|
