3.6.2 RSA
- [det]rsa_sign(+Key, +Data, -Signature, +Options)
- Create an RSA signature for Data with private key Key. Options:
- type(+Type)
- SHA algorithm used to compute the digest. Values are
sha1,sha224,sha256,sha384orsha512. The default is a cryptographically secure algorithm. If you specify a variable, then it is unified with the algorithm that was used. - encoding(+Encoding)
- Encoding to use for Data. Default is
hex. Alternatives areoctet,utf8andtext.
This predicate can be used to compute a
sha256WithRSAEncryptionsignature as follows:sha256_with_rsa(PemKeyFile, Password, Data, Signature) :- Algorithm = sha256, read_key(PemKeyFile, Password, Key), crypto_data_hash(Data, Hash, [algorithm(Algorithm), encoding(octet)]), rsa_sign(Key, Hash, Signature, [type(Algorithm)]). read_key(File, Password, Key) :- setup_call_cleanup( open(File, read, In, [type(binary)]), load_private_key(In, Password, Key), close(In)).Note that a hash that is computed by crypto_data_hash/3 can be directly used in rsa_sign/4 as well as ecdsa_sign/4.
- [semidet]rsa_verify(+Key, +Data, +Signature, +Options)
- Verify an RSA signature for Data with public key Key.
Options:
- type(+Type)
- SHA algorithm used to compute the digest. Values are
sha1,sha224,sha256,sha384orsha512. The default is the same as for rsa_sign/4. This option must match the algorithm that was used for signing. When operating with different parties, the used algorithm must be communicated over an authenticated channel. - encoding(+Encoding)
- Encoding to use for Data. Default is
hex. Alternatives areoctet,utf8andtext.