GenerateFileSignature
GenerateFileSignature["file",key]
generates a digital signature of file using the specified private key.
GenerateFileSignature[{"file",range},key]
generates a digital signature of the specified range of bytes in the file.
GenerateFileSignature[{{"file1",range1},{"file2",range2},…},key]
generates digital signatures for each specified filei and rangei.
represents an operator form of GenerateFileSignature that can be applied to files.
Details and Options
- GenerateFileSignature returns a DigitalSignature object.
- Values produced by GenerateFileSignature are based on the raw bytes in a file.
- The type of signature is determined by the type of the key.
- The key is a PrivateKey object. Possible types of keys are "EllipticCurve" and "RSA".
- GenerateFileSignature supports the following range specifications:
-
n first n bytes -n last n bytes {m,n} bytes m through n 0 no bytes All all bytes - Range specification All is equivalent to {1,-1}.
- GenerateFileSignature[File["file"],…] and GenerateFileSignature[CloudObject[…],…] are also supported.
- GenerateFileSignature has the following option:
-
Method Automatic details of signature method - With the setting Methodassoc, the association assoc gives details of the signature method to use.
- For "RSA", the following elements may be included in the association:
-
"HashingMethod" "SHA256" how to hash the contents of the file "Padding" "PKCS1" padding scheme to use - Currently supported padding schemes are "PKCS1" and "X931".
- For "RSA", supported values of "HashingMethod" are the same as in GenerateDigitalSignature.
- For "EllipticCurve" and "Schnorr", the following elements may be included in the association:
-
"CurveName" "secp256k1" elliptic curve to use "HashingMethod" "SHA256" how to hash the contents of the file "SignatureType" Automatic mode of digital signature generation - Possible settings for "CurveName" are listed in $CryptographicEllipticCurveNames.
- The only elliptic curve currently supported is "secp256k1".
- "HashingMethod""h" effectively hashes the bytes in the file using Hash[...,"h"].
- Possible settings for "SignatureType" include:
-
"Deterministic" use expr as a source of pseudorandomness "NonDeterministic" use a system-specific source of randomness Automatic use non-deterministic methods when possible, and deterministic otherwise - For hashing methods "Adler32" and "CRC32", "SignatureType""Deterministic" uses "SHA256" to derive pseudorandomness from the input.
- See GenerateDigitalSignature for full general information.
Examples
open all close allBasic Examples (2)
Choose a file to generate a digital signature for:
file = FindFile["ExampleData/document.nb"];Generate an elliptic curve–based key pair:
keys = GenerateAsymmetricKeyPair["EllipticCurve"]Generate a digital signature using your private key:
signature = GenerateFileSignature[file, keys["PrivateKey"]]Verify a digital signature using your public key:
VerifyFileSignature[{file, signature}, keys["PublicKey"]]Sign and verify the signature for a file using an RSA key pair:
keys = GenerateAsymmetricKeyPair["RSA"];file = FindFile["ExampleData/document.nb"];signature = GenerateFileSignature[file, keys["PrivateKey"]]VerifyFileSignature[{file, signature}, keys["PublicKey"]]Scope (5)
File Types (2)
Digitally sign a CloudObject:
object = CloudPut[123, "test"];keys = GenerateAsymmetricKeyPair["RSA"];signature = GenerateFileSignature[object, keys["PrivateKey"]]VerifyFileSignature[{object, signature}, keys["PublicKey"]]Create a signature of the file specified by a File object:
file = File[FindFile["ExampleData/spikey2.png"]];keys = GenerateAsymmetricKeyPair["EllipticCurve"];signature = GenerateFileSignature[file, keys["PrivateKey"]]VerifyFileSignature[{file, signature}, keys["PublicKey"]]Byte Ranges (1)
Sign different parts of the file separately:
keys = GenerateAsymmetricKeyPair["EllipticCurve"];file = FindFile["ExampleData/spikey2.png"];Compute a signature for the first 100 bytes of a file:
sig1 = GenerateFileSignature[{file, 100}, keys["PrivateKey"]]Compute a signature for the last 100 bytes:
sig2 = GenerateFileSignature[{file, -100}, keys["PrivateKey"]]Compute a signature for bytes 100 through 200:
sig3 = GenerateFileSignature[{file, {100, 200}}, keys["PrivateKey"]]Compute a signature for all bytes except for the first 100:
sig4 = GenerateFileSignature[{file, {101, Infinity}}, keys["PrivateKey"]]VerifyFileSignature[keys["PublicKey"]][{
{file, 100, sig1},
{file, -100, sig2},
{file, {100, 200}, sig3},
{file, {101, Infinity}, sig4}}]Operator Form (1)
Generate an elliptic curve–based key pair:
keys = GenerateAsymmetricKeyPair["EllipticCurve"];Apply the operator form of GenerateDigitalSignature to a file:
file = FindFile["ExampleData/glasses.png"];signature = GenerateFileSignature[keys["PrivateKey"]][file]Verify a digital signature using your public key:
VerifyFileSignature[keys["PublicKey"]][{file, signature}]Multiple Files (1)
Sign several files with the same set of keys:
keys = GenerateAsymmetricKeyPair["EllipticCurve"];files = {FindFile["ExampleData/ocelot.jpg"], FindFile["ExampleData/glasses.png"]};signatures = GenerateFileSignature[keys["PrivateKey"]][files]VerifyFileSignature[keys["PublicKey"]][Transpose[{files, signatures}]]Options (1)
Method (1)
Use a full Method option layout to generate a deterministic digital signature based on pseudorandomness derived from your input using the SHA512 hashing function:
keys = GenerateAsymmetricKeyPair["EllipticCurve"];file = File[FindFile["ExampleData/spikey2.png"]];GenerateFileSignature[file, keys["PrivateKey"], Method -> <|"HashingMethod" -> "SHA512", "SignatureType" -> "Deterministic"|>]Generate a signature using double SHA256 hashing:
GenerateFileSignature[file, keys["PrivateKey"], Method -> <|"HashingMethod" -> "SHA256SHA256"|>]Properties & Relations (1)
Uploading a file to the Wolfram Cloud keeps the contents of the file intact. When verifying the digital signatures of the original file and the cloud copy, they are both valid:
keys = GenerateAsymmetricKeyPair["EllipticCurve"];file = FindFile["ExampleData/document.nb"];
cloud = CopyFile[file, CloudObject["document-copy.nb"]];Create the signature for the local file:
signature1 = GenerateFileSignature[file, keys["PrivateKey"]]Create the signature for the file in the cloud:
signature2 = GenerateFileSignature[cloud, keys["PrivateKey"]]All possible combinations of files and signatures are valid:
VerifyFileSignature[keys["PublicKey"]][Tuples[{{file, cloud}, {signature1, signature2}}]]Possible Issues (1)
If the selected ranges of bytes are identical for two files, then the file signatures will be the same:
keys = GenerateAsymmetricKeyPair["RSA"];Find the first file and digitally sign the first 150 bytes of it:
file1 = FindFile["ExampleData/ocelot.jpg"];signature1 = GenerateFileSignature[{file1, 150}, keys["PrivateKey"]]Find and sign the first 150 bytes of the second file:
file2 = FindFile["ExampleData/turtle.jpg"];signature2 = GenerateFileSignature[{file2, 150}, keys["PrivateKey"]]The signatures produced are verifiable for either file:
VerifyFileSignature[{file1, 150, signature2}, keys["PublicKey"]]VerifyFileSignature[{file2, 150, signature1}, keys["PublicKey"]]For RSA the signatures are also the same:
SameQ[signature1, signature2]Text
Wolfram Research (2020), GenerateFileSignature, Wolfram Language function, https://reference.wolfram.com/language/ref/GenerateFileSignature.html (updated 2020).
CMS
Wolfram Language. 2020. "GenerateFileSignature." Wolfram Language & System Documentation Center. Wolfram Research. Last Modified 2020. https://reference.wolfram.com/language/ref/GenerateFileSignature.html.
APA
Wolfram Language. (2020). GenerateFileSignature. Wolfram Language & System Documentation Center. Retrieved from https://reference.wolfram.com/language/ref/GenerateFileSignature.html