(Engine-Level Function)
| Description: | Checks a digital signature with a key given a handle returned from Hash(). |
| Returns: | Boolean |
Usage:  |
Script Only. |
| Function Groups: | Cryptography |
| Related to: | GenerateSignature |
| Format: |
CheckSignature(HashHandle, Signature, Key) |
| Parameters: |
| HashHandle |
|
Required. Handle returned from a call to Hash() |
| Signature |
| Required text. The signature to be checked. |
| Key |
| Required handle to the public key, with which to check the signature. Previously obtained from any of GenerateKey(), ImportKey(), DeriveKey(). This must be an asymmetric public key |
| PaddingType |
|
Optional integer. Can be one of the following values: Value~Meaning 0~No padding is to added to the plaintext data before signing. 1~Padding is added to the data before signing in accordance with the RSASSA-PKCS1-v1_5 scheme. 2~Padding is added to the data before signing in accordance with the RSASSA-PSS scheme. |
|
PadHashAlgorithm |
| Optional text value. The algorithm to be used for padding the data. The hash is then signed. |
| SaltLength |
| Optional integer. Only required for RSASSA-PSS padding. This is the length of the salt used by that scheme. |
| Comments | none. |
Example:
<
{============================ CheckSignatureSample ===========================}
{ Sample code using CheckSignature(). }
{=============================================================================}
CheckSignatureSample
(
Message { Message to check };
Signature { Signature for message };
KeyBlob { Public key to check with };
)
[
Protected Constant PROV_RSA_AES = 24 { Enhanced RSA/AES provider };
Protected Constant KEY_SIZE = 2048 { 2048 bit keys };
Protected Constant PUBLICKEYBLOB = 6 { PUBLICKEYBLOB };
Protected Constant CRYPT_VERIFYCONTEXT = 0xF0000000 { CRYPT_VERIFYCONTEXT };
Protected CSP { Cryptographic context };
Protected HashObj { Intermediate handle returned from Hash() };
Protected Key { Handle to signing key pair };
Protected SignatureOK { True if the signature is correct };
]
Sign [
If 1;
[
{ Get cryptographic context }
CSP = GetCryptoProvider(PROV_RSA_AES, Invalid, Invalid, CRYPT_VERIFYCONTEXT);
{ Import the public key }
Key = ImportKey(CSP, PUBLICKEYBLOB, KeyBlob);
{ Compute a SHA-256 hash of the message }
Hash(Message, 2 {SHA-256}, Invalid, HashObj, CSP);
{ Check signature }
SignatureOK = CheckSignature(HashObj, Signature, Key);
Return(SignatureOK);
]
]
{ End of CheckSignatureSample }
>
