% Generated by roxygen2: do not edit by hand
% Please edit documentation in R/signing.R
\name{signature_create}
\alias{signature_create}
\alias{signatures}
\alias{signature_verify}
\alias{ecdsa_parse}
\alias{ecdsa_write}
\title{Signatures}
\usage{
signature_create(data, hash = sha1, key = my_key(), password = askpass)

signature_verify(data, sig, hash = sha1, pubkey = my_pubkey())

ecdsa_parse(sig)

ecdsa_write(r, s)
}
\arguments{
\item{data}{raw data vector or file path for message to be signed.
If \code{hash == NULL} then \code{data} must be a hash string or raw vector.}

\item{hash}{the digest function to use. Must be one of \code{\link[=md5]{md5()}},
\code{\link[=sha1]{sha1()}}, \code{\link[=sha256]{sha256()}}, \code{\link[=sha512]{sha512()}} or \code{NULL}.}

\item{key}{private key or file path. See \code{\link[=read_key]{read_key()}}.}

\item{password}{string or a function to read protected keys. See \code{\link[=read_key]{read_key()}}.}

\item{sig}{raw vector or file path for the signature data.}

\item{pubkey}{public key or file path. See \code{\link[=read_pubkey]{read_pubkey()}}.}

\item{r}{bignum value for r parameter}

\item{s}{bignum value for s parameter}
}
\description{
Sign and verify a message digest. RSA supports both MD5 and SHA signatures
whereas DSA and EC keys only support SHA. ED25591 can sign any payload so you can
set \code{hash} to \code{NULL} to sign the raw input data.
}
\details{
The \code{ecdsa_parse} and \code{ecdsa_write} functions convert (EC)DSA signatures
between the conventional DER format and the raw \verb{(r,s)} bignum pair. Most
users won't need this, it is mostly here to support the JWT format (which does not
use DER).
}
\examples{
# Generate a keypair
key <- rsa_keygen()
pubkey <- key$pubkey

# Sign a file
data <- system.file("DESCRIPTION")
sig <- signature_create(data, key = key)
stopifnot(signature_verify(data, sig, pubkey = pubkey))

# Sign raw data
data <- serialize(iris, NULL)
sig <- signature_create(data, sha256, key = key)
stopifnot(signature_verify(data, sig, sha256, pubkey = pubkey))

# Sign a hash
md <- md5(data)
sig <- signature_create(md, hash = NULL, key = key)
stopifnot(signature_verify(md, sig, hash = NULL, pubkey = pubkey))
#
# ECDSA example
data <- serialize(iris, NULL)
key <- ec_keygen()
pubkey <- key$pubkey
sig <- signature_create(data, sha256, key = key)
stopifnot(signature_verify(data, sig, sha256, pubkey = pubkey))

# Convert signature to (r, s) parameters and then back
params <- ecdsa_parse(sig)
out <- ecdsa_write(params$r, params$s)
identical(sig, out)
}