Home Search

DriveWorks Pro 22
SppRSAVerifyData

Send Feedback

SppRSAVerifyData

Verifies whether an RSA digital signature is valid.

The function returns True if the signature is valid otherwise, it returns False.

If the signature, public key, or hashing algorithm is not valid then an error string is returned.

Syntax

SppRSAVerifyData(Text, Signature, Public Key, Hashing Algorithm)

Where:

Text is a string to verify the signature against.

Signature is the signature to verify as a Base64 formatted string.

Public Key is a string PEM key that contains Base64 formatted data.

Hashing Algorithm is the hash algorithm used when hashing the text to create the signature. The supported values are 'MD5', 'SHA1', 'SHA256', 'SHA384', 'SHA512' but the values are case insensitive so your hashing algorithm value may be lower case.

In RSA-based data verification, the Text and Signature play distinct roles:

  1. Text (or Message)
    • The text refers to the original message or data that is being verified. It comes from the sender (for example an e-Transaction provider) who wishes to authenticate the message.
    • The message can be plain text, a document, or any form of data.
    • Usually, the hash of the text is taken before creating the signature, as it reduces the size of the data being processed and ensures consistency.
  2. Signature
    • The Signature is a cryptographic value that is generated by the sender (for example an e-Transaction provider) using their private key.
    • The signature is essentially a scrambled version of the hash that can only be verified using the sender's public key.

Signing Process

During signing:

  1. The sender (for example an e-Transaction provider) computes a hash of the message using a secure hashing algorithm.
  2. This hash is then encrypted with the sender's (for example an e-Transaction provider) private key to generate the Signature.

Verification Process

During verification:

  1. The recipient (the DriveWorks implementation) takes the original message (the Text) and applies the Hashing Algorithm.
  2. The recipient (the DriveWorks implementation) decrypts the Signature using the sender's Public Key.
  3. If the independently computed hash matches the decrypted hash, the signature is valid, proving the message's integrity and authenticity.

Use Case Example

SppRSAVerifyData can be used to securely verify web transactions.

For example to verify a payment has been made to an e-Transaction provider a string of text along with a signature would be sent by the provider.

This would be verified against a known Public Key and hashing algorithm and verified as being valid or invalid.

RSA verification can be used in a variety of applications, such as:

  • e-Transactions (payment)
  • Digital Signatures
  • Authentication
  • Certificate Authority (CA) Operations

Examples

Example 1

SppRSAVerifyData("DriveWorks",DWConstantSignature,DWConstantPublicKey,"SHA512")

Will result in True.

Value coming from DWConstantSignature

YceBb488R4ihcj+KNBGTJEk+hfBx0QKHdNnSgfI1Ahw0HcNxKBYBms/tschx3CT5i6/4rBRa2ou+bcLlp3aBpK+5d7it5GM4qg8EEMV7SJCiU0+wGr/x0k0u6lIaP/I3ycsaucg6MQvBsv0tEuk6ZhvQZSi20GMEw740a0dkJ+8=

Value coming from DWConstantPublicKey

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCL1ZzgunvoMlD1UxpakRGk0OB0
xOhgWeRSZqamTPv0RdvaEwST7ErYM5SeYVLejMduwChQuO1bGbOH6nafF4vGBs26
zfjhirXlf/KpM7EkPVe61CXK5SEKYTkKAuYs6Rm1z4f3ZGbgq3ddGYW8ktg5qO5I
rqgRCWU332jYtEkdYwIDAQAB
-----END PUBLIC KEY-----

See Also

See Simplilearn.com - RSA Algorithm for more information on Public-Key Encryption.

© DriveWorks Ltd 2024 - All rights reserved.
Privacy Policy | Terms & Conditions