# PKI: sign content or verify a signature

### Description

`PKI.sign`

signs content using RSA with the specified hash function

`PKI.verify`

verifies a signature of RSA-signed content

### Usage

1 2 | ```
PKI.sign(what, key, hash = c("SHA1", "SHA256", "MD5"), digest)
PKI.verify(what, signature, key, hash = c("SHA1", "SHA256", "MD5"), digest)
``` |

### Arguments

`what` |
raw vector: content to sign |

`key` |
RSA private key to use for signing; RSA public key or certificate to use for verification. |

`hash` |
hash function to use. "MD5" should not be used unless absolutely needed for compatibility as it is less secure. |

`digest` |
raw vector: it is possible to supply the digest of
the content directly instead of specifying |

`signature` |
raw vector: signature |

### Details

Objects are signed by computing a hash function digest (typically
using `SHA1`

hash function) and then signing the digest with a
RSA key. Verification is done by computing the digest and then
comparing the signature to the digest. Private key is needed for
signing whereas public key is needed for verification.

Both functions call `PKI.digest`

on `what`

if
`digest`

is not specified.

### Value

`PKI.sign`

signature (raw vector)

`PKI.verify`

logical: `TRUE`

if the digest and signature
match, `FALSE`

otherwise

### Author(s)

Simon Urbanek

### See Also

`PKI.pubkey`

, `PKI.genRSAkey`

,
`PKI.digest`

### Examples

1 2 3 4 | ```
key <- PKI.genRSAkey(2048)
x <- charToRaw("My message to sign")
sig <- PKI.sign(x, key)
stopifnot(PKI.verify(x, sig, key))
``` |