Learn R
sodium (version 1.0)

Signatures: Create and Verify Signatures

Description

Cryptographic signatures can be used to verify the integrity of a message using the author's public key.

Usage

sig_sign(msg, key)
sig_verify(msg, sig, pubkey)
sig_keygen(seed = random(32))
sig_pubkey(key)

Arguments

msg
message to sign
key
private key to sign message with
sig
a signature generated by signature_sign
pubkey
a public key of the keypair used by the signature
seed
random data to seed the keygen

Details

A signature is an authenticated checksum that can be used to check that a message (any data) was created by a particular author and was not tampered with. The signature is created using a private key and can be verified from the corresponding public key. Signatures are used when the message itself is not confidential but integrity is important. A common use is for software repositories where maintainers include a signature of the package index. This allows client package managers to verify that the binaries were not modified by intermediate parties in the distribution process. For confidential data, use authenticated encryption (auth_encrypt) which allows for sending signed and encrypted messages in a single method. Currently sodium requires a different type of key pairfor signatures (ed25519) than for encryption (curve25519).

References

http://doc.libsodium.org/public-key_cryptography/public-key_signatures.html

Examples

Run this code
# Generate keypair
key <- sig_keygen()
pubkey <- sig_pubkey(key)

# Create signature
msg <- serialize(iris, NULL)
sig <- sig_sign(msg, key)
sig_verify(msg, sig, pubkey)

Run the code above in your browser using DataLab