The example for RSA_SIGN in the release notes is: ``` select rdb$set_context('USER_SESSION', 'msg', rsa_sign(crypt_hash('Test message' using sha256) key rdb$get_context('USER_SESSION', 'private_key'))) from rdb$database; ```
The use of `crypt_hash('Test message' using sha256)` as the input doesn't make sense to me, as generating a message digest is - AFAIU - done as part of signing itself, so now it's essentially double hashing the message.
Wouldn't the following make more sense? ``` select rdb$set_context('USER_SESSION', 'msg', rsa_sign('Test message' key rdb$get_context('USER_SESSION', 'private_key'))) from rdb$database; ``` And similar for RSA_VERIFY. Mark -- Mark Rotteveel Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel