The example for RSA_SIGN in the release notes is:
```
select rdb$set_context('USER_SESSION', 'msg',
rsa_sign(crypt_hash('Test message' using sha256)
key rdb$get_context('USER_SESSION', 'private_key'))) from rdb$database;
```
The use of `crypt_hash('Test message' using sha256)` as the input
doesn't make sense to me, as generating a message digest is - AFAIU -
done as part of signing itself, so now it's essentially double hashing
the message.
Wouldn't the following make more sense?
```
select rdb$set_context('USER_SESSION', 'msg',
rsa_sign('Test message'
key rdb$get_context('USER_SESSION', 'private_key'))) from rdb$database;
```
And similar for RSA_VERIFY.
Mark
--
Mark Rotteveel
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
