In this dialog a document can be signed.
The dialog contains two prominent boxes, Choose hash function and Choose signature algorithm. There are five hash functions available (MD2, MD5, RIPEMD-160, SHA and SHA 1) and four signature algorithms (RSA, DSA, ECSP-DSA and ECSP-NR). According to the cryptographic standards, not every signature algorithm can be used with every hash function. The table below shows the combinations that are permitted:
MD2 | MD5 | RIPEMD-160 | SHA | SHA-1 | |
RSA | Yes | Yes | Yes | Yes | Yes |
DSA | No | No | No | Yes | Yes |
ECSP-DSA | No | No | Yes | No | Yes |
ECSP-NR | No | No | Yes | No | Yes |
To sign a document, a secret key that meets the requirements of the particular signature algorithm involved is needed. All the keys that are available are listed in the box in the lower area of the window. To generate a digital signature for the active document, place the cursor over the Name field for the relevant line (this will be the name of the creator) and enter the PIN (the one that was chosen when the key was generated) in the field at the bottom right. The document is signed with the chosen signature algorithm and hash function when Sign is clicked.
CrypTool knows automatically from the key selected which type it is, so that only signature algorithms and hash functions which are mutually compatible and are suitable for use with the key are offered for selection.
It is possible to extract the signature via the menu selection Digital Signatures/PKI.
When signing with ECSP-DSA or ECSP-NR, it is also possible to view the intermediate steps involved in generation of the signature by checking the Display intermediate results field. These are displayed in the Signature generation - step by step dialog.
The intermediate results of RSA and DSA signature cannot be displayed that way. For RSA signature you should use the RSA signature generation, which is specialised on visualising the RSA signature procedure.