Skip to main content

Verify-hash commands

This section covers commands that you use in SMCTL to verify a hash.

Verify-hash

Verify-hash commands begin with:

smctl sign verify-hash <keypair ID>

Subcommands

The verify-hash command supports these subcommands:

Table 1. Flag for managing hash verification

Shortcut

Flag

Description

--file string

File path.

--hash string

Base64 hash.

--hash-algorithm string

Hash algorithm. (default "SHA-256")

--signature string

Base64 Signature.

--signature-algorithm string

Signature algorithm. (default "SHA256withRSA").

--signature-file string

Signature file path.

-h

--help

Help for sign-hash commands.


Command example

Description: Verify hash.

Command:

smctl sign verify-hash --file <file path> --hash-algorithm <hash algorithm> --signature-algorithm <signature algorithm> --signature-file <path to signature file> <keypair ID>

Command sample:

smctl sign verify-hash --file UNSIGNED_JAR.jar --hash-algorithm SHA-512 --signature-algorithm MLDSA44 --signature-file mldsasign44.txt c16f3975-101b-4837-8de5-42160e791220

Hashes for verifying signatures

The following hashes can be used for verifying signatures:

  • RSA

    • NONEWithRSA

    • SHA1WithRSA

    • SHA224WithRSA

    • SHA256WithRSA

    • SHA384WithRSA

    • SHA512WithRSA

    • SHA3-224WithRSA

    • SHA3-256WithRSA

    • SHA3-384WithRSA

    • SHA3-512WithRSA

    • NONEwithRSASSA-PSS

    • SHA1WithRSA/PSS

    • SHA224WithRSA/PSS

    • SHA256WithRSA/PSS

    • SHA384WithRSA/PSS

    • SHA512WithRSA/PSS

    • SHA3-224WithRSA/PSS

    • SHA3-256WithRSA/PSS

    • SHA3-384WithRSA/PSS

    • SHA3-512WithRSA/PSS

  • SLHDSA

    • SLHDSA

  • MLDSA

    • MLDSA44

    • MLDSA65

    • MLDSA87

  • EdDSA

    • Ed25519

    • Ed25519ph

  • ECDSA

    • NONEWithECDSA

    • SHA1WithECDSA

    • SHA224WithECDSA

    • SHA256WithECDSA

    • SHA384WithECDSA

    • SHA512WithECDSA

    • SHA3-224WithECDSA

    • SHA3-256WithECDSA

    • SHA3-384WithECDSA

    • SHA3-512WithECDSA