Skip to main content

Sign-hash commands

This section covers commands that you use in SMCTL to sign a hash.

Sign-hash

Sign-hash commands begin with:

smctl sign sign-hash <keypair ID>

Subcommands

The sign-hash command supports these subcommands:

Table 1. Flag for managing hashing signing

Shortcut

Flag

Description

--binary

Signature in binary (default is Base64).

--file string

File path.

--hash string

Base64 hash.

--hash-algorithm string

Hash algorithm. (default "SHA-256")

--non-decorate-signature

Skip ASN1 decoration for ECDSA signatures.

--signature-algorithm string

Signature algorithm. (default "SHA256withRSA").

--signature-file string

Signature file path.

-h

--help

Help for sign-hash commands.


Command example

Description: Sign hash.

Command:

smctl sign sign-hash --file <file path> --hash-algorithm <hash algorithm> --signature-algorithm <algorithm> <keypair ID> --signature-file <signature file path> --binary

Command sample:

smctl sign sign-hash --file UNSIGNED_JAR.jar --hash-algorithm SHA-512 --signature-algorithm MLDSA44 c16f3975-101b-4837-8de5-42160e791220 --signature-file mldsasign44.txt --binary

Hashes for generating signatures

The following hashes can be used for generating signatures:

  • RSA

    • NONEWithRSA

    • SHA1WithRSA

    • SHA224WithRSA

    • SHA256WithRSA

    • SHA384WithRSA

    • SHA512WithRSA

    • SHA3-224WithRSA

    • SHA3-256WithRSA

    • SHA3-384WithRSA

    • SHA3-512WithRSA

    • NONEwithRSASSA-PSS

    • SHA1WithRSA/PSS

    • SHA224WithRSA/PSS

    • SHA256WithRSA/PSS

    • SHA384WithRSA/PSS

    • SHA512WithRSA/PSS

    • SHA3-224WithRSA/PSS

    • SHA3-256WithRSA/PSS

    • SHA3-384WithRSA/PSS

    • SHA3-512WithRSA/PSS

  • SLHDSA

    • SLHDSA

  • MLDSA

    • MLDSA44

    • MLDSA65

    • MLDSA87

  • EdDSA

    • Ed25519

    • Ed25519ph

  • ECDSA

    • NONEWithECDSA

    • SHA1WithECDSA

    • SHA224WithECDSA

    • SHA256WithECDSA

    • SHA384WithECDSA

    • SHA512WithECDSA

    • SHA3-224WithECDSA

    • SHA3-256WithECDSA

    • SHA3-384WithECDSA

    • SHA3-512WithECDSA