RSA Signature Tool Sign & Verify Messages

Configuration
Required only for signature verification
RSA Keys
Result

Configure and click Process to see results

How RSA Digital Signatures Work

Key Generation

RSA signatures use the same key pair as RSA encryption: a public key for verification and a private key for signing. The key pair is generated by selecting two large prime numbers and computing mathematical relationships between them.

  • 512-bit: Weak, only for testing
  • 1024-bit: Deprecated, avoid for production
  • 2048-bit: Recommended minimum
  • 4096-bit: High security for long-term use

Signing Process

How Signing Works:

  1. The message is hashed using a cryptographic hash function (e.g., SHA-256)
  2. The hash is encrypted using your private key
  3. The encrypted hash becomes the digital signature
  4. The signature is Base64-encoded for transmission
Signing uses your private key, unlike encryption which uses the public key.

Verification Process

How Verification Works:

  1. The signature is decrypted using the public key, revealing the hash
  2. The message is independently hashed using the same algorithm
  3. The two hashes are compared
  4. If they match, the signature is valid
Anyone can verify a signature using the public key, ensuring non-repudiation.

Signature Schemes

RSASSA-PKCS1-v1_5: The classic deterministic signature scheme standardized in PKCS#1 v1.5. Widely supported and compatible with existing systems. Uses deterministic padding which means the same message always produces the same signature with the same key.
RSASSA-PSS: Probabilistic Signature Scheme with a formal security proof. Uses random padding, so the same message produces different signatures each time. More secure and recommended for new applications, but requires newer implementations.

Common Use Cases for RSA Signatures

Document Signing

Sign contracts, PDFs, and legal documents to prove authenticity and prevent tampering. Digital signatures provide legal validity in many jurisdictions.

Code Signing

Sign software binaries, executables, and scripts to verify publisher identity and ensure code hasn't been modified. Essential for app stores and enterprise software.

Email Signing (S/MIME, PGP)

Sign emails to prove sender identity and message integrity. S/MIME and PGP use RSA signatures to combat phishing and email spoofing.

API Authentication

Sign API requests to prove they came from an authorized source. Used in OAuth, JWT tokens, and webhook verification.

Pro Tip: RSA signatures provide both authentication (proof of identity) and integrity (proof message wasn't modified). Unlike MACs (Message Authentication Codes), RSA signatures also provide non-repudiation - the signer cannot deny creating the signature.

Security Best Practices for RSA Signatures

Do's

  • Use 2048-bit or larger keys for production signatures
  • Use SHA-256 or stronger hash algorithms (avoid MD5, SHA-1)
  • Consider RSASSA-PSS for new applications (stronger security proof)
  • Keep your private signing key secure - never share it
  • Include timestamps in signatures for long-term validity
  • Use hardware security modules (HSMs) for high-value signing keys
  • Rotate keys periodically according to your security policy
  • Verify signatures before trusting signed data

Don'ts

  • Don't use MD5 or SHA-1 for new signatures (collision vulnerabilities)
  • Don't use 512-bit or 1024-bit keys in production
  • Don't share your private signing key with anyone
  • Don't reuse signing keys across different applications or contexts
  • Don't sign untrusted or unvalidated data blindly
  • Don't assume signatures alone provide confidentiality (they don't)
  • Don't ignore signature verification failures
  • Don't use the same key pair for both signing and encryption

Why Trust This RSA Signature Tool?

No Data Storage

Your keys, messages, and signatures are processed in-session only. We don't log, store, or transmit your cryptographic data to third parties.

Open Standards

Built on standard Java Cryptography Architecture (JCA) implementing PKCS#1 specifications. No proprietary or unverified algorithms.

Educational Focus

Designed for learning, testing, and development. Perfect for understanding RSA signature concepts, algorithms, and verification processes.

Active Since 2010

Part of 8gwifi.org's suite of cryptography tools, serving developers and security professionals worldwide since 2010.

About the Developer: This tool is developed and maintained by Anish Nath, a Security Engineer with extensive expertise in cryptography, PKI, digital signatures, and secure application development. Anish has created multiple open-source security tools and regularly publishes technical content on cryptographic implementations.

Connect: Twitter

Frequently Asked Questions

An RSA digital signature is a cryptographic mechanism that allows you to sign a message with your private key to prove authenticity and integrity. The signature is created by hashing the message and encrypting the hash with your private key. Anyone can verify the signature using your public key by decrypting it and comparing the hash. Unlike encryption (which uses public key to encrypt), signing uses the private key to create the signature.

To sign a message: 1) Generate or provide an RSA key pair using the key size selector, 2) Select the "Sign" operation button, 3) Choose a signature algorithm (SHA256withRSA is recommended), 4) Enter your message in the message field, 5) Click the "Process" button. The tool will generate a Base64-encoded signature that you can copy and share along with your message and public key.

This tool supports multiple RSA signature algorithms: SHA256withRSA (recommended), SHA1withRSA, SHA384withRSA, SHA512withRSA, MD5withRSA, MD2withRSA, and RSASSA-PSS variants (SHA1WithRSA/PSS, SHA224WithRSA/PSS, SHA384WithRSA/PSS, SHA1withRSAandMGF1). SHA256withRSA and SHA384withRSA are recommended for modern applications. Avoid MD5 and SHA-1 for new implementations due to known vulnerabilities.

RSASSA-PKCS1-v1_5 is the older, deterministic signature scheme where the same message always produces the same signature. RSASSA-PSS (Probabilistic Signature Scheme) is newer and more secure, using random padding so signatures are different each time. PSS has a formal security proof and is recommended for new applications, though PKCS1-v1_5 is still widely used for compatibility with existing systems.

To verify a signature: 1) Ensure you have the signer's public key in the Public Key field, 2) Select the "Verify" operation button, 3) Enter the original message, 4) Paste the Base64-encoded signature in the Signature field, 5) Select the same signature algorithm that was used for signing, 6) Click "Process". The tool will indicate whether the signature is valid (authentic and unmodified) or invalid (potentially tampered or incorrect key).

Yes! Signature verification only requires the public key, not the private key. This is a fundamental property of digital signatures - anyone can verify a signature using the public key, but only the private key holder can create valid signatures. This asymmetry ensures non-repudiation (the signer cannot deny signing) and authenticity (you can prove who signed it).

RSA Digital Signatures - Technical Details & Implementation

The Rivest-Shamir-Adleman (RSA) algorithm is one of the most widely used public-key cryptography methods. RSA digital signatures provide authentication, integrity, and non-repudiation by using asymmetric key pairs.

Mathematical Foundation

Signing Process

  1. Compute hash: h = Hash(message)
  2. Apply padding: m = Pad(h)
  3. Sign with private key: s = md mod n
  4. Encode signature: signature = Base64(s)

Verification Process

  1. Decode signature: s = Base64Decode(signature)
  2. Apply public key: m' = se mod n
  3. Extract hash: h' = Unpad(m')
  4. Verify: h' == Hash(message)

Where: d = private exponent, e = public exponent (usually 65537), n = modulus

RSA Signature Schemes (PKCS#1)

RSASSA-PKCS1-v1_5
  • Type: Deterministic
  • Padding: PKCS#1 v1.5
  • Security: Widely tested, no known practical attacks
  • Use Case: Legacy compatibility, TLS, X.509 certificates
  • Algorithm Names: SHA256withRSA, SHA384withRSA, SHA512withRSA
RSASSA-PSS
  • Type: Probabilistic (random salt)
  • Padding: PSS (Probabilistic Signature Scheme)
  • Security: Formal security proof, recommended for new apps
  • Use Case: Modern applications, enhanced security
  • Algorithm Names: RSASSA-PSS, SHA256WithRSA/PSS
Key Difference: PKCS1-v1_5 produces the same signature every time for the same message and key, while PSS adds random salt making each signature unique even for identical inputs.

Code Examples - Sign & Verify

Python (using cryptography library) 
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric import rsa, padding

# Generate RSA key pair
private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
public_key = private_key.public_key()

# Sign message
message = b"Hello, World!"
signature = private_key.sign(
    message,
    padding.PSS(mgf=padding.MGF1(hashes.SHA256()), salt_length=padding.PSS.MAX_LENGTH),
    hashes.SHA256()
)
print(f"Signature (hex): {signature.hex()[:64]}...")

# Verify signature
try:
    public_key.verify(
        signature,
        message,
        padding.PSS(mgf=padding.MGF1(hashes.SHA256()), salt_length=padding.PSS.MAX_LENGTH),
        hashes.SHA256()
    )
    print("✓ Signature is valid")
except Exception:
    print("✗ Signature is invalid")
Install: pip install cryptography
Java (using java.security) 
import java.security.*;
import java.util.Base64;

public class RSASignatureExample {
    public static void main(String[] args) throws Exception {
        // Generate RSA key pair
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
        keyGen.initialize(2048);
        KeyPair keyPair = keyGen.generateKeyPair();

        // Sign message
        String message = "Hello, World!";
        Signature sign = Signature.getInstance("SHA256withRSA");
        sign.initSign(keyPair.getPrivate());
        sign.update(message.getBytes("UTF-8"));
        byte[] signature = sign.sign();
        System.out.println("Signature: " + Base64.getEncoder().encodeToString(signature));

        // Verify signature
        Signature verify = Signature.getInstance("SHA256withRSA");
        verify.initVerify(keyPair.getPublic());
        verify.update(message.getBytes("UTF-8"));
        boolean isValid = verify.verify(signature);
        System.out.println("Valid: " + isValid);
    }
}
Note: No external dependencies required - uses built-in java.security package
Node.js (using crypto module) 
const crypto = require('crypto');

// Generate RSA key pair
const { publicKey, privateKey } = crypto.generateKeyPairSync('rsa', {
    modulusLength: 2048,
    publicKeyEncoding: { type: 'spki', format: 'pem' },
    privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
});

// Sign message
const message = 'Hello, World!';
const sign = crypto.createSign('SHA256');
sign.update(message);
sign.end();
const signature = sign.sign(privateKey, 'base64');
console.log('Signature:', signature.substring(0, 64) + '...');

// Verify signature
const verify = crypto.createVerify('SHA256');
verify.update(message);
verify.end();
const isValid = verify.verify(publicKey, signature, 'base64');
console.log('Valid:', isValid);
Note: Built-in crypto module (Node.js 10.12+) - no installation needed
Go (using crypto/rsa) 
package main

import (
    "crypto"
    "crypto/rand"
    "crypto/rsa"
    "crypto/sha256"
    "encoding/base64"
    "fmt"
)

func main() {
    // Generate RSA key pair
    privateKey, _ := rsa.GenerateKey(rand.Reader, 2048)
    publicKey := &privateKey.PublicKey

    // Sign message
    message := []byte("Hello, World!")
    hashed := sha256.Sum256(message)
    signature, _ := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, hashed[:])
    fmt.Printf("Signature: %s...\n", base64.StdEncoding.EncodeToString(signature)[:64])

    // Verify signature
    err := rsa.VerifyPKCS1v15(publicKey, crypto.SHA256, hashed[:], signature)
    if err != nil {
        fmt.Println("✗ Signature is invalid")
    } else {
        fmt.Println("✓ Signature is valid")
    }
}
Run: go run main.go - uses standard library packages
OpenSSL Command Line 
# Generate RSA private key
openssl genrsa -out private_key.pem 2048

# Extract public key
openssl rsa -in private_key.pem -pubout -out public_key.pem

# Sign a message (file)
echo "Hello, World!" > message.txt
openssl dgst -sha256 -sign private_key.pem -out signature.bin message.txt

# Convert signature to Base64
base64 signature.bin > signature.b64

# Verify signature
openssl dgst -sha256 -verify public_key.pem -signature signature.bin message.txt
# Output: Verified OK
Requirement: OpenSSL installed on your system

Standards & References

  • RFC 8017: PKCS #1: RSA Cryptography Specifications Version 2.2 (IETF)
  • FIPS 186-5: Digital Signature Standard (DSS) - Latest version (NIST)
  • NIST SP 800-57: Recommendation for Key Management (Part 1, Rev. 5)
  • NIST SP 800-131A: Transitioning the Use of Cryptographic Algorithms and Key Lengths
  • ISO/IEC 9796-2:2010: Digital signature schemes giving message recovery — Part 2: Integer factorization based mechanisms
  • Twenty Years of Attacks on RSA: Comprehensive survey paper by Dan Boneh (Stanford)

Support This Free Tool

Every coffee helps keep the servers running. Every book sale funds the next tool I'm dreaming up. You're not just supporting a site — you're helping me build what developers actually need.

500K+ users
200+ tools
100% private
One-time support Buy me a coffee 📚 Learn & support 9-Book Bundle - $9 Stay updated Follow @anish2good
Privacy Guarantee: Private keys you enter or generate are never stored on our servers. All tools are served over HTTPS.
Quick Access