verify signature using public key?
Janet N
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Hi I am having difficulties using openssl to verify the signature using my
dsa-public key, any help is appreciated!
sign data using private key:
1) openssl rsautl -sign -in sign.txt -inkey userkey.pem -out sig
Verify signature with public key got syntax error:
2) openssl rsautl -verify -in sig -pubin dsacert.pem
Usage: rsautl [options]
------=_Part_5349_14373769.1182806179928
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Hi I am having difficulties using openssl to verify the signature using my dsa-public key, any help is appreciated! <br><br>sign data using private key:<br>1) openssl rsautl -sign -in
sign.txt -inkey userkey.pem -out sig<br><br>Verify signature with public key got syntax error:<br>2) openssl rsautl -verify -in sig -pubin dsacert.pem<br>Usage: rsautl [options]
------=_Part_5349_14373769.1182806179928--
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
Dr. Stephen Henson
> Hi I am having difficulties using openssl to verify the signature using my
> dsa-public key, any help is appreciated!
>
> sign data using private key:
> 1) openssl rsautl -sign -in sign.txt -inkey userkey.pem -out sig
>
> Verify signature with public key got syntax error:
> 2) openssl rsautl -verify -in sig -pubin dsacert.pem
> Usage: rsautl [options]
There is no equivalent utility to "rsautl" for DSA keys. The equivalent
functionality is in "pkeyutl" but that is only present in OpenSSL 0.9.9-dev.
You don't normally sign raw data with a private key anyway. Normally the data
is digested and the digest is signed. There is a utility to perform the
combined digest+sign (and digest+verify) function: it is 'dgst'.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
Janet N
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Hi,
Thanks for the prompt respond.
I've tried to use the "dgst" function to sign and verify the signature using
the dsa public key, it failed to even load the private key to sign it!
1) Message digest:
-bash-3.1$ openssl dgst -sha1 sig.txt
SHA1(sig.txt)= 922a03e68e2e8d36a6b7a7fb4400fb32b89373f0
2) Signing Digest with private key (failed to load priv key):
-bash-3.1$ openssl dgst -sha1 -sign dsakey.pem -out test.cipher sig.txt
Error Signing Data
19810:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public
key type:p_sign.c:103:
------=_Part_5997_11095852.1182810756258
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Hi,<br><br>Thanks for the prompt respond.<br><br>I've tried to use the "dgst" function to sign and verify the signature using the dsa public key, it failed to even load the private key to sign it!<br><br>1) Message digest:
<br>-bash-3.1$ openssl dgst -sha1 sig.txt <br>SHA1(sig.txt)= 922a03e68e2e8d36a6b7a7fb4400fb32b89373f0<br><br>2) Signing Digest with private key (failed to load priv key):<br>-bash-3.1$ openssl dgst -sha1 -sign dsakey.pem -out
test.cipher sig.txt<br>Error Signing Data<br>19810:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:p_sign.c:103:<br><br><br><div><span class="gmail_quote">On 6/25/07, <b class="gmail_sendername">
Dr. Stephen Henson</b> <<a href="mailto:st...@openssl.org">st...@openssl.org</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On Mon, Jun 25, 2007, Janet N wrote:<br><br>> Hi I am having difficulties using openssl to verify the signature using my<br>> dsa-public key, any help is appreciated!<br>><br>> sign data using private key:<br>
> 1) openssl rsautl -sign -in sign.txt -inkey userkey.pem -out sig<br>><br>> Verify signature with public key got syntax error:<br>> 2) openssl rsautl -verify -in sig -pubin dsacert.pem<br>> Usage: rsautl [options]
<br><br>There is no equivalent utility to "rsautl" for DSA keys. The equivalent<br>functionality is in "pkeyutl" but that is only present in OpenSSL 0.9.9-dev.<br><br>You don't normally sign raw data with a private key anyway. Normally the data
<br>is digested and the digest is signed. There is a utility to perform the<br>combined digest+sign (and digest+verify) function: it is 'dgst'.<br><br>Steve.<br>--<br>Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
<br>OpenSSL project core developer and freelance consultant.<br>Funding needed! Details on homepage.<br>Homepage: <a href="http://www.drh-consultancy.demon.co.uk">http://www.drh-consultancy.demon.co.uk</a><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org">http://www.openssl.org</a><br>User Support Mailing List <a href="mailto:openss...@openssl.org">openss...@openssl.org
</a><br>Automated List Manager <a href="mailto:majo...@openssl.org">majo...@openssl.org</a><br></blockquote></div><br>
------=_Part_5997_11095852.1182810756258--
Janet N
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
I got it to signed and verify using dgst -dss1. To sign or verify data
using the DSA algorithm then the dss1 digest must be used.
------=_Part_6261_12002867.1182812910873
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
I got it to signed and verify using dgst -dss1. To sign or verify data using the DSA algorithm then the dss1
digest must be used.<br><br><br><div><span class="gmail_quote">On 6/25/07, <b class="gmail_sendername">Janet N</b> <<a href="mailto:jan...@gmail.com">jan...@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi,<br><br>Thanks for the prompt respond.<br><br>I've tried to use the "dgst" function to sign and verify the signature using the dsa public key, it failed to even load the private key to sign it!<br><br>1) Message digest:
<br>-bash-3.1$ openssl dgst -sha1 sig.txt <br>SHA1(sig.txt)= 922a03e68e2e8d36a6b7a7fb4400fb32b89373f0<br><br>2) Signing Digest with private key (failed to load priv key):<br>-bash-3.1$ openssl dgst -sha1 -sign dsakey.pem
-out
test.cipher sig.txt<br>Error Signing Data<br>19810:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:p_sign.c:103:<div><span class="e" id="q_1136503d49c0d825_1"><br><br><br><div><span class="gmail_quote">
On 6/25/07, <b class="gmail_sendername">
Dr. Stephen Henson</b> <<a href="mailto:st...@openssl.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">st...@openssl.org</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On Mon, Jun 25, 2007, Janet N wrote:<br><br>> Hi I am having difficulties using openssl to verify the signature using my<br>> dsa-public key, any help is appreciated!<br>><br>> sign data using private key:<br>
> 1) openssl rsautl -sign -in sign.txt -inkey userkey.pem -out sig<br>><br>> Verify signature with public key got syntax error:<br>> 2) openssl rsautl -verify -in sig -pubin dsacert.pem<br>> Usage: rsautl [options]
<br><br>There is no equivalent utility to "rsautl" for DSA keys. The equivalent<br>functionality is in "pkeyutl" but that is only present in OpenSSL 0.9.9-dev.<br><br>You don't normally sign raw data with a private key anyway. Normally the data
<br>is digested and the digest is signed. There is a utility to perform the<br>combined digest+sign (and digest+verify) function: it is 'dgst'.<br><br>Steve.<br>--<br>Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
<br>OpenSSL project core developer and freelance consultant.<br>Funding needed! Details on homepage.<br>Homepage: <a href="http://www.drh-consultancy.demon.co.uk" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://www.drh-consultancy.demon.co.uk</a><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.openssl.org</a><br>User Support Mailing List
<a href="mailto:openss...@openssl.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">openss...@openssl.org
</a><br>Automated List Manager <a href="mailto:majo...@openssl.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">majo...@openssl.org</a><br></blockquote></div><br>
</span></div></blockquote></div><br>
------=_Part_6261_12002867.1182812910873--