Hi, Thanks for the prompt respond.
I've tried to use the "dgst" function to sign and verify the signature using the dsa public key, it failed to even load the private key to sign it! 1) Message digest: -bash-3.1$ openssl dgst -sha1 sig.txt SHA1(sig.txt)= 922a03e68e2e8d36a6b7a7fb4400fb32b89373f0 2) Signing Digest with private key (failed to load priv key): -bash-3.1$ openssl dgst -sha1 -sign dsakey.pem -out test.cipher sig.txt Error Signing Data 19810:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:p_sign.c:103: On 6/25/07, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote:
On Mon, Jun 25, 2007, Janet N wrote: > Hi I am having difficulties using openssl to verify the signature using my > dsa-public key, any help is appreciated! > > sign data using private key: > 1) openssl rsautl -sign -in sign.txt -inkey userkey.pem -out sig > > Verify signature with public key got syntax error: > 2) openssl rsautl -verify -in sig -pubin dsacert.pem > Usage: rsautl [options] There is no equivalent utility to "rsautl" for DSA keys. The equivalent functionality is in "pkeyutl" but that is only present in OpenSSL 0.9.9-dev. You don't normally sign raw data with a private key anyway. Normally the data is digested and the digest is signed. There is a utility to perform the combined digest+sign (and digest+verify) function: it is 'dgst'. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
