it did not work:$cat signedbase64string.txt | openssl enc -base64 -d -A -out seal $cat stringtosign.xt | openssl dgst -md5 -verify cert.pem -signature seal $unable to load key file
> Subject: Re: Verify signed text > From: w...@omnigroup.com > Date: Wed, 30 Mar 2011 10:12:45 -0700 > CC: w...@omnigroup.com > To: openssl-users@openssl.org > > > On 30 Mar 2011, at 9:59 AM, luis hernandez wrote: > > i get a file with a signed base64 string produced using the following > > commands: > > > > openssl dgs -md5 -sign key.pem stringtosign.txt | openssl enc -base64 -A > > > signedbase64string.txt > > > > that signed string is part of a text file that includes the certificate in > > pem format without the public key. > > from that file i can get the original stringtosign.txt but because the key > > belongs to the owner and i can not have it. > > is it possible to verify that the signedbase64string is correct only with > > the information i have? > > The certificate contains the public part of the key (as well as some other > information), which allows you to verify the signature. I think the "-verify" > argument to dgst will do what you want. > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org