Hi Dave, I have already tried signing and verifying the message and it works great for me with the following commands:
openssl dgst -sha1 -sign rsa_client_priv_key.pem -out rsa_signature.bin msg.txt openssl dgst -sha1 -verify rsa_client_pub_key.pem -signature rsa_signature.bin msg.txt Now I want to focus on the certificate verification, limit it to x509v3, sha1, rsa encryption and command line solution, with a little bit of bash scripting where needed. I am aware that I need to verify: a) who issued the certificate, b) if it is still valid, *c) if not revoked d) check signature algorithm *e) verify the signature f) then extract client public key and use it to verify msg signatures (*) - steps I have not went through yet Have I missed any important thing in verification procedure? I have not created any revocation list yet, thus will focus on (c) at the end, For (e): I have found the following command that do the whole thing for me in one step: openssl verify -CAfile ./demoCA/cacert.pem ./client_cert.pem works fine, then I thought that it would also be possible to: -extract public key from cacert.pem -use ca public key to perform the verification (v) openssl x509 -in ./demoCA./cacert.pem -pubkey -noout > ./demoCA/ca_pub_key.pem (x!) openssl verify -CAfile ./demoCA/ca_pub_key.pem ./client_cert.pem But it does not work, thus I understand that not only public ca key is needed to verify the client certificate, fine. I still want to decide what I want to verify within the certificate, and do it on my own. Thus I am still trying to find a way to: - retrieve the signature from the certificate (sha1WithRsaEncryption), - remove rsa encryption from the signature (use ca public key to get sha1 without rsa encryption), - compute the signature for the certificate on my own - and compare both will have a closer look at suggested smime/pkcs7, and come back with my findings, thanks, Mike Dave Thompson-5 wrote: > >> From: owner-openssl-us...@openssl.org On Behalf Of DarkMike >> Sent: Monday, 04 July, 2011 13:24 > >> What I want to do is: >> >> 1. decrypt the signature to get decrypted message digest (sha1) >> 2. compute the sha1 from the certificate on my own >> and compare these two digests >> > Presumably you mean the signature in the cert, over the certTBS, > since otherwise comparing the digests makes no sense. This process > is a first step in verifying the certificate; an entity using > a certificate (generically called a relying party or relier) > usually needs to make additional checks as well. Two caveats: > - all common signature schemes use some hash, but not always SHA1 > - talking about "encrypting" and "decrypting" the hash is not > entirely correct for RSA, and totally wrong for DSA and ECDSA. > sign/verify and encrypt/decrypt are actually different operations, > even if mathematically related, and it's best to keep them distinct. > >> I want to use this mechanism for whole communication between my >> server and multiple clients, to ensure each message my server gets is >> from expected uniqe client. >> >> I.e. get next message from the client signed by sha1 digest >> decrypted with >> client private key, >> then decrypt this signature, compare to signature that my >> server computes >> from this message. >> > Now you seem to want to sign and verify some data of your own, > NOT the certificate. If that's what you want, then have the client > create a signature for the data and send it, and have the server > verify that signature. No certificate needs to be involved, > although a certficate is one standard way to securely transport > the signer's publickey, which the verifier needs to have. > And the certificate *signature* is not involved at all, > unless you want to verify the certificate, in which case > as above checking the signature is only one step. > > If you want to do that with openssl commandline, the digest -sign > and digest -verify options you referenced earlier are one method. > The smime or pkcs7 format, which basically bundles the data and > signature for it together, is another approach. And if you write > (or already have) your own program(s) there are more choices. > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > -- View this message in context: http://old.nabble.com/Extracting-and-verifying-encrypted-certificate-digest-tp31987195p31994895.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
