Dave, Thanks for the info.
If I have a private key in hex string , e.g, 23d9f4ea6d87b7d6163d64256e3449255db14786401a51daa7847161bf56d494325ad2ac8ba928394e01061d882c3528, how can I convert it into an ECDSA private key in PEM and use it in openssl dgst? I am thinking about the following steps: 1. convert it to a binary key 2. convert the binary key into DER format (which openssl cmd?) 3. use openssl ec to convert the key in DER format to PEM format 4. use open dgst to sign the message. Does this make sense? David >-----Original Message----- >From: owner-openssl-us...@openssl.org [mailto:owner-openssl- >us...@openssl.org] On Behalf Of Dave Thompson >Sent: Thursday, June 21, 2012 11:00 AM >To: openssl-users@openssl.org >Subject: RE: Question on openssl dgst: which private key? > >>From: owner-openssl-us...@openssl.org On Behalf Of Li, David >>Sent: Thursday, 21 June, 2012 11:48 > >>How does openssl dgst know which signing algorithm it's supposed to use >>in openssl dgst? For example how does it figure out if this signing >>private key is a ECDSA key or RSA key? >>Is this information hidden in the "priv_key.pem" >>of the option -sign <priv_key.pem> ? > >Exactly. dgst, like other utilities and apps using the general >PEM_read_[bio_]PrivateKey routine(s), can read either the OpenSSL-defined >per-algorithm PEM formats, labelled BEGIN/END {RSA,DSA,ECDSA} PRIVATE >KEY, and encrypted (if at all) using PEM "Proc-type:4" encryption, or standard >PKCS#8 format labelled just BEGIN/END PRIVATE KEY which includes an >AlgorithmIdentifier along with the key value, and is encrypted (if at all) the >PKCS#8 standard way. > > >___________________________________________________________ >___________ >OpenSSL Project http://www.openssl.org >User Support Mailing List openssl-users@openssl.org >Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
