Beruflich Dokumente
Kultur Dokumente
Signing
Verify
# Sign the file using sha1 digest and PKCS1 padding scheme
$ openssl dgst -sha1 -sign myprivate.pem -out sha1.sign myfile.txt
0000000 91 39 be 98 f1 6c f5 3d 22 da 63 cb 55 9b b0 6a
0000010 93 33 8d a6 a3 44 e2 8a 42 85 c2 da 33 fa cb 70
0000020 80 d2 6e 7a 09 48 37 79 a0 16 ee bc 20 76 02 fc
0000030 3f 90 49 2c 2f 2f b8 14 3f 0f e3 0f d8 55 59 3d
0000040
• Openssl decrypts the signature to generate hash and compares it to the hash of the
input file.
Signing
• hash value (20 byte in case of SHA1) is extended to RSA key size by prefixing
padding.
• Default padding scheme in openssl is PKCS1.
• PKCS#1v1.5 padding scheme: 00||01||PS||00||T||H
• PS: Octet string with FF such that length of message is equal to key size.
• T: Identifier of signature scheme (Each scheme has its MAGIC bytes).
• H: Hash value of the message.
Step 4: Sign the padded hash with private exponent and modulus
Verify
References:
1. Cryptography and coding
2. RSA public key
3. Digital signature
4. MAGIC bytes (used in padding) for various digest algorithms: