随笔
2011-09-14 23:21
89 查看
Signing data with the RSA algorithm
Step1. Create private/public keypair (optional)
openssl genrsa -out private.pem 1024 >private.pemThis creates a key file called private.pem. This file actually have both the private and public keys, so you should extract the public one from this file:
openssl rsa -in private.pem -out public.pem -outform PEM -pubout >public.pemYou'll now have public.pem containing just your public key, you can freely share this with 3rd parties.
Step2. Create a hash of the data
echo 'data to sign' > data.txt openssl dgst -md5 data.txt >data's md5 code
Step3. Sign the hash using the private key
openssl rsautl -sign -inkey private.pem -keyform PEM -md5 -out data.sign data.txt > signatureThe file 'signature' and the actual data 'data.txt' can now be communicated to the receiving end. The hash algorithm (in our case md5) as well as the public key must also be known to the receiving end.
Authenticate data using the public key
Step4. Create a hash of the data (same as Step 2)
Step5. Verify the signature
openssl rsautl -verify -inkey public.pem -keyform PEM -pubin -md5 -signature -signature data.sign data.txt > verified
diff -s verified hashIf the result of the above command 'verified' matches the hash generated in Step 3.1 (in which case you the result of the diff command would be 'Files verified and hash are identical') then the signature is considered authentic and the integrity/authenticity of the data is proven.
本文出自 “Mr_Computer” 博客,请务必保留此出处http://caochun.blog.51cto.com/4497308/1559636
相关文章推荐
- Lotus Notes程序设计随笔
- 随笔
- 3GPP 5G-NR 随笔(2-1):NR信道带宽利用率、NR-ARFCN与channel raster
- 生活随笔:机会流失
- Java 基础入门随笔(5) JavaSE版——函数重载
- 2018年3月2日 个人随笔
- c++随笔 vcl库函数
- 伙伴的随笔
- 工作随笔2018-03-06
- fork函数使用随笔
- java基础知识随笔--流程控制
- 大学生活随笔
- MOSS开发--随笔
- C++知识点随笔(三):static、const、friend、inline
- 郭天祥单片机编程100例程序及随笔3——定时器编程
- 生活随笔:维修电脑记之遇到黑店
- Intent 随笔
- Python学习随笔---面向对象编程
- 随笔
- 随笔(一)