0

I am trying to verify a signature, but get "unable to load key file." This is a CentOS server with OpenSSL version 1.0.2 (22 Jan 2015).

The keys are generated like this:

ssh-keygen -t rsa -f serverkey -N '' -b 2048
mv serverkey serverkey-priv.pem
ssh-keygen -f serverkey.pub -e -m pem > serverkey-pub.pem ; rm -f serverkey.pub

Which results in serverkey-priv.pem & serverkey-pub.pem

I sign the message like this:

openssl dgst -sha256 -sign serverkey-priv.pem -out message.sig message.txt

The message.sig file gets generated fine. So far so good.

However, when I try to verify the message using the sig file just generated:

openssl dgst -sha256 -verify serverkey-pub.pem -signature message.sig message.txt

I get "unable to load key file."

What am I doing wrong?

Zek
  • 568
  • 3
  • 10
  • 24

2 Answers2

0

ssh-keygen should generate both the public and private keys.

Check it with:

ls -l serverkey*
anon
  • 1
  • 1
0

I get significantly different output when I use

openssl rsa -in serverkey-priv.pem -pubout -out serverkey-pub.pem

than when I use

ssh-keygen -f serverkey.pub -e -m pem > serverkey-pub.pem

The public key file created by openssl rsa -pubout does successfully verify the message. It appears that ssh-keygen's -m pem file format for public keys isn't compatible with what openssl is expecting. In fact, reading the public key info with the openssl rsa -text command requires -RSAPublicKey_in which doesn't seem to be a supported option for dgst.

DerfK
  • 19,493
  • 2
  • 38
  • 54
  • I use the command `openssl dgst -sha256 -sign serverkey-priv.pem -out message.sig message.txt` based on this post: http://serverfault.com/questions/777906/digital-signature-with-openssl because I need to verify the signature on another device (iOS). I am having trouble with that verification, so I was just trying to make sure that I can verify it on the CentOS server (just as a test). But I take it that verification of the signature (the way I generate it) with OpenSSL is not supported? – Zek Jan 10 '17 at 19:23
  • No, verification of the signature works fine. Using `ssh-keygen` to convert the public key from openssh format to pem format is what does not work. You will need to use openssl to extract the public key from the private key file using the `openssl rsa ... -pubout ...` command in my answer – DerfK Jan 10 '17 at 19:40
  • I know that I can verify the signature with OpenSSL if I do not convert the public key to PEM format, but to be able to verify the signature on an iOS device, I have to convert it to PEM format (see link in my earlier comment). If verifying a signature using the PEM public key is not supported with OpenSSL, that answers my question... – Zek Jan 10 '17 at 20:48
  • It's supported. It's just not supported the way you're creating the public key. Use `openssl rsa -in serverkey-priv.pem -pubout -out serverkey-pub.pem` instead of `ssh-keygen -f serverkey.pub -e -m pem` to get an openssl-compatible public key – DerfK Jan 10 '17 at 23:50
  • yes that works fine. I will see if it works on the iOS as well, but that is beyond the scope of this question. Thanks! – Zek Jan 11 '17 at 01:28