5

Is it possible to generate digital signatures using secp384r1 / SHA-256 from the OpenSSL command line (I'm using version 1.0.1c)? After some experimentation I can generate signatures with SHA-1 using: 

openssl dgst -sign ec-key.pem -ecdsa-with-SHA1 -binary < test.bin > sig.bin

but 

openssl dgst -sign ec-key.pem -ecdsa-with-SHA256 -binary < test.bin > sig.bin

just gives me a known option for '-ecdsa-with-SHA256'?

Thanks in advance

ollo
  • 24,797
  • 14
  • 106
  • 155
user2166777
  • 51
  • 1
  • 2

1 Answers1

2

Try use -sha256 instead of -ecdsa-with-SHA256, and use an EC key to sign it.

Chiara Hsieh
  • 3,273
  • 23
  • 32
  • 1
    That doesn't work for me. I get this error: `Error Signing Data 56895:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:/SourceCache/OpenSSL098/OpenSSL098-52.30.1/src/crypto/evp/p_sign.c:99:`. Based on the error message, I suspect `-sha256` implies RSA. – caleb Aug 16 '16 at 17:10