3

I have a public key, a 192 bit hash, and a 384 bit signature, all as .txt hex files, and the curve is prime192v1.

What command lines can I use to verify the message with OpenSSL?

skvery
  • 336
  • 2
  • 16

1 Answers1

3

For reference, the EC key can be created with the following command:

  • Create the EC key:

    $ openssl ecparam -genkey -name prime192v1 > key.pem

  • Extract the public key:

    $ openssl ec -in key.pem -pubout > pub.pem

Signing the hash of a message and verifying the signature with an EC key can be done the same way as with other key types:

  • Calculate the hash (use a hash funtion of your choice):

    $ openssl dgst -sha256 -binary message.txt > hash.txt

  • Sign the hash with the private key:

     $ openssl pkeyutl -sign -inkey key.pem -in hash.txt > sig.txt

  • Verify the signature with the public key:

     $ openssl pkeyutl -verify -in hash.txt -sigfile sig.txt -inkey key.pem
 Signature Verified Successfully
f9c69e9781fa194211448473495534
  • 4,361
  • 2
  • 13
  • 40
  • I believe the last command should be `openssl pkeyutl -verify -in hash.txt -sigfile sig.txt -inkey pub.pem -pubin`. You used the private key to verify it, but it should be the public one. – Blaz Aug 31 '23 at 20:54