Skip to content

Instantly share code, notes, and snippets.

@Dirc

Dirc/signing_data.md

Created August 30, 2018 08:23
Show Gist options
  • Save Dirc/9a7476f831909d9b3819ea320a520285 to your computer and use it in GitHub Desktop.
Save Dirc/9a7476f831909d9b3819ea320a520285 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
signing_data.md

Signing data

Basics:

  • Signing is encryption with private key.
  • Verification is the decryption with public key.

Signing and verifying is done with assymmetric cryptography, hence expensive. So signing the hash is much cheaper then signing the whole data.

Signing data:

  • calculate hash from data
  • sign hash (with private key)
  • publish data + signed hash + public key

Verifying data:

  • calculate hash from data
  • decrypt signed hash with public key
  • compare both results

Digest/signing Demo

# Create private/public key pair
openssl genrsa -out private_key.pem 2048
openssl rsa -in private_key.pem -pubout -outform PEM -out public_key.pem

# Create demo file
DATA=demo_data.txt
echo "demo file" > $DATA

# Sign, i.e. create digest
openssl dgst -sha256 -sign private_key.pem -out $DATA.digest $DATA

# Verify
openssl dgst -sha256 -verify public_key.pem -signature $DATA.digest $DATA
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment