Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Sign and verify a file using OpenSSL command line tool. It exports the digital signature in Base64 format.
#!/bin/bash
# Sign a file with a private key using OpenSSL
# Encode the signature in Base64 format
#
# Usage: sign <file> <private_key>
#
# NOTE: to generate a public/private key use the following commands:
#
# openssl genrsa -aes128 -passout pass:<passphrase> -out private.pem 2048
# openssl rsa -in private.pem -passin pass:<passphrase> -pubout -out public.pem
#
# where <passphrase> is the passphrase to be used.
filename=$1
privatekey=$2
if [[ $# -lt 2 ]] ; then
echo "Usage: sign <file> <private_key>"
exit 1
fi
openssl dgst -sha256 -sign $privatekey -out /tmp/$filename.sha256 $filename
openssl base64 -in /tmp/$filename.sha256 -out signature.sha256
rm /tmp/$filename.sha256
#!/bin/bash
# Verify a file with a public key using OpenSSL
# Decode the signature from Base64 format
#
# Usage: verify <file> <signature> <public_key>
#
# NOTE: to generate a public/private key use the following commands:
#
# openssl genrsa -aes128 -passout pass:<passphrase> -out private.pem 2048
# openssl rsa -in private.pem -passin pass:<passphrase> -pubout -out public.pem
#
# where <passphrase> is the passphrase to be used.
filename=$1
signature=$2
publickey=$3
if [[ $# -lt 3 ]] ; then
echo "Usage: verify <file> <signature> <public_key>"
exit 1
fi
openssl base64 -d -in $signature -out /tmp/$filename.sha256
openssl dgst -sha256 -verify $publickey -signature /tmp/$filename.sha256 $filename
rm /tmp/$filename.sha256
@aliakhtar

This comment has been minimized.

Show comment Hide comment
@mrcancer91

This comment has been minimized.

Show comment Hide comment
@mrcancer91

mrcancer91 Apr 18, 2018

Thanks. These scripts really help me out

Thanks. These scripts really help me out

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment