Sign and verify a file using OpenSSL command line tool. It exports the digital signature in Base64 format.
#!/bin/bash | |
# Sign a file with a private key using OpenSSL | |
# Encode the signature in Base64 format | |
# | |
# Usage: sign <file> <private_key> | |
# | |
# NOTE: to generate a public/private key use the following commands: | |
# | |
# openssl genrsa -aes128 -passout pass:<passphrase> -out private.pem 2048 | |
# openssl rsa -in private.pem -passin pass:<passphrase> -pubout -out public.pem | |
# | |
# where <passphrase> is the passphrase to be used. | |
filename=$1 | |
privatekey=$2 | |
if [[ $# -lt 2 ]] ; then | |
echo "Usage: sign <file> <private_key>" | |
exit 1 | |
fi | |
openssl dgst -sha256 -sign $privatekey -out /tmp/$filename.sha256 $filename | |
openssl base64 -in /tmp/$filename.sha256 -out signature.sha256 | |
rm /tmp/$filename.sha256 |
#!/bin/bash | |
# Verify a file with a public key using OpenSSL | |
# Decode the signature from Base64 format | |
# | |
# Usage: verify <file> <signature> <public_key> | |
# | |
# NOTE: to generate a public/private key use the following commands: | |
# | |
# openssl genrsa -aes128 -passout pass:<passphrase> -out private.pem 2048 | |
# openssl rsa -in private.pem -passin pass:<passphrase> -pubout -out public.pem | |
# | |
# where <passphrase> is the passphrase to be used. | |
filename=$1 | |
signature=$2 | |
publickey=$3 | |
if [[ $# -lt 3 ]] ; then | |
echo "Usage: verify <file> <signature> <public_key>" | |
exit 1 | |
fi | |
openssl base64 -d -in $signature -out /tmp/$filename.sha256 | |
openssl dgst -sha256 -verify $publickey -signature /tmp/$filename.sha256 $filename | |
rm /tmp/$filename.sha256 |
This comment has been minimized.
This comment has been minimized.
Thanks. These scripts really help me out |
This comment has been minimized.
This comment has been minimized.
It only took 4 years for people to realize what a 2 part bash script proved years ago... |
This comment has been minimized.
This comment has been minimized.
This is amazing! Thank you for the article and thank you for the scripts! I am using Code Signing feature of AWS IoT Jobs, and I was stuck on how to verify the signatures :D |
This comment has been minimized.
This comment has been minimized.
Use following in
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
Congrats, Satoshi loves you, apparently. https://www.reddit.com/r/Buttcoin/comments/4hkpwe/inventor_of_bitcoin_proves_he_can_write_a_2line/