- Sign a file
input-file.txt
and base64 encode it for sharing.
$ openssl dgst -sha256 -sign ~/.ssh/id_rsa input-file.txt | base64 > signb64.txt
Alternatively
$ openssl dgst -sha256 -sign ~/.ssh/id_rsa -out sign.sha256 input-file.txt
$ openssl base64 -in sign.sha256 -out <signature>
- Decode the base64 encoded signature
$ openssl base64 -d -A -in signb64.txt -out signsha256.txt
- Verify the file
input-file.txt
against its signature
$ openssl dgst -sha256 -verify id_rsa.pub -signature signsha256.txt input-file.txt
Verified OK
openssl rsa -in ~/.ssh/id_rsa -out id_rsa_pub.der -outform DER -pubout
openssl dgst -sha256 id_rsa_pub.der
$ openssl pkcs8 -topk8 -inform PEM -outform PEM -in id_rsa -out id_rsa_pkcs8 -nocrypt
$ openssl pkcs8 -topk8 -inform PEM -outform DER -in id_rsa -out id_rsa_pkcs8 -nocrypt