OpenSSL ECDSA sign and verify file

I think you are not actually signing the file, but signing the hash.

I tried the following and it gave me the desired output:

Create signature:
openssl dgst -ecdsa-with-SHA1 -sign private.pem test.pdf > signature.bin

Verify signature:
openssl dgst -ecdsa-with-SHA1 -verify public.pem -signature signature.bin test.pdf

Since -ecda-with-SHA1 is not in the man for dgst and there is no -ecda-with-SHA256 I would recommend :

Sign :

openssl dgst -sha1 -sign private.pem test.pdf > signature.bin

Verify :

openssl dgst -sha1 -verify public.pem -signature signature.bin test.pdf

Or if you need an engine, you can also do it in an OpenSSL session:

openssl
OpenSSL> engine -vvvv -t dynamic -pre SO_PATH:someengine.so -pre ID:someengine -pre LIST_ADD:1 -pre LOAD
OpenSSL> dgst -ecdsa-with-SHA1 -out signature.bin -sign private.pem test.pdf
OpenSSL> dgst -ecdsa-with-SHA1 -verify public.pem -signature signature.bin test.pdf

dgst offers also the -engine option, but here it takes the engine loaded earlier. If required, simply add -engine someengine.

OpenSSL ECDSA sign and verify file

Tags:

Openssl

Cryptography

Related

Recent Posts