Martin v. Löwis wrote: > $ openssl dgst -sign privkey -sha1 /etc/passwd > Error Signing Data > 5216:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public > key type:p_sign.c:103:
openssl dsaparam 2048 < /dev/urandom > dsaparam.pem openssl gendsa dsaparam.pem -out dsapriv.pem openssl dsa -in dsapriv.pem -pubout -out dsapub.pem openssl dgst -dss1 -sign dsapriv.pem </etc/services >services.sig Then: guin:/tmp$ openssl dgst -dss1 -verify dsapub.pem -signature services.sig </etc/services Verified OK guin:/tmp$ openssl dgst -dss1 -verify dsapub.pem -signature services.sig </etc/passwd Verification Failure zsh: exit 1 openssl dgst -dss1 -verify dsapub.pem -signature services.sig < /etc/passwd guin:/tmp$ > where privkey is a PEM "DSA PRIVATE KEY". I'm puzzled about the error > message - *of course* I'm not passing a public key. This is with Apple's > openssl 0.9.7l. It's kind of a funny work-flow to set up a public/private key pair because of the way DSA works. Sean -- Sean Reifschneider, Member of Technical Staff <[email protected]> tummy.com, ltd. - Linux Consulting since 1995: Ask me about High Availability _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
