RE: validating signature against cert

[Dave Thompson]

 From: owner-openssl-us...@openssl.org On Behalf Of Jeff Strope
 Sent: Thursday, 01 October, 2009 18:41

 I've been given an X509 signing certificate that I'm storing 
 in base64 
 format along with a SHA1 w/ RSA signature. How do I verify that 
 signature against the signing certificate via openssl? Any 
 help would be 
 appreciated.
 
Assuming you mean a (detached) SHA1-RSA-PKCS1 signature of some data 
using/under the RSA key(pair) attested to in the certificate:

If your base64 cert has or you add the PEM label lines,
and you have or can get the (exact/raw) data in one file,
and the bare RSA signature (no OID etc.) in another, 
  openssl x509 certfile -pubkey -noout pubkeyfile
  openssl sha1 data -verify pubkeyfile -signature sigfile

For some limited variations, man dgst or just openssl dgst -? 
also rsautl similarly. Otherwise ask a more complete question.



__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

validating signature against cert

[Jeff Strope]

Hi all...I'm having a bit of trouble with openssl and I was hoping 
someone here might point me in the right direction.


I've been given an X509 signing certificate that I’m storing in base64 
format along with a SHA1 w/ RSA signature. How do I verify that 
signature against the signing certificate via openssl? Any help would be 
appreciated.


Best,

Jeff
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org