Hi Dave,
thanks, it works!
that is exactly what I was looking for, the steps as you described:
original certificate as it was created by CA.sh -sign:
client_cert.pem
1. removed all comments by:
openssl x509 -inform pem -in ./client_cert.pem >client_cert_clean.pem
(left only the end starting w
> From: owner-openssl-us...@openssl.org On Behalf Of DarkMike
> Sent: Tuesday, 05 July, 2011 03:34
> I have already tried signing and verifying the message and it
> works great [with dgst -sign/verify]
> Now I want to focus on the certificate verification,
> limit it to x509v3, sha1, rsa encrypti
Hi Dave,
I have already tried signing and verifying the message and it works great
for me
with the following commands:
openssl dgst -sha1 -sign rsa_client_priv_key.pem -out rsa_signature.bin
msg.txt
openssl dgst -sha1 -verify rsa_client_pub_key.pem -signature
rsa_signature.bin msg.txt
Now I wan
> From: owner-openssl-us...@openssl.org On Behalf Of DarkMike
> Sent: Monday, 04 July, 2011 13:24
> What I want to do is:
>
> 1. decrypt the signature to get decrypted message digest (sha1)
> 2. compute the sha1 from the certificate on my own
> and compare these two digests
>
Presumably you me
hi Kiran,
I am not sure if I need to separate the signature from the certificate.
What I want to do is:
1. decrypt the signature to get decrypted message digest (sha1)
2. compute the sha1 from the certificate on my own
and compare these two digests
I want to use this mechanism for whole comm
It is not clear why you want to separate the signature from the certificate
and validate it independently. Moreover, you can validate the signature on
the certificate data by using the public key of the CA that signed the
certificate. If you want to make sure that the complete certificate you
recei
The result of my weekend reading, is the following command,
which could pretty nicely do the thing for me:
'openssl sha1 -verify rsa_public_key.pem -signature rsa_signature.bin
data_for_digest_computation.txt`
the questions would be:
- how to split x509 pem certificate with embedded encrypted d
