生成、签名和验证数字证书

生成、签名和验证数字证书

这是我的项目中的一个问题。

In this task, we will use OpenSSL to generate digital signatures. Please prepare a file (example.txt) of any size. Also prepare an RSA public/private key pair. Then do the following:

1.  Sign the SHA256 hash of example.txt; save the output in example.sha256.
2.  Verify the digital signature in example.sha256.
3.  Slightly modify example.txt, and verify the digital signature again.

Please describe how you performed the above three operations (e.g., the exact commands that you used, etc.). Describe what you observed and explain your observations. Please also explain why digital signatures are useful in general.

因此,我执行以下操作。

1.创建私钥/公钥对

openssl genrsa -out private.pem 1024

2.提取公钥。

openssl rsa -in private.pem -out public.pem -outform PEM -pubout

3.创建数据的哈希值。

echo 'data to sign' > example.txt

openssl dgst -sha256 < example.txt > hash

4. 使用私钥对哈希进行签名,并将其保存到名为 example.sha256 的文件中

openssl rsautl -sign -inkey private.pem -keyform PEM -in hash  > example.sha256

5.验证文件(example.txt)和数字签名(example.sha256)

openssl dgst -sha256 -verify public.pem -signature example.sha256 example.txt

完成所有这些操作后,我收到一条错误消息,提示“验证失败

如果我哪里说错了,请纠正我。

答案1

生成私钥/公钥对。
1. openssl genrsa -out private.pem 1024
2. openssl rsa -in private.pem -out public.pem -outform PEM -pubout


符号。
openssl dgst -sha256 -sign private.pem -out SLA.txt.sha256 SLA.txt

核实
openssl dgst -sha256 -验证公共.pem -签名SLA.txt.sha256 SLA.txt

相关内容