Solve optional data signing task
This commit is contained in:
parent
9dd9f08163
commit
c86a091787
1 changed files with 24 additions and 0 deletions
|
|
@ -299,3 +299,27 @@ Check the output:
|
||||||
```sh
|
```sh
|
||||||
openssl x509 -in intermediate.cer -noout -text
|
openssl x509 -in intermediate.cer -noout -text
|
||||||
```
|
```
|
||||||
|
|
||||||
|
# Signing Data
|
||||||
|
Create a file with secret content:
|
||||||
|
```sh
|
||||||
|
cd /root
|
||||||
|
vi secret.txt
|
||||||
|
```
|
||||||
|
|
||||||
|
## Create Signature
|
||||||
|
```sh
|
||||||
|
# Create and encrypt hash of file
|
||||||
|
openssl dgst -sha256 -sign /root/ca/private/ca.key.pem -out /tmp/hash.sha256 secret.txt
|
||||||
|
# Convert hash file to base64
|
||||||
|
openssl base64 -in /tmp/hash.sha256 -out secret.sig
|
||||||
|
```
|
||||||
|
|
||||||
|
## Verify Signature
|
||||||
|
Under normal circumstances:
|
||||||
|
```sh
|
||||||
|
# Re-create hash file from base64
|
||||||
|
openssl base64 -d -in secret.sig -out /tmp/hash.sha256
|
||||||
|
# Check integrity of `secret.txt`
|
||||||
|
openssl dgst -sha256 -verify /root/ca/ca.key.pem.pub -signature /tmp/hash.sha256 secret.txt
|
||||||
|
```
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue