Openssl uses the DSA algorithm to generate a signature instance. This article introduces how to use the DSA algorithm to generate a signature instance based on openssl. the method for generating a signature is simple. it is complicated to understand the intermediate principle. let's take a look. This article introduces how to use the DSA algorithm to generate a signature instance based on openssl. the method for generating a signature is simple. it is complicated to understand the intermediate principle. let's take a look.
Command:
Openssl> dgst-dss1-sign C. pri-out signature. bin s.txt
Explanation
C. pri is the private key file generated by the DSA algorithm.
S.txt is the original signature.
Signature. bin is the generated signature file
Php can use the following method to view the signature content
The code is as follows: |
|
Echo bin2hex (file_get_contents ('signature. bin ')); ?> |
References
Message Digest Algorithm
Supported algorithms include: MD2, MD4, MD5, MDC2, SHA1 (sometimes called DSS1), RIPEMD-160. SHA1 and RIPEMD-160 generate 160 bits, and others generate 128 bits. SHA1 or RIPEMD-160 is recommended unless for compatibility purposes.
Except that the RIPEMD-160 needs to use the rmd160 command, other algorithms can be executed using the dgst command.
OpenSSL is a bit strange in SHA1 processing. Sometimes it must be referred to as dss1.
In addition to calculating the Hasse value, the message digest algorithm can also be used to sign and verify the signature. When signing, the private key generated by DSA must be matched with DSS1 (SHA1. For the private keys generated by RSA, any message digest algorithm can be used.
# Example of message digest algorithm application
# Use the sha1algorithm to calculate the Hasse value of File.txt and output it to stdout.
$ Openssl dgst-sha1 file.txt
# Use the sha1algorithm to calculate the Western value of File.txt and output it to the file digest.txt
$ Openssl sha1-out digest.txt file.txt
# Use the dss1(sha1example algorithm to sign the file File.txt and output it to the file dsasign. bin
# The private key of the signature must be generated by the DSA algorithm and stored in the file dsakey. pem.
$ Openssl dgst-dss1-sign dsakey. pem-out dsasign. bin file.txt
# Use the dss1algorithm to verify the digital signature dsasign. bin of File.txt,
# Verify that the private key is the file dsakey. pem generated by the DSA algorithm.
$ Openssl dgst-dss1-prverify dsakey. pem-signature dsasign. bin file.txt
# Use the sha1algorithm to sign the file File.txt and output it to the file rsasign. bin.
# The private key of the signature is the file rs1_vate. pem generated by the RSA algorithm.
$ Openssl sha1-sign rs1_vate. pem-out rsasign. bin file.txt
# Use the sha1algorithm to verify the digital signature rsasign. bin of File.txt,
# The verified public key is rsapublic. pem generated by the RSA algorithm.
$ Openssl sha1-verify rsapublic. pem-signature rsasign. bin file.txt
....