OpenSSL summary and signature verification instructions DGST use

Source: Internet
Author: User
Tags hmac openssl md5 openssl rsa sha1

1. Summary of information and digital signature

Information Summary: Processing the data to obtain a fixed length of the results, its characteristics input:

1, the output length is fixed. That is, the output length is independent of the input length.

2, non-reversible. That is, the input data cannot be deduced theoretically by the output data.

4, sensitive to input data. When the input data changes very little, the output data can also be changed significantly

5, anti-collision. That is, the possibility of getting the same output data from different data data is very low.

As the information digest has the above characteristics, generally ensure the integrity of the data, a large file summary operation, get its digest value. After transmission through the network or other channels, verify its digest value to determine whether the large file itself has changed.

Digital Signature: The digital signature is actually divided into two steps, the original file is summarized first, the digest value is obtained, and then the digest value is encrypted using the private key in the public key algorithm. Its signature and verification process is shown in

The process of digital signature can be known that digital signature of sending information can guarantee the integrity, authenticity and non-repudiation of digital signature. That is, the recipient can confirm the source of the message, the truth of the message, the sender can not deny their own messages sent, and real-life signatures are roughly the same.

2. Abstract algorithm and digital signature related instructions and usage

The summary algorithms currently provided by OpenSSL are MD4, MD5, ripemd160, Sha, SHA1, sha224, SHA256, sha512, sha384, Wirlpool. Can be viewed through the OpenSSL dgst-command.

As we have mentioned above, the digital signature is divided into two parts: Digest and encryption. In the instructions provided by OpenSSL, there is no distinction between the two. Instead, the signature and checksum parameters are included in the summary algorithm directive. For example, we apply the OpenSSL MD5-command to see that it offers options such as signing and validating parameters.

The digest algorithm instruction is used to complete the digest or signature operation in OpenSSL alone, and the same operation can be done by DGST. Most use the RSA private key or the DSA private key when signing, when using the RSA private key, we can use the separate digest algorithm instruction to specify the digest algorithm to sign, but when uses the DSA to use the signature, must use the dgst instruction, Since the DSA signature is used, the DSA's own digest algorithm must be used, and OpenSSL does not provide the appropriate instructions for it.

/*There are plaintext files File.txt and RSA key RSA.PEM*/[email protected]:~/test$ lsfile.txt Rsa.pem/*use the MD5 directive to specify the SHA1 algorithm, sign the file.txt, and generate a signature file Sign1.txt*/[email protected]:~/test$ OpenSSL md5-sha1-sign Rsa.pem- outsign1.txt file.txt/*use the MD5 directive to specify the SHA1 algorithm, sign the file.txt, and generate a signature file Sign1.txt*/[email protected]:~/test$ OpenSSL dgst-sha1-sign Rsa.pem- outsign2.txt file.txt/*two signature files, stating that two instructions accomplish the same function*/[email protected]:~/test$ diff Sign1.txt Sign2.txt

You can see MD5 and DGST complete the same function. However, it is difficult to use MD5 to sign the time can specify other summary algorithm, I feel too awkward. So it is recommended to do summary and signature verification using DGST instructions, forget other ...

DGST instruction usage is described below

[Email protected]:~/test$ OpenSSL dgst-unknown option'-'Options are-C to output the digest with separating colons//Output summary information is separated by semicolons, and-hex is used simultaneously-R to output the digestinchCoreutils format//Specify the format of the output-D to output debug info//Output Bio Debug information-hex output asHex Dump//Print output results in 16 binary-binary outputinchBinary form//Output binary results-hmac ArgSetThe HMAC key to Arg//Specify the key for HMAC-non-fips-allow allow use of non FIPS digest//allow use of non-FIPS compliant digest algorithms-sign File Sign Digestusing PrivateKeyinchFile//Perform signature operation, specify private key file later-verify file Verify a signatureusing  PublicKeyinchFile//Perform a validation operation, specify the public key file later, and prverfify cannot be used concurrently-prverify file Verify a signatureusing PrivateKeyinchFile//perform validation operation, specify key file later, and verfify cannot be used simultaneously-keyform arg key file format (PEM or ENGINE)//Specify Key file format, PEM or engine
- outFileName output to filename rather than stdout//Specify output file, default standard output-signature File Signature to verify//Specify signature files to use when validating signatures-sigopt nm:v Signature Parameter//Signature Parameters-hmac key Create hashed MAC with key//Make an HMAC using key-MAC algorithm Create MAC (not neccessarily HMAC)//Make a Mac-macopt nm:v MAC algorithm parameters or key//mac algorithm parameter or key-engine e use engine E, possibly a hardware device.//Use hardware or a three-party encryption library-MD4 to use the MD4 message digest algorithm//Digest algorithm using MD4-MD5 to use the MD5 message digest algorithm//Digest algorithm using MD5-ripemd160 to use the RIPEMD160 message digest algorithm//Digest algorithm using ripemd160-sha to use the SHA Message digest algorithm//Digest algorithm using Sha-SHA1 to use the SHA1 message digest algorithm//Digest algorithm using SHA1-sha224 to use the sha224 message digest algorithm//Digest algorithm using sha223-sha256 to use the SHA256 message digest algorithm//Digest algorithm using SHA256-sha384 to use the SHA384 message digest algorithm//Digest algorithm using sha384-sha512 to use the SHA512 message digest algorithm//Digest algorithm using SHA512-whirlpool to use the Whirlpool message digest algorithm//Digest algorithm using Whirlpool
3. Dgst Use Example

1, only do summary operations and not do signature operations

/* hash operations using the SHA1 algorithm for file.txt files */ [email protected]:~/test$ OpenSSL dgst-SHA1 file.txt SHA1 (file.txt)=  C994AEC2A9007221A9B9113B8AB60A60144740C9
/* Specify the –non-fips-allow parameter, which is related to FIPS standards, yet to be studied */
[email protected]:~/test$ OpenSSL dgst–
SHA1 (file.txt)=
/*Specify the-d parameter to print debug messages*/[email protected]:~/test$ OpenSSL DGST-SHA1-d file.txt bio[02469910]:ctrl (6) -FILE pointerbio[02469910]:ctrlreturn 0bio[02469910]:ctrl (108) -FILE pointerbio[02469910]:ctrlreturn 1bio[02469910]:read (0,8192) -FILE pointerbio[02469910]:readreturn Panax Notoginsengbio[02469910]:read (0,8192) -FILE pointerbio[02469910]:readreturn 0SHA1 (file.txt)=c994aec2a9007221a9b9113b8ab60a60144740c9bio[02469910]:ctrl (1) -FILE pointerbio[02469910]:ctrlreturn 0bio[02469910]:free-FILE Pointer/*Specify the-c-hex parameter to print the result in 16 binary*/[email protected]:~/test$ OpenSSL dgst-sha1-c-hex file.txt SHA1 (file.txt)= C9:94: ae:c2:a9:xx: the: +: a9:b9: One: 3b:8a:b6:0a: -: -: -: +: C9/*Specify the-r parameter, the output is as follows, and the egg ...*/[email protected]:~/test$ OpenSSL DGST-SHA1-r file.txt c994aec2a9007221a9b9113b8ab60a60144740c9*file.txt/*Specify the-binary parameter, and enter the result as a binary*/[email protected]:~/test$ OpenSSL DGST-SHA1-binary file.txt?? ©r!??;?? ' [email protected] @cmos:~/test$

2. Use RSA key for signature verification operation

/*abstract algorithm chooses SHA256, key RSA key, file.txt signature*/[email protected]:~/test$ OpenSSL dgst-sign rsa.pem-sha256- outsign.txt file.txt/*Validate signature with RSA key (prverify parameter), verify success*/[email protected]:~/test$ OpenSSL dgst-prverify rsa.pem-sha256-signature sign.txt file.txt verified OKt/*extracting the public key from the key*/[email protected]:~/test$ OpenSSL RSA-inchRSA.PEM- outPUB.PEM-puboutwriting RSA Key/*Validate The signature with RSA public key (verify parameter), verify success*/[email protected]:~/test$ OpenSSL dgst-verify pub.pem-sha256-signature sign.txt file.txt verified OK

3. Use DSA key for signature verification operation

/*using the DSA algorithm, the digest algorithm sha256, the file.txt is signed*/[email protected]:~/test$ OpenSSL dgst-sign dsa.pem-sha256- outsign.txt file.txt/*verifying signatures with DSA keys*/[email protected]:~/test$ OpenSSL dgst-prverify dsa.pem-sha256-signature Sign.txt file.txtverified OK/*using the DSA algorithm, the digest algorithm Dss1, the file.txt is signed*/[email protected]:~/test$ OpenSSL dgst-sign Dsa.pem-dss1- outsign1.txt file.txt/*verifying signatures with DSA keys*/[email protected]:~/test$ OpenSSL dgst-prverify Dsa.pem-dss1-signature Sign1.txt file.txtverified OK/*extracting the public key*/[email protected]:~/test$ OpenSSL DSA-inchDSA.PEM- outPUB.PEM-puboutread DSA keywriting DSA key/*verifying signatures using the DSA public key*/[email protected]:~/test$ OpenSSL dgst-verify Pub.pem-dss1-signature sign1.txt file.txt verified OK/*verifying signatures using the DSA public key*/[email protected]:~/test$ OpenSSL dgst-verify pub.pem-sha256-signature Sign.txt file.txt verified Ok[email protected]:~/test$

According to the definition of the Dgst Man manual, if the DSA algorithm is used for signature verification, the DSS1 Digest algorithm must be used, but this experiment proves that other digest algorithms can be used for signature verification. I do not understand here, I hope Daniel pointing ...

4. Use of HMAC

MAC Message Authentication code, the construction method can be based on hash, also can be based on symmetric encryption algorithm, HMAC is based on the hash of the message authentication code. Data and key as input, summary information as output, often used for authentication.

[Email protected]:~/test$ OpenSSL dgst  123456  file.txt HMAC-sha256 (file.txt) = b8e92990b9fc2ac9b58fde06f4738dceb4fb1fc47b4d2234a9c3f152907b333a

For example, user logon server

1. The server sends a random number to the client

2, the client uses the random number as the key and the user password to do the HMAC, the result sends to the server

3, the server removes the Stored user password, also uses the random number and the user password to do the HMAC, according to the HMAC result whether confirms the user identity.

4. Legacy issues

Dgst the meaning of sigopt, Mac, macopt parameters is the use of methods, because Doc did not give specific examples, pending research on the OpenSSL source Code to supplement

Why you can choose other hash algorithms when using DSA signatures (man manual says only use DSS1)

There are dgst HMAC and HMAC parameters, yes, you read it correctly, it does provide two exactly the same parameters, give the explanation is not the same, or research source to go.

Hateful OpenSSL ...

OpenSSL summary and signature verification instructions DGST use

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.