The article introduces you to an example of using the DSA algorithm to generate a signature based on openssl. The method of generating a signature is very simple, but we need to understand the middle principle, which is more complicated. Let's take a look.
Command:
openssl> dgst -dss1 -sign C.pri -out signature.bin s.txt
Explanation
C.pri is the private key file generated by the DSA algorithm
s.txt is the original text for making the signature
signature.bin is the generated signature file
You can use the following method to view the signature content in php
The code is as follows
| 代码如下 |
复制代码 |
echo bin2hex(file_get_contents('signature.bin'));
?> |
|
Copy code
|
echo bin2hex(file_get_contents('signature.bin'));
?>
Reference content
Message Digest Algorithm
Supported algorithms include: MD2, MD4, MD5, MDC2, SHA1 (sometimes called DSS1), RIPEMD-160. SHA1 and RIPEMD-160 produce 160-bit hashes, the others produce 128-bit hashes. Unless for compatibility reasons, it is recommended to use SHA1 or RIPEMD-160.
Except for RIPEMD-160, which requires the rmd160 command, other algorithms can be executed with the dgst command.
OpenSSL's handling of SHA1 is a bit strange, and sometimes it must be referred to as DSS1.
In addition to calculating hash values, the message digest algorithm can also be used to sign and verify signatures. When signing, the private key generated by DSA must be matched with DSS1 (ie SHA1). For private keys generated by RSA, any message digest algorithm can be used.
# Message Digest Algorithm Application Example
# Use SHA1 algorithm to calculate the hash value of file file.txt and output it to stdout
$ openssl dgst -sha1 file.txt
# Use the SHA1 algorithm to calculate the hash value of the file file.txt and output it to the file digest.txt
$ openssl sha1 -out digest.txt file.txt
# Use the DSS1 (SHA1) algorithm to sign the file file.txt and output it to the file dsasign.bin
# The private key of the signature must be generated by the DSA algorithm and stored in the file dsakey.pem
$ openssl dgst -dss1 -sign dsakey.pem -out dsasign.bin file.txt
# Use dss1 algorithm to verify the digital signature dsasign.bin of file.txt,
# The private key to be verified is the file dsakey.pem generated by the DSA algorithm
$ openssl dgst -dss1 -prverify dsakey.pem -signature dsasign.bin file.txt |
# Use the sha1 algorithm to sign the file file.txt and output it to the file rsasign.bin
# The private key of the signature is the file rsaprivate.pem
generated by the RSA algorithm
$ openssl sha1 -sign rsaprivate.pem -out rsasign.bin file.txt
# Use sha1 algorithm to verify the digital signature of file.txt rsasign.bin,
# The verified public key is rsapublic.pem
generated by RSA algorithm
$ openssl sha1 -verify rsapublic.pem -signature rsasign.bin file.txt
http://www.bkjia.com/PHPjc/632818.htmlwww.bkjia.comtrue
http: //www.bkjia.com/PHPjc/632818.htmlThe article introduces an example of using the DSA algorithm to generate a signature based on openssl. The method of generating a signature is very simple. We need to understand the middle The principle is more complicated, let’s take a look together. ...
Statement:The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
