Download presentation
Presentation is loading. Please wait.
1
Foundations of Network and Computer Security
John Black CSCI 6268/TLEN 5550, Spring 2013
2
Verifying my Sig I signed the first two “chunks” of my message (encrypted session key, encrypted message) I used base64 first, removed all newlines, hashed with sha1, then signed the hash This was all discussed in the project 2 slides
3
Generating a Sig Suppose I have the encrypted session key in “key.enc” and the symmetrically encrypted message in “msg.enc” then to sign I might use $ cat key.enc msg.enc | tr -d '\n' | openssl sha1 | openssl rsautl -sign -inkey jrblack-priv.pem | openssl base64 -e
4
To Verify a Sig You want to verify, so
1) Extract the sig from the message into a file called “sig” Remember to un-base64 it 2) Extract the first two chunks, delete newlines, hash, and save the output to “expected” 3) Run openssl rsautl –verify –in sig –inkey senders_cert.pem -certin 4) Compare the output to “expected”. If they match, you’re good
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.