Discussion:
how to use the openssl API to verify a digital signature
RussMitch
2009-02-23 18:39:44 UTC
Permalink
Hello,

I'm trying to figure out how to do the following:

openssl dgst -sha1 -verify my-public-key -signature my-app.sha1 my-app

which works fine from the command line, but I need to be able to do if from
inside my-app, and have been unsuccessful finding the appropriate
documentation.

/Russ
--
View this message in context: http://www.nabble.com/how-to-use-the-openssl-API-to-verify-a-digital-signature-tp22167382p22167382.html
Sent from the OpenSSL - Dev mailing list archive at Nabble.com.

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-***@openssl.org
Automated List Manager ***@openssl.org
Kyle Hamilton
2009-02-23 22:01:47 UTC
Permalink
This is a question that should go on openssl-users, since it does not
relate to the development of the library itself. However, since it's
asked here, I'll answer.

apps/dgst.c has the appropriate code.

Most of the OpenSSL public API documentation is poorly-written and
out-of-date. I wish there were some wiki where people could
contribute documentation changes, since very few people seem to be
able to understand the nroff macros necessary to write manpages.

-Kyle H

On Mon, Feb 23, 2009 at 10:39 AM, RussMitch
Post by RussMitch
Hello,
openssl dgst -sha1 -verify my-public-key -signature my-app.sha1 my-app
which works fine from the command line, but I need to be able to do if from
inside my-app, and have been unsuccessful finding the appropriate
documentation.
/Russ
--
View this message in context: http://www.nabble.com/how-to-use-the-openssl-API-to-verify-a-digital-signature-tp22167382p22167382.html
Sent from the OpenSSL - Dev mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-***@openssl.org
Automated List Manager ***@openssl.org
RussMitch
2009-02-24 19:01:22 UTC
Permalink
Post by Kyle Hamilton
apps/dgst.c has the appropriate code.
Thanks Kyle, I've got dgst.o linked in now, and the verification works from
inside of my app. Now I need to modify dgst to accept an internal public
key, instead of an external file, i.e. I want to embed the public key inside
of my program. I've been stuck in the crypto/bio directory for some time
now, trying to understand how the key is read. Any suggestions?

/Russ
--
View this message in context: http://www.nabble.com/how-to-use-the-openssl-API-to-verify-a-digital-signature-tp22167382p22188244.html
Sent from the OpenSSL - Dev mailing list archive at Nabble.com.

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-***@openssl.org
Automated List Manager ***@openssl.org
Loading...