问题
Im doing ECDSA signatures using dgst command with OpenSSL as follows:
openssl dgst -sha256 -sign key.pem -out my_signature data_file
which works just fine. However I read in this SO answer that it first SHA256 hashes the data_file, and ASN.1 encodes the hash before signing it.
I would like to create the SHA256 hash of the data and make ECDSA sign just the raw bytes of this hash. (As this is the ECDSA signature, I cannot use rsautl as in the mentioned SO answer.)
How do I achieve this using OpenSSL?
回答1:
You can do it with openssl pkeyutl which is a replacement for openssl rsautl
that supports ECDSA.
Suppose you want to hash and sign a 'data.txt' file with openssl. At first you need to hash the file:
openssl dgst -sha256 -binary -out data.sha256 data.txt
after you can sign it:
openssl pkeyutl -sign -inkey private.pem -in data.sha256 -out data.sig
However the signature is still in ASN.1 format. To receive r and s values
of signature use openssl asn1parse:
openssl asn1parse -inform DER -in data.sig
来源:https://stackoverflow.com/questions/25421399/ecdsa-sign-using-openssl-without-asn1-encoding-the-hash