OpenSSL: Signing And Verification With Certificates

Trust, But Verify (Доверя́й, но проверя́й)

After credentials and keys generation, we can conduct attestation and authentication.

Caveat: Do not use the same keys to cipher and sign / verify.

The sample utility found at: utility_cert, illustrates the use.

$ ./main.sh

Signing

Under [signing_utility.sh], there is a series of message signing for various asymmetric cryptograms:

sign_message_with_*:
1. RSA
2. DSA
3. ECC

For signing files:

sign_file_*:
1. RSA
2. DSA
3. ECC

Verification

Under [signing_utility.sh], there is a series of signature verification for various asymmetric cryptograms:

verify_message_*:
1. RSA
2. DSA
3. ECC

For signature verification for signed files:

verify_file_*:
1. RSA
2. DSA
3. ECC

“(Authenticated, yet malicious code is) like an intruder, that shoots you in the knee caps, sexually assaults you, ransacks your house, and then leaves a business card…” — keynote talk at ISOC’s NDSS 2000, in discussing mobile code

Cryptography is typically bypassed, not…