openssl命令如何使用ed25519签署消息

huangapple go评论61阅读模式
英文:

How do openssl commands sign messages using ed25519

问题

我正在尝试在OpenSSL中使用Ed25519算法对数据进行签名。我已重新安装了OpenSSL并确认我的OpenSSL版本支持Ed25519。然而,当我尝试使用openssl dgst命令并加上-ed25519标志对数据进行签名时,我收到一个错误消息,其中说:“Unrecognized flag ed25519”。这是我使用的命令:

openssl dgst -sign <private_key_file> -ed25519 -out <signature_file> <data_file>

我还尝试使用openssl pkeyutl命令对数据进行签名,但我收到一个错误消息,其中说:“Error initializing context”。这是我使用的命令:

openssl pkeyutl -sign -inkey <private_key_file> -keyform PEM -in <data_file> -out <signature_file> -pkeyopt digest:ed25519

我已确认我的私钥采用PEM格式,并且我的OpenSSL版本支持Ed25519。是什么导致了这些错误,以及如何在OpenSSL中使用Ed25519算法对数据进行签名?

英文:

I am trying to sign data using Ed25519 algorithm in OpenSSL. I have reinstalled OpenSSL and confirmed that my OpenSSL version supports Ed25519. However, when I try to sign data using the openssl dgst command with the -ed25519 flag, I get an error message saying "Unrecognized flag ed25519". Here is the command I am using:

openssl dgst -sign &lt;private_key_file&gt; -ed25519 -out &lt;signature_file&gt; &lt;data_file&gt;

I have also tried using the openssl pkeyutl command to sign the data, but I get an error message saying "Error initializing context". Here is the command I am using:

openssl pkeyutl -sign -inkey &lt;private_key_file&gt; -keyform PEM -in &lt;data_file&gt; -out &lt;signature_file&gt; -pkeyopt digest:ed25519

I have confirmed that my private key is in PEM format and that my OpenSSL version supports Ed25519. What could be causing these errors, and how can I sign data using Ed25519 algorithm in OpenSSL?

答案1

得分: 1

自从v3.0.1版本的OpenSSL CLI开始支持Ed25519签名(参见此处)。

示例:

# 生成密钥
openssl genpkey -algorithm Ed25519 -out secret.pem
openssl pkey -in secret.pem -pubout -out public.pem

# 生成签名
openssl pkeyutl -sign -inkey secret.pem -out signature.bin -rawin -in message.bin

# 验证签名
openssl pkeyutl -verify -pubin -inkey public.pem -rawin -in message.bin -sigfile signature.bin
英文:

Since v3.0.1 OpenSSL CLI supports signing with Ed25519 (see here).

Example:

# generate keys
openssl genpkey -algorithm Ed25519 -out secret.pem
openssl pkey -in secret.pem -pubout -out public.pem

# generate signature
openssl pkeyutl -sign -inkey secret.pem -out signature.bin -rawin -in message.bin

# verify signature
openssl pkeyutl -verify -pubin -inkey public.pem -rawin -in message.bin -sigfile signature.bin

huangapple
  • 本文由 发表于 2023年4月4日 11:25:32
  • 转载请务必保留本文链接:https://go.coder-hub.com/75925284.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定