Creating a raw signature of a hex string
Robert Moskowitz
rgm at htt-consult.com
Sun Apr 23 16:12:11 UTC 2023
James,
thanks I will give this a try. I already have the 1st step via
PyCryptodome, but that code was yet to implement EdDSA signing.
I am all too familiar with the fighting in Python to get the right type.
On 4/23/23 11:38, James Muir wrote:
>
> On Sun., Apr. 23, 2023, 9:57 a.m. Robert Moskowitz,
> <rgm at htt-consult.com> wrote:
>
> This is for work in the IETF DRIP workgroup and the objects created in
>
> https://datatracker.ietf.org/doc/draft-ietf-drip-auth/
>
> and used in
>
> https://datatracker.ietf.org/doc/draft-moskowitz-drip-a2x-adhoc-session/
>
> I have a 136 byte object:
>
> 2e4a3f5b5e07a1fb254b811f5a1002b10a5fda326d944758324d7f16972aa2f63c4722b92001003ffe001405
>
> And a pem formatted private key file (EdDSA25519) file.
>
> I want the 64 byte signature.
>
> So far in all my googling I have only found:
>
> https://stackoverflow.com/questions/35443847/how-to-create-detached-cms-signature
>
> and
>
> openssl cms -sign -signer cert.pem -inkey pkey.pem -binary -in data
> -outform der -out signature
>
> I think I would cut out the -signer, as no cert, just the pkey.
>
> This is NOT cms, no way, but is that needed.
>
> Basically what do I need to sign a bunch of bytes and get the
> signature?
>
>
> Here is a sign/verify example with Ed25519:
>
> openssl genpkey -algorithm ED25519 -out ed25519-priv.pem
> openssl pkeyutl -sign -rawin -in msg.txt -inkey ed25519-priv.pem -out
> sig.raw
> openssl pkeyutl -verify -rawin -in msg.txt -sigfile sig.raw -inkey
> ed25519-priv.pem
>
> I think you would need an extra step to convert your message from hex
> to binary.
>
> -James M
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230423/efdff77c/attachment-0001.htm>
More information about the openssl-users
mailing list