[openssl-users] beginner needs advice on data signature/verification

Marco Warga watz at watz.at
Sat Jun 20 08:48:07 UTC 2015


I hope some of you could give me advice on my project using openssl.

Lets say I have a server/service on a machine processing a file a 
corresponding client sends. That file is usually created by me on a 
clean third machine. The server side is assumed to be uncompromised (no 
hacker). The client side may be compromised. Now I need to make sure 
that the service only accepts those files that are created by me. I 
believe that is a very common requirement and has been done alot of 
times - I just can't find tutorials on how to implement it. Know any ?

Lets assume I have an x509 cert together with its private key signed by 
a ca owned by me. The trusted ca cert will be present on the server 
side. This is what I plan to do:

1.) Create the data files/blobs and sign them using the priv key of the 
cert. Distribute the cert and the signature along with (or inside) the 
data file.
2.) Have the client send that data file to the server (cert/sig first)
3.) Service receives the cert, builds a cert store with the local ca 
cert in it and verifies the client's cert with X509_verify_cert()
4.) if cert verifies ok, service compares the signature against the one 
calculated from the incoming data using the public key that came inside 
the cert just verified

Would this be the right approach considering that anything the client 
sends may be forged (cert, sig, data...) ?
Or would it be safer to have the cert used for signing stored on the 
server side and not send with the data (instead just its subject 
protected by the signature) ?

Thanks alot,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150620/2c31aac6/attachment.html>

More information about the openssl-users mailing list