[openssl-users] Verifying RSA-SHA1 signature?

Viktor Dukhovni openssl-users at dukhovni.org
Mon Sep 12 17:15:02 UTC 2016

> On Sep 12, 2016, at 1:07 PM, Nikolay Kudryavtsev <nikolay.kudryavtsev at gmail.com> wrote:
> The signature is base64 encoded, so first I do:
> openssl enc -d -A -base64 -in signature.txt -out signature.sha1
> Then I do:
> openssl dgst -verify pubkey.pem -signature signature.sha1 datafile.txt
> Or:
> openssl dgst -sha1 -verify pubkey.pem -signature signature.sha1 datafile.txt
> Either of those fails with:
> Verification Failure
> Whenever I try to verify data signed with my own key, everything works. But for that data that I got from a third party nothing works. That third party is adamant that the signature is correct and it's RSA_SHA1, but they've been unwilling to explain the details on how they sign it and what they use to verify.

What is the canonical representation of the text file?
Does it have <LF> line-endings, or <CRLF> line endings?
In what representation was it signed?



More information about the openssl-users mailing list