ar_doc_44 openssl_ECC_enc_dec_signature - JohnHau/mis GitHub Wiki
Tutorial for interoperability with OpenSSL in ECDSA signing and verification
This tutorial shows ECDSA signing and verification interoperability between jsrsasign and OpenSSL. datasign and dataverify are sample Node.js script of Signature class.
EC key generation with OpenSSL Generate private key and public key for secp256r1 elliptic curve by openssl command.
Generate PKCS#5 PEM private key file for EC secp256r1 curve:
% openssl ecparam -genkey -name secp256r1 -out private.key Export PKCS#8 PEM public key of private.key
% openssl ec -in private.key -pubout -out public.key Then private key file "private.key" and public key file "public.key" have been generated. They can be used by OpenSSL and jsrsasign.
Sign with datasign and verify with openssl Please prepare any data file to be signed. I'll use "aaa.txt" file. Sign "aaa.txt" file with EC private key and a signature file "sig1" will be created:
% datasign aaa.txt private.key sig1 SHA256withECDSA successfully signed Then verify it with openssl command and it will be verified successfully:
% openssl dgst -sha256 -verify public.key -signature sig1 aaa.txt Verified OK
Sign with openssl and verify with jsrsasign Sign "aaa.txt" by the private key with openssl and a signature file "sig2" will be created:
% openssl dgst -sha256 -sign private.key -out sig2 aaa.txt Then verify it with dataverify tool of jsrsasign and it will be verified successfully:
% dataverify aaa.txt public.key sig2 SHA256withECDSA signature is valid Now you can sign and verify a ECDSA signature both OpenSSL and jsrsasign each other.
EC signature data format for OpenSSL and jsrsasign A EC signature data format for OpenSSL and jsrsasign is a ASN.1 binary data of two integers R and S of sequence like here:
SEQUENCE { INTEGER 4B 5F CF E8 A7 BD 6A C2 1D 25 0D F8 DE 9C EF DC C4 DF 33 F3 AF 2F 3D 5B 83 2C 1F BD 98 C8 61 34 INTEGER 7E F9 E9 60 B1 E6 7F 59 9E 2C 38 22 39 B2 C4 B1 71 3E FA AE 24 A4 B7 D2 03 5A 60 8D F3 34 3D E8 } Some other implementation may use other signature data format such as just a concatenation of hexadecimal R and S value. Jsrsasign provides some converter static methods in ECDSA class:
asn1SigToConcatSig - convert from a hexadecimal ASN.1 EC signature to a hexadecimal concatenated EC signature concatSigToASN1Sig - convert from a hexadecimal concatenated EC signature to a hexadecimal ASN.1 EC signature parseSigHex - parse a hexadecimal ASN.1 EC signature and returns an associative array of BigInteger such as {r: BigInteger, s: BigInteger} parseSigHexInHexRS - parse a hexadecimal ASN.1 EC signature and returns an associative array of hexadecimal string such as {r: hex string, s: hex string}
$ openssl ecparam -genkey -name secp256r1 -out private.key using curve name prime256v1 instead of secp256r1
openssl ec -in private.key -text
$ openssl ec -in private.key -pubout -out public.key read EC key writing EC key
$ openssl sha256 -verify public.key sl.log.sig secret.log sha256: Can only sign or verify one file.
H374389@CH5OLT23420Z2 ~/temp/ecc_practice $ openssl sha256 -verify public.key -signature sl.log.sig secret.log Verified OK
///////////////////////////////////////////////////////////////////////////////////////////////////// $ cat openssl_aes_128.sh #!/bin/bash
echo -n -e '\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a'
| openssl enc -v -aes-128-cbc -K 2b7e151628aed2a6abf7158809cf4f3c
-iv 000102030405060708090a0b0c0d0e0f -nopad| od -Ax -tx1
//////////////////////////////////////////////////////////////////////////////////////////////////// $ cat openssl_aes_128_de.sh #!/bin/bash
#echo -n -e '\x76\x49\xab\xac\x81\x19\xb2\x46\xce\xe9\x8e\x9b\x12\xe9\x19\x7d' \
| openssl enc -d -aes-128-cbc -K 2b7e151628aed2a6abf7158809cf4f3c\
cat eee.bin
| openssl enc -d -aes-128-cbc -K 2b7e151628aed2a6abf7158809cf4f3c
-iv 000102030405060708090a0b0c0d0e0f | od -Ax -tx1 -iv 000102030405060708090a0b0c0d0e0f | od -Ax -tx1
////////////////////////////////////////////////////////////////////////////////////////////////////////////////