Error checking Digital Signature - "Unable to load Private Key"

Asked

Viewed 1,552 times

1

Creating a Digital Signature requires:
- Private Key.
- Public Key.
- HASH of the file to be Signed.

I’m using the following algorithm for the process:

image1 image2 Source: http://maxicertificadodigital.com.br/sobre.php


Following these steps, I am using Openssl to generate these files, only I am having some problems...

Generating the Private Key:

openssl genrsa -out chave_privada.pem 1024

keyhole.:

-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDSH6KlEmqxj9Y68d+qRGtlfDrrhLMT+D0tVa6gWtcH58UqyPAW
qOQOshUnBqojiuyVxpGc/fSUgAnZTSf0pdtTDzRv84AETYEZZe5RvP/vN9HqQZG7
RoNAwjWZiilvQFMDiHn9SB4EvxfcbRvCqpJklyuTigFDOP7Bgl4Jha+UWwIDAQAB
AoGBAJfVzlSUC08FjhuH/kRuLmDmNTlM6Y5rmeFxgb9UBQAsZZg2HO9y2WEZJBnQ
Qg9u6uiL1VrpU9we7X79tvqdAu8hs5C7XNS8bt861AaeBcu1V24vHcj8uIpz5j6d
V+30s8PmtY/JQfnn5pSk8h1KHi7pJp7bYfv0q5qBZ4p2+CShAkEA79dGC/zN/QyL
+Kuc1aCszXTix/Y8exz3hCK2WHR2g5lzOClXJWFM0a4FT/PYXI/z7+KBqcKHOXu/
CmwsWC+gUQJBAOBHzaDtOUfV0eRoQ20TXTuPRzd2fKrWf2fbP62MtqHe4FfgC2hv
TUcvHr996JsnA+NUYOyXt3AAmbXjlSugSusCQQDKPe4cJ6YPTugs3ZFXdrCgY4Lj
+RhQ/EEfVCIM/s/88oV9AycwJxce7K4gGFAG5YBedNK/soBSka2rfUH7btWxAkAW
ZDTMX0K7wEYvRpWMu0UwoBJdIDA8IiQgK0yFOCo3qPe+7jhVWd9ePv8T4S8q5k9G
D/OJS3Bd90FhXnJTI7K3AkAtYaoDxVTC8atbAWJZE+2tdqbepCopzpwAThro5Ff0
Ping/e9cCEt+zzNm+yPNQFXf48Xks9WQmZmk2qVzggUL
-----END RSA PRIVATE KEY-----

Generating the Public Key from the Private Key:

openssl rsa -in chave_privada.pem -pubout -out chave_publica.pem

chave_publica.pem:

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSH6KlEmqxj9Y68d+qRGtlfDrr
hLMT+D0tVa6gWtcH58UqyPAWqOQOshUnBqojiuyVxpGc/fSUgAnZTSf0pdtTDzRv
84AETYEZZe5RvP/vN9HqQZG7RoNAwjWZiilvQFMDiHn9SB4EvxfcbRvCqpJklyuT
igFDOP7Bgl4Jha+UWwIDAQAB
-----END PUBLIC KEY-----  

Generating the file HASH:

openssl dgst -sha256 texto.txt > hash

hash:

SHA256(texto.txt)= f32c22e9ca0fca1049df4467c1ce794229fb760f732cb05054c7a14a00a22a28

Generating the Signature:

openssl rsautl -sign -inkey chave_privada.pem -keyform PEM -in hash > signature

Checking if signature matches the file:

openssl rsautl -verify -inkey chave_publica.pem -keyform PEM -in signature

And returns the following error in Prompt:

Loading 'screen' into random state - done
unable to load Private Key
1300:error:0906D06C:PEM routines:PEM_read_bio:no start line:.\crypto\pem\pem_lib
.c:701:Expecting: ANY PRIVATE KEY

Can anyone help me? Thank you!

1 answer

1


When you specify the option inkey, the default is to treat it as a private key. If you want to verify the signature using a public key, you must also use the option -pubin:

openssl rsautl -verify -inkey chave_publica.pem -pubin -keyform PEM -in signature

Documentation of the rsautl.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.