To create a Digital Subscription you need:
- Private key.
- Public Key.
- HASH of the file to be signed.
I'm using the following algorithm for the process:
image1 http://maxicertificadodigital.com.br/images/sobre/03.png image2 http://maxicertificadodigital.com.br/images/sobre/04.png Source: link
Following these steps, I'm using OpenSSL to generate these files, but I'm having some problems ...
Generating the Private Key:
openssl genrsa -out chave_privada.pem 1024
private key.pem:
-----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDSH6KlEmqxj9Y68d+qRGtlfDrrhLMT+D0tVa6gWtcH58UqyPAW qOQOshUnBqojiuyVxpGc/fSUgAnZTSf0pdtTDzRv84AETYEZZe5RvP/vN9HqQZG7 RoNAwjWZiilvQFMDiHn9SB4EvxfcbRvCqpJklyuTigFDOP7Bgl4Jha+UWwIDAQAB AoGBAJfVzlSUC08FjhuH/kRuLmDmNTlM6Y5rmeFxgb9UBQAsZZg2HO9y2WEZJBnQ Qg9u6uiL1VrpU9we7X79tvqdAu8hs5C7XNS8bt861AaeBcu1V24vHcj8uIpz5j6d V+30s8PmtY/JQfnn5pSk8h1KHi7pJp7bYfv0q5qBZ4p2+CShAkEA79dGC/zN/QyL +Kuc1aCszXTix/Y8exz3hCK2WHR2g5lzOClXJWFM0a4FT/PYXI/z7+KBqcKHOXu/ CmwsWC+gUQJBAOBHzaDtOUfV0eRoQ20TXTuPRzd2fKrWf2fbP62MtqHe4FfgC2hv TUcvHr996JsnA+NUYOyXt3AAmbXjlSugSusCQQDKPe4cJ6YPTugs3ZFXdrCgY4Lj +RhQ/EEfVCIM/s/88oV9AycwJxce7K4gGFAG5YBedNK/soBSka2rfUH7btWxAkAW ZDTMX0K7wEYvRpWMu0UwoBJdIDA8IiQgK0yFOCo3qPe+7jhVWd9ePv8T4S8q5k9G D/OJS3Bd90FhXnJTI7K3AkAtYaoDxVTC8atbAWJZE+2tdqbepCopzpwAThro5Ff0 Ping/e9cCEt+zzNm+yPNQFXf48Xks9WQmZmk2qVzggUL -----END RSA PRIVATE KEY-----
Generating the Public Key from the Private Key:
openssl rsa -in chave_privada.pem -pubout -out chave_publica.pem
public key.pem:
-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSH6KlEmqxj9Y68d+qRGtlfDrr hLMT+D0tVa6gWtcH58UqyPAWqOQOshUnBqojiuyVxpGc/fSUgAnZTSf0pdtTDzRv 84AETYEZZe5RvP/vN9HqQZG7RoNAwjWZiilvQFMDiHn9SB4EvxfcbRvCqpJklyuT igFDOP7Bgl4Jha+UWwIDAQAB -----END PUBLIC KEY-----
Generating HASH from file:
openssl dgst -sha256 texto.txt > hash
hash:
SHA256(texto.txt)= f32c22e9ca0fca1049df4467c1ce794229fb760f732cb05054c7a14a00a22a28
Generating Signature:
openssl rsautl -sign -inkey chave_privada.pem -keyform PEM -in hash > signature
Checking if signature matches file:
openssl rsautl -verify -inkey chave_publica.pem -keyform PEM -in signature
And returns the following error in the Prompt:
Loading 'screen' into random state - done unable to load Private Key 1300:error:0906D06C:PEM routines:PEM_read_bio:no start line:.\crypto\pem\pem_lib .c:701:Expecting: ANY PRIVATE KEY
Can anyone help me? Thanks!