| Yubico Forum https://forum.yubico.com/ |
|
| [QUESTION] Digital signatures https://forum.yubico.com/viewtopic.php?f=26&t=1694 |
Page 1 of 1 |
| Author: | jgreen1024 [ Fri Jan 02, 2015 2:01 am ] |
| Post subject: | [QUESTION] Digital signatures |
I'm just getting started with Yubikey, and with smart cards in general, so this might be a dumb question. I am trying to perform what should be a simple operation: digitally sign something using the Yubikey, and then verify the signature using OpenSSL. I have generated an ECDSA-256 certificate request in slot 9a, issued the certificate, and installed it. I am then generating a digital signature for a file using: Code: #pkcs11-tool --module /usr/lib/i386-linux-gnu/opensc-pkcs11.so --sign --input-file=Downloads/test_file --output-file=test_file.sig Using slot 1 with a present token (0x1) Logging in to "PIV_II (PIV Card Holder pin)". Please enter User PIN: Using signature algorithm ECDSA Writing OpenSSL ECDSA_SIG So far, so good. This generated a file with a length of 70 bytes. Now I try to verify the signature using OpenSSL. I have extracted the public key for my certificate into the file "yubikey.pubkey" previously: Code: #openssl dgst -verify yubikey.pubkey -signature test_file.sig test_file Verification Failure Am I way off the mark in what I'm trying to do here? Any ideas? Thanks! |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|