3

Im doing ECDSA signatures using dgst command with OpenSSL as follows:

openssl dgst -sha256 -sign key.pem -out my_signature data_file

which works just fine. However I read in this SO answer that it first SHA256 hashes the data_file, and ASN.1 encodes the hash before signing it.

I would like to create the SHA256 hash of the data and make ECDSA sign just the raw bytes of this hash. (As this is the ECDSA signature, I cannot use rsautl as in the mentioned SO answer.)

How do I achieve this using OpenSSL?

Community
  • 1
  • 1
NumberFour
  • 3,551
  • 8
  • 48
  • 72
  • 1
    **Your premise is wrong.** #9951559 is _only_ about RSA, and only OpenSSL's default 'padding' which is RSASSA-PKCS1v1_5, where the standard calls for ASN.1-encoding the hash. The standards for RSA-PSS, DSA, and ECDSA do not include ASN.1-encoding the hash and `dgst -sign` for those cases does not do so. However, DSA and ECDSA _signatures_ are ASN.1 encoded as noted in the answer. – dave_thompson_085 Feb 15 '18 at 22:09

1 Answers1

3

You can do it with openssl pkeyutl which is a replacement for openssl rsautl that supports ECDSA.

Suppose you want to hash and sign a 'data.txt' file with openssl. At first you need to hash the file:

openssl dgst -sha256 -binary -out data.sha256 data.txt

after you can sign it:

openssl pkeyutl -sign -inkey private.pem -in data.sha256 -out data.sig

However the signature is still in ASN.1 format. To receive r and s values of signature use openssl asn1parse:

openssl asn1parse -inform DER -in data.sig
rystsov
  • 1,868
  • 14
  • 16