https://stackoverflow.com/questions/20552477
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianYou wont be able to do this. A Hash such as SHA1 is a one way type of encryption. Once the encryption is done its done and there is no going back.
Is there a way to recover the string that was signed having access to both the signature and the private key?
-
01-09-2022 - |
Question
As the title says, I have both the signature and the private key and would like to know the string that generated the signature.
To sign my string I would do this:
$ echo 'data to sign' > data.txt
$ openssl dgst -sha1 -sign privateKey.pem -out data.sha1 data.txt
$ openssl enc -base64 -in data.sha1 -out data.b64 -A
And I end up with a 172 bytes signature.
What I would like to know is if there's a way to reverse the process.
Thank you.
Solution
OTHER TIPS
Basically no, but if you know the string was relatively short and had some defined structure, you could brute force it until you get a matching hash value. For long and random strings it is impossible.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
