Verifying Authentication with openSSL

Question

bob has created a private key with

openssl genrsa -out Private.pem 1024

then created the public key with

openssl rsa -in Private.pem -out Public.pem -outform PEM -pubout

he created a file named data.txt with "hello" plain text inside and ran the command

openssl dgst -sha1 -sign Private.pem data.txt| openssl enc -base64 -A > signature.txt

now he sent alice the file data.txt. The signature.txt and Public.pem files.

how can alice verify the authenticity?

thks in advance

Answer 1

First you need to decode your base64-encoded signature and then just verify the signature:

openssl enc -d -A -base64 -in signature.txt -out signature.sha1
openssl dgst -sha1 -verify Public.pem -signature signature.sha1 data.txt