Is there a way to recover the string that was signed having access to both the signature and the private key?

StackOverflow https://stackoverflow.com/questions/20552477

質問

As the title says, I have both the signature and the private key and would like to know the string that generated the signature.

To sign my string I would do this:

$ echo 'data to sign' > data.txt
$ openssl dgst -sha1 -sign privateKey.pem -out data.sha1 data.txt
$ openssl enc -base64 -in data.sha1 -out data.b64 -A

And I end up with a 172 bytes signature.

What I would like to know is if there's a way to reverse the process.

Thank you.

役に立ちましたか?

解決

You wont be able to do this. A Hash such as SHA1 is a one way type of encryption. Once the encryption is done its done and there is no going back.

他のヒント

Basically no, but if you know the string was relatively short and had some defined structure, you could brute force it until you get a matching hash value. For long and random strings it is impossible.

ライセンス: CC-BY-SA帰属
所属していません StackOverflow
scroll top