0

I am new to code signing. After signing my message I get a public key and pkcs7 certificate. I am trying to manually compare the hash of my massage with the hash I get after decrypting the signature using the public key.

My problem is that I don't know how to get the hash from decrypting the signature with the public key using an opessl command. The encryption algorithm is ecdsa with sha384. Is there any way the decrypt the signature using the public key in console and print the hash?

I have the following files:

  • publicKey.pem
  • signature_certificate.pem
Alexandra
  • 3
  • 1
  • 1
    "decrypting the signature" only works if it is an RSA signature (an RSA signature is an RSA encrypted hash value). ECDSA works differently: https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm#Signature_verification_algorithm For ECDSA with Openssl see https://superuser.com/questions/737574/openssl-ecdsa-sign-and-verify-file – Robert Apr 26 '21 at 15:02
  • Now I understand. Thank you. – Alexandra Apr 26 '21 at 16:40

0 Answers0