openssl RSA signature example

October 12th, 2007
Posted by David Lowenfels
Filed in:
openssl RSA encryption ruby

So it seems that the openssl library is totally undocumented?? Here is an example we cooked up to demonstrate how to verify an RSA signature.



>> require 'openssl'
=> false
>> private_key = OpenSSL::PKey::RSA.new(1024)
=> -----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDO+Hl83kJL5qXiEpAMR1+e1JRxpEKBrMJu7wONEge+LjM7svuS
oSWf7+eOpI+Fr6IbNOLsX8x/ZsdWwGjqSIjWsdCvPOjodIi5SAD9UNpt6cUeFsN8
PQYnmy98jdoG9BwFpmMxDWKTVzft3qvKTCMF/b0E/3ELOU78blZp/cg70QIDAQAB
AoGAKqf1SfH40fHYcG6I967iGzcO3RkQh+9WJ0zle3ai1+RntL8fsEm8Gml0XOa3
mcLn8xmER1k7KWrCXLPNK7QFV3M/lbyIbYxXzMBAYuafSKmx6c2vUaGrFYO18oKA
N1dd/+gyuYSi8705Y3z07PoR1Ok7bsFWQM8cjYUwahazTFECQQD09iOdGQPp2OEc
ZLDvo++lvC03fxSGr338rWrVl40engQVB4HAOz3NsFfmDJPfISKL+pnWNyCmagcf
Ys8kppmFAkEA2EwTMZ2NOp9L6oq0+1/JZXnuF/kA6SNo6sRJjBXJk+OSHp9ylm+/
N3DxOVbLPvRzd9FkTetaUIhXW50PQZMk3QJAdldXGzUTk+ynzBzE8fDD/NBtE8t7
8hlkBycMXsXJckoqdLJct66nC/CudkALTBdo5jEaEsgtKNg+OqZ0piMqNQJASBtU
ar3zTw+75zzGiOat5T54uVUxkIdVeq5lNmYtBThghgTx1mT6gikMwejFaP9lXxRX
NAK54Q8S0F/TrjC3oQJBAK4qC/NZ7N/EAkants498sPy/8zZZH7OvjSgn1ScXaZo
PRv/E7Y/dE+DQWufPY9QnQZOl0c4MsFVWYzNduduXCQ=
-----END RSA PRIVATE KEY-----

>> public_key = private_key.public_key
=> -----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAM74eXzeQkvmpeISkAxHX57UlHGkQoGswm7vA40SB74uMzuy+5KhJZ/v
546kj4Wvohs04uxfzH9mx1bAaOpIiNax0K886Oh0iLlIAP1Q2m3pxR4Ww3w9Bieb
L3yN2gb0HAWmYzENYpNXN+3eq8pMIwX9vQT/cQs5TvxuVmn9yDvRAgMBAAE=
-----END RSA PUBLIC KEY-----

>> XML = "abcdefg" 
=> "abcdefg" 
>> sig = private_key.sign( OpenSSL::Digest::SHA1.new, XML )
=> "Q=W\3637\275\2340\250\306k>\320\335\275\252\242\3374\364d\021U\315\273\373\322\351\347\211'\344\b\270\a\207(\216\035\b\021\200|&,Sn|\323}4\327@\343a\263Yj\227\311-&\210\245K\350*\316B'\275-\352\377\366\001]q\346F\240\211\246E\313\340\025p3\331\235w\247\351E\026N~\272\371\025&\2208\270c\252>_\246\345\272\237\226u\301\273\212J\341\213%\343\255%\b\372\245" 
>> public_key.verify( OpenSSL::Digest::SHA1.new, sig, XML )
=> true

4 Responses to “openssl RSA signature example”

  1. Romek Szczesniak Says:
    November 5th, 2007 at 04:40 PM

    The best (and most complete) work on the OpenSSL library was presented at RubyKaigi2006.

    The source code and presentation are still available here:

    http://dev.ctor.org/download/RubyKaigi2006SAP20060610.pdf http://dev.ctor.org/download/rubykaigi2006.tar.gz

    describing in detail how to use the library.

  2. Adam Bender Says:
    November 8th, 2007 at 04:17 AM

    Romek's second link is very helpful, but the first is 404. Is the PDF still around?

  3. Romek Szczesniak Says:
    November 20th, 2007 at 05:01 PM

    At last look, http://dev.ctor.org can be temperamental from time to time.

    If you are unable to get hold of the presentation or the distribution, please email me and I will send it to you.

    Kind regards, Romek romek at spikyblackcat dot co dot uk

  4. gregt Says:
    January 12th, 2008 at 02:35 AM

    the PDF and code samples from http://dev.ctor.org are quite good. thanks for sharing, Romek!

Sorry, comments are closed for this article.