You're reading from Demystifying Cryptography with OpenSSL 3.0 Discover the best techniques to enhance your network security with OpenSSL 3.0

Product type Paperback

Published in Oct 2022

Publisher Packt

ISBN-13 9781800560345

Length 342 pages

Edition 1st Edition

Languages

Tools

Wireshark

Concepts

Cryptography

Author (1):

Alexei Khlebnikov

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Introduction

2. Chapter 1: OpenSSL and Other SSL/TLS Libraries FREE CHAPTER

3. Part 2: Symmetric Cryptography

4. Chapter 2: Symmetric Encryption and Decryption

5. Chapter 3: Message Digests

6. Chapter 4: MAC and HMAC

7. Chapter 5: Derivation of an Encryption Key from a Password

8. Part 3: Asymmetric Cryptography and Certificates

9. Chapter 6: Asymmetric Encryption and Decryption

10. Chapter 7: Digital Signatures and Their Verification

11. Chapter 8: X.509 Certificates and PKI

12. Part 4: TLS Connections and Secure Communication

13. Chapter 9: Establishing TLS Connections and Sending Data over Them

14. Chapter 10: Using X.509 Certificates in TLS

15. Chapter 11: Special Usages of TLS

16. Part 5: Running a Mini-CA

17. Chapter 12: Running a Mini-CA

18. Index

Why subscribe?

19. Other Books You May Enjoy

Packt is searching for authors like you

How to verify a signature programmatically

To learn how to verify signatures programmatically, let’s develop a small ec-verify program that can verify signatures produced by ec-sign or openssl pkeyutl.

Our program will take three command-line arguments:

The name of the input file containing the signed data
The name of the file containing the signature
The name of the file containing the verifying public key

Here is our high-level implementation plan for the program:

Load the signature.
Load the verifying public key.
Create an EVP_MD_CTX object that will be used as the verifying context.
Initialize the verifying context with the hash function’s name and the loaded public key.
Read the signed data chunk by chunk and feed it to the verifying context.
Finalize the verification and find out whether the verification has succeeded or failed.

Now it’s time to implement our plan.