Phillip Pearson - Second p0st

tech notes and web hackery from the guy that brought you bzero, python community server, the blogging ecosystem, the new zealand coffee review and the internet topic exchange

2005-5-23

OpenSSL: How to create a DSA key and sign things

Some command lines that may be useful if you want to implement an OpenID identity server or consumer:

openssl dsaparam 1024 < /dev/random > dsaparam.pem
openssl gendsa dsaparam.pem -out dsa_priv.pem
openssl dsa -in dsa_priv.pem -pubout -out dsa_pub.pem
echo "foobar" > foo.txt
sha1sum < foo.txt | awk '{print $1}' > foo.sha1
openssl dgst -dss1 -sign dsa_priv.pem foo.sha1 > sigfile.bin
openssl dgst -dss1 -verify dsa_pub.pem -signature sigfile.bin foo.sha1

With any luck I'll have some PHP code available soon for the server side ...
... more like this: []