Using OpenSSL?

loune lpgcritter at nasquan.com
Wed May 25 02:42:10 PDT 2005


Hi all,

I'm currently making a test id server using PHP. Since php does not come 
with any good public key libraries, I'm using the openssl library for 
encrypting stuff. However, even though the openssl binary is verifying 
fine locally, on the OpenID test site, it fails.

Here is the command I'm running gathered from one of the previous posts:
echo "str" | openssl dgst -dss1 -sign ~/dsaprivkey.pem > sigraw
eg:

echo "2005-05-24T05:29:40Z::assert_identity::http://dev.nasquan.com/openid/u/test::http://www.danga.com/openid/demo/helper.bml" | openssl dgst -dss1 -sign ~/privkey.pem

the output is then base64'd

verification is using:
echo "str" | openssl dgst -dss1 -verify pubkey.pem -signature sigraw
eg:
echo 
"2005-05-24T05:29:40Z::assert_identity::http://dev.nasquan.com/openid/u/test::http://www.danga.com/openid/demo/helper.bml" 
| openssl dgst -dss1 -verify pubkey.pem -signature sigraw

file sigraw is a base64 decoded from the following:
MC0CFQCuUPGdl3njX4kimiq8LdLLZ63HkQIUHY+IW7TePC21cMvR25mJVf3ks2k=
which is a signature of the following:
2005-05-24T05:29:40Z::assert_identity::http://dev.nasquan.com/openid/u/test::http://www.danga.com/openid/demo/helper.bml

the public key is:

-----BEGIN PUBLIC KEY-----
MIIBtzCCASwGByqGSM44BAEwggEfAoGBAMb664LSKRg8aKlEfbRcpuCngOWJi1Ov
f3/c/ok7AZfRh8dgkHXJKa54isltrMa0bdNwgj56H7/sEYB+mjeI8Ibr5nAWvfYK
1Iz0oysY7wcHuBOwvDYYCKuDHiCJUsKEpeKO8W5DLIfvx9Yp0T6klrYhdY6XHHbO
JMd+1x6PPerHAhUAxVqMNAyPLnpIuql9RUzCM0UDcCkCgYEAh662VIzufVMZLfHd
i+qjRAQgP7kUvDwgDKrMqqRZ59LthWzx9UZQUlFM/YKXdp7pL+bsuz0rjpd/cZI6
wX10oVyzwZh0Qi3XssJdhPm+UE4jdF92nV4EGB4qUaYb4Jczuk+2wSLSkgyUmS1M
77bcG3hBw5eMq04cs1FGpXcNe8MDgYQAAoGAAjr7FKz4iTr7fOjglA6CnkilHCqd
ph2Ps5flTVwyF2E1dwb8LYeSfIf/fjUIO94zqH4r+Jk9qIIpnbI9TmHbBifYnoEE
yfZhjDWFzL+E+73hO8i1UNtw7rM9M9Ss9QgN1MEOAeHwHpoyqJzBQrrF5nb+3z9L
OHcrEVfCaeoiMFc=
-----END PUBLIC KEY-----

I would appreciate if someone could help me here

cheers,

-l



More information about the yadis mailing list