Reputation: 2402
Openssl refuses to verify signature
I'm sure I'm being stupid, but I'm trying to install GPGSuite on macos. I've downloaded the file and the signature, as well as their public key (https://gpgtools.org/GPGTools-00D026C4.asc). I have then tried these commands:
openssl base64 -d -in <signature> -out /tmp/sign.sha256
openssl dgst -sha256 -verify <pub-key> -signature /tmp/sign.sha256 <file>
Where pub-key is a file into which I've copied and pasted the public key from the link.
The first one works fine, the second one gives the rather unhelpful response of 'unable to load key file'. I've tried to find an answer online, but all the answers seem to be related to people trying to use a cert in place of the public key, which I don't believe I'm doing.
I appreciate that this is a noob question, but could somebody please point me in the right direction?
Upvotes: 1
Views: 627
Answers (1)
Reputation: 38771
Meta: this is not a programming question, and probably offtopic.
The key formats (both privatekey and publickey) used by GnuPG, and other implementations of OpenPGP, are completely different from those used by OpenSSL. The PGP formats (binary and 'armored') are defined in RFC4880 et pred; OpenSSL uses RSA-specific formats defined by PKCS1 (RFC8017 et pred) based on ASN.1 encoding defined now by X.680 et seq and 'PEM' (at least PEM-like) wrapping defined by RFC1421 or RFC7468, and generic formats defined by PKCS8 (RFC5208) and X.509 (available at RFC5280 et pred and RFC3279) also based on ASN.1 and 'PEM'.
There are quite a few Qs on several Stacks about these differences, but I can't find any that cover the direction you would need, which is PGP to OpenSSL public. https://superuser.com/questions/360507/are-gpg-and-ssh-keys-interchangable comes closest, and at least indicates the difficulties. (Although not clearly stated in the Q, on systems that have GPG, SSH usually means OpenSSH, which at the time the Q was asked used OpenSSL formats for privatekey though not publickey.)
However, this would not solve your problem, because that signature is a PGP (detached) signature, which like the PGP public key block uses PGP message/packet formatting whereas openssl dgst -sign/verify simply uses a raw (k/8)-byte value. And more importantly the PGP signature algorithm includes some metadata in addition to the actual message/file, specifically the 'hashed subpackets' of the message (as opposed to the un-hashed subpackets); you'd have to write a good bit of code (which would be ontopic!) to handle that.
I suggest you instead use the SHA256 provided over (and thus authenticated by) HTTPS to verify your download.
Upvotes: 1
Related Questions
- Openssl : error "self signed certificate in certificate chain"
- Java-produced signature does not verify with openssl
- Verifying Signed Document using Openssl
- Failure trying to verify CSR with Openssl
- Why OpenSSL tools can successfully verify a not signed file?
- TLS certificate verification failure
- Why can't openssl verify signature created by Python cryptography library?
- OpenSSL RSA engine - RSA verify failure
- "openssl verify" gives OK for bad certificate chain
- openssl verify signature error, but command line tools is ok