I'm looking for a Linux/Unix command-line tool to create a DSA signature from a given file/data and a private key.
I know about the xmlsec1 tool. But I would like something simpler. It seems that OpenSSL provides this function as a developer library, but not as a tool.
It's done with "openssl dgst" - not the most obvious place to put it...
Found in:
http://www.myelin.co.nz/post/2005/5/23/
openssl dsaparam 1024 < /dev/random > dsaparam.pem
openssl gendsa dsaparam.pem -out dsa_priv.pem
openssl dsa -in dsa_priv.pem -pubout -out dsa_pub.pem
echo "foobar" > foo.txt
sha1sum < foo.txt | awk '{print $1}' > foo.sha1
openssl dgst -dss1 -sign dsa_priv.pem foo.sha1 > sigfile.bin
openssl dgst -dss1 -verify dsa_pub.pem -signature sigfile.bin foo.sha1
The following tentative set of commands seems to work with openssl 1.0.2g and 1.1.0g. Compared to that other answer, it aims to generate a signature of the file (including the standard-mandated hash step), rather than a signature (including a second hash step) of the lowercase hexadecimal ASCII representation of a first hash of the file. Also it uses more modern hash and modulus size.
# generate parameters with 2048-bit DSA, SHA-256 (can be common to multiple keys)
openssl genpkey -genparam -algorithm DSA -pkeyopt dsa_paramgen_bits:2048 -pkeyopt dsa_paramgen_q_bits:256 -pkeyopt dsa_paramgen_md:sha256 -out dsaparams.pem
# generate a private key and extract the public key
openssl genpkey -paramfile dsaparams.pem -out dsaprivkey.pem
openssl dsa -in dsaprivkey.pem -pubout > dsapubkey.pem
# create a file "myfile" to be signed
echo 'The Magic Words are Squeamish Ossifrage' > myfile
# create signature "myfile.sig"
openssl dgst -sha256 -sign dsaprivkey.pem myfile > myfile.sig
# verify "myfile" against signature "myfile.sig" and public key
openssl dgst -sha256 -verify dsapubkey.pem -signature myfile.sig myfile
Note: A former attempt made openssl 1.0.2g generate signatures with 160-bit q (perhaps using SHA-1). Per comment, I added -sha256 to openssl dgst, but it made no difference. Experiments suggest it is necessary to use -pkeyopt dsa_paramgen_q_bits:256, even though the man page explicitly states -pkeyopt dsa_paramgen_md:sha256 takes care of that:
dsa_paramgen_md:digest
The digest to use during parameter generation. Must be one ofsha1,sha224orsha256. If set, then the number of bits in q will match the output size of the specified digest and thedsa_paramgen_q_bitsparameter will be ignored (..)
Do you want to create a signature for a file such that the integrity of that file can be verified? I think you're looking for Gnu Privacy Guard (GnuPG).
gpg --output filename.sig --detach-sig filename
This creates a signature file, filename.sig, based on the original, filename, that can be verified with
gpg --verify filename.sig filename
