>From: owner-openssl-us...@openssl.org On Behalf Of Li, David
>Sent: Thursday, 21 June, 2012 11:48
>How does openssl dgst know which signing algorithm it's supposed
>to use in openssl dgst? For example how does it figure out
>if this signing private key is a ECDSA key or RSA key?
>Is this information hidden in the "priv_key.pem"
>of the option -sign <priv_key.pem> ?
Exactly. dgst, like other utilities and apps using the
general PEM_read_[bio_]PrivateKey routine(s), can read
either the OpenSSL-defined per-algorithm PEM formats,
labelled BEGIN/END {RSA,DSA,ECDSA} PRIVATE KEY, and
encrypted (if at all) using PEM "Proc-type:4" encryption,
or standard PKCS#8 format labelled just BEGIN/END PRIVATE KEY
which includes an AlgorithmIdentifier along with the key value,
and is encrypted (if at all) the PKCS#8 standard way.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
