This page provides instructions on how to generate your ECDSA signing and verification keys, how to sign a file, and how to add the files to git.

Generating a public key

ab2017:abhi$ openssl version
OpenSSL 1.0.2l   25 May 2017

ab2017:abhi$ openssl ecparam -name secp256k1 -genkey -out abhi.sk.pem
ab2017:abhi$ openssl ec -in abhi.sk.pem -pubout -out abhi.vk.pem

ab2017:abhi $ cat abhi.vk.pem
-----BEGIN PUBLIC KEY-----
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEVp2zc/sC+6H7fFKIAQg92u/IWOIChebp
8lX4KCF2o85Iw1Bd2FaxXT2Z1c1sEeJnsBx6s6txq3Io4YDQhb/zSg==
-----END PUBLIC KEY-----

The first ecparam command generates your private key and stores it in the file abhi.sk.pem. You would use your own name. The second command takes your private key and generates the corresponding public key and stores it in abhi.vk.pem.

Adding your public key to git

ab2017:abhi$ git add abhi.vk.pem
ab2017:abhi$ git commit -m "my public signing key for 17f-money"

Signing your homework file

ab2017:abhi$ openssl dgst -sha256 -sign abhi.sk.pem H1.txt > H1.sig
ab2017:abhi$ openssl dgst -sha256 -verify abhi.vk.pem -signature H1.sig H1.txt
Verified OK

In order to sign your file, you comute the sha256 digest of the file first, and then ask openssl to sign the digest. In this case, the signed digest is written to H1.sig. The second command shows you how to verify your signature using your public key.

Adding file and sig to git

ab2017:abhi$ git add H1.sig H1.txt
ab2017:abhi$ git commit -m "hw and signature"
ab2017:abhi$ git push

Video from lecture

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

17f-HON: How to sign a file

Generating a public key

Adding your public key to git

Signing your homework file

Adding file and sig to git

Video from lecture