D
D
Drovosek012021-06-14 01:18:32
Electronic digital signature
Drovosek01, 2021-06-14 01:18:32

Is the signature field a public key?

Good day.

I want to understand the work of one program.

I have JSON like this:

{
  "some_field": "{\"name\": null, \"uuid\": null, \"offline\": false}",
  "signature": "ACmDAGIw9Zu7i73HUqnD8zuTuNbknSTL2nzxdF0X3A+1527zBePP+BVbIMyZ+5D0IXSbo5eP2rO80kqqqRPCsOafjFgHMicXPJASzIWSecsSqDiroBbMgtVQo2Xc1oRaq/pA9SSbTpcHLpDOBruHazurgsCgNzn16EP8xNVuV6OXhYhB6SsCURqW2c/THAH5Q/XeGVX7jH87o02PrhlZLIMLuyD3WmJQuIPZVKvlcZFxIEXJ5Qh1IPVjRHf7/mWI16lsbhpHVTmuPR3JJpZTwKAjucq+fOE0stmKjzIYgMc3jnjmVB8MtLhWxfhJeLJE0Qijvk/+3eb8Hfai7ji9NA=="
}


This JSON, or the "signature" field in it, is validated by a file called "public_key", but judging by the content, it contains several blocks, denoted by certificates:
-----BEGIN CERTIFICATE-----
MIIGpDCCBIygAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwdDELMAkGA1UEBhMCUlUx
DzANBgNVBAcMBk1vc2NvdzEjMCEGA1UECgwaUGFyYWxsZWxzIElQIEhvbGRpbmdz
IEdtYkgxEDAOBgNVBAsMB0Rlc2t0b3AxHTAbBgNVBAMMFFBhcmFsbGVscyBEZXNr
dG9wIENBMB4XDTE4MTIyNDA5MDM1N1oXDTI4MTEwNjA5MDM1N1owdzELMAkGA1UE
BhMCUlUxDzANBgNVBAcTBk1vc2NvdzElMCMGA1UEChMcUGFyYWxsZWxzIEludGVy
bmF0aW9uYWwgR21iSDEQMA4GA1UECxMHRGVza3RvcDEeMBwGA1UEAxMVZGVza3Rv
cC5wYXJhbGxlbHMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
zoVPP60oYTjswM8vsWgpNOF9ZyB3wU/sJeYtmeC+0eTVDqYfI8Qq2/AoDLhEIg6c
vd8vGDUmXTvkX+r/bZCS9oR6o3M2otsgwMzsRQQgOWfngyB3PVh0V+FM68DoCZZF
LSYQ3Ghv7AK21M/g4TcKFY30ngc9avMJeJ6lSLzpEyV6YkDbB0VBcAOSe0AyAUN4
a957UwRt2hVn5kCr5DPje4w1xXnHIx+MhrhGgUz0stQX2Yu4e2+lpy0rBEU7HIqe
pCqVSwSeAfrgonwUAB1dTPSZ5wHBYiX30x+UaMScHlHuPOrUy4bS2e5mMR+FWGh9
v3oNBRMhLPJG9YIquGE4twIDAQABo4ICOzCCAjcwDAYDVR0TAQH/BAIwADAOBgNV
HQ8BAf8EBAMCB4AwHQYDVR0OBBYEFG1biXwSoD4JwjCnq7kqU8fgXNv2MB8GA1Ud
IwQYMBaAFALkzfL1GhWDbfCrrwQRxRf52EyPMEEGCCsGAQUFBwEBBDUwMzAxBggr
BgEFBQcwAoYlaHR0cDovL3d3dy5wYXJhbGxlbHMuY29tL2NhL3BkX2NhLnBlbTA2
BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vd3d3LnBhcmFsbGVscy5jb20vY2EvcGRf
Y2EuY3JsMIIBJgYDVR0gBIIBHTCCARkwga0GDisGAQQBgcw7g30CAgEBMIGaMDkG
CCsGAQUFBwIBFi1odHRwOi8vY2EucGFyYWxsZWxzLm5ldC9jYS9wYXJhbGxlbHNf
Y3BzLmh0bWwwXQYIKwYBBQUHAgIwUTAfGhhQYXJhbGxlbHMgSG9sZGluZ3MsIGx0
ZC4wAwIBARouRXh0ZXJuYWwgQmFzaWMgQ2VydGlmaWNhdG9uIFByYWN0aWNlIFN0
YXRlbWVudDBnBg4rBgEEAYHMO4N9AgJmAzBVMFMGCCsGAQUFBwICMEcwHxoYUGFy
YWxsZWxzIEhvbGRpbmdzLCBsdGQuMAMCAQEaJFBhcmFsbGVscyBEZXNrdG9wIENl
cnRpZmljYXRlIFBvbGljeTAyBgNVHREEKzApghVkZXNrdG9wLnBhcmFsbGVscy5j
b22CEG15LnBhcmFsbGVscy5jb20wDQYJKoZIhvcNAQELBQADggIBAIVoVvxwMJLa
tshoaea1bqsnD2FU1r/FoQy1np5ifKQ7fvDr+z8gY0oKDrObRcYTeiRfSGG1TyXW
NfY9nlgbLJO7fM5vpqvj5WQJNaUjIzxNcitNn7teG5c5/C0fkiWeDH9t01gLRpvO
k5B4zDf8AHbkjrf73whZziuPhbyCyxjvdnVouP5oPwB9MYQLyxQMlVvYl0BC4wBi
kkaymqWBIxeKBWDEQyGvVabsOo1Kro6xk5s6SuutME6L97kmQaRGbOvbCZ95niEH
eKua/1Ngt9U3Y6fPwP6gVaQglZBcPgs5+4a+hd/8gPZ+XbVXsK68j9eUMuhMoFdK
caNejnQt3Cvsnp7ohSoRY3rKdfG0Idy/4HJCiCCOnDDpPXvqQqAo0cwEhbSjI66Y
zdtEkCFpWz23rGElQMxIs6ojwK/gu5+sJpE+l7QpXfCIhryqGqRHpdkSDp7Pc1Jr
JMpyNhDEI0QjPXkSnMVxMQuHUidARr43O32yt0VD/Zyt6sb2gmInF6XJrlYCDvOz
puKPoOE9EMI74XzKw5FsVhVUp8Wem8Ir7eP6GZ7hP21J7C9tPkiYjJqX6jJvvLE6
bPETlL48esW55ZmE57SE+F1oqK/hQ5tDJwneEryJZ+8KoiD42SKaf0k29iQfXH1F
YScGlH58rXXjAZv+kHNTsJ+zLX//KpzT
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIH9TCCBd2gAwIBAgICEAMwDQYJKoZIhvcNAQELBQAwdDELMAkGA1UEBhMCUlUx
DzANBgNVBAcMBk1vd2NvdzEjMCEGA1UECgwaUGFyYWxsZWxzIElQIEhvbGRpbmdz
IEdtYkgxDjAMBgNVBAsMBUNsb3VkMR8wHQYDVQQDDBZQYXJhbGVscyBJc3N1aW5n
IENBICMxMB4XDTE4MTIyNDA5MDE1MFoXDTMxMDEyMzA5MDE1MFowdDELMAkGA1UE
BhMCUlUxDzANBgNVBAcMBk1vc2NvdzEjMCEGA1UECgwaUGFyYWxsZWxzIElQIEhv
bGRpbmdzIEdtYkgxEDAOBgNVBAsMB0Rlc2t0b3AxHTAbBgNVBAMMFFBhcmFsbGVs
cyBEZXNrdG9wIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2r6P
z/fE4WESXkudT80kk+dkK/KFM9AqmmHBdx2KRBKXPuOJnQop6dS+ZRRYgyzqvFYl
OVy9oZhJ8qtrQH71ornL/ZNIUBMOoQ1Hg9Oqaqwr2b04qWV7RIjW5bG0QBgAYuDX
uq5dn1A8uDWoPYdmUrs+oir0kxUugumWSYYzhGOoDxpCSpXqSovYOcyENinD2NFs
6T6CJ1MC/yTUyu8oLCMsXimyHfe+pknJ1cSS4i3zQ7tRVdFMvbLdPbOkDaT/ZFyh
eHOrpBKaeInsNoCoXoOSq9K8CzYq3mEikE/t3PB+8JbCMkf5g+Eup4RjlQeILu/Z
qEkGyJtovuRnPha1SUw5Qiz6EyLDaLug6RejPiQZHio10/zovlaN9aF74CGB7Ijj
TAMhxN423xKQepFPiPQtnZGke11urD7pyIRJQhQbPJeyHPZLoAY/Zn3Lu03wpqn4
uVlEfrvV3pv9gnmme/MUWyegiOxN0xlgBkgjdCo/d74KNjfcD/P4qRa+v50ddlOX
huSAic3LowqizI9+jsU1NSCY/ssMnaFTVCGjtcPq2ZoE6n8NG1dWNEvFJQ1elZDf
ZUQP/5r5oheEyBnOutJmrMVahCi6ipxv74DPzGqJCX8X7VHr+D2zeEgNrodD3iF/
q2yK1qP9/fdOk5CajZVcKextWdYBs9rM+0YF+sECAwEAAaOCAo8wggKLMBIGA1Ud
EwEB/wQIMAYBAf8CAQAwDwYDVR0kAQH/BAUwA4ABADAKBgNVHTYEAwIBADAOBgNV
HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFALkzfL1GhWDbfCrrwQRxRf52EyPMB8GA1Ud
IwQYMBaAFDuTEfsf59F+SCw7mxQ9KqVPg/1KMD8GCCsGAQUFBwEBBDMwMTAvBggr
BgEFBQcwAoYjaHR0cDovL2NhLnBhcmFsbGVscy5uZXQvY2Evcm9vdC5wZW0wNwYD
VR0fBDAwLjAsoCqgKIYmaHR0cDovL2NhLnBhcmFsbGVscy5uZXQvY2Evcm9vdF9j
YS5jcmwwggGMBgNVHSAEggGDMIIBfzCBrQYOKwYBBAGBzDuDfQICAQEwgZowOQYI
KwYBBQUHAgEWLWh0dHA6Ly9jYS5wYXJhbGxlbHMubmV0L2NhL3BhcmFsbGVsc19j
cHMuaHRtbDBdBggrBgEFBQcCAjBRMB8aGFBhcmFsbGVscyBIb2xkaW5ncywgbHRk
LjADAgEBGi5FeHRlcm5hbCBCYXNpYyBDZXJ0aWZpY2F0b24gUHJhY3RpY2UgU3Rh
dGVtZW50MGQGDisGAQQBgcw7g30CAgECMFIwUAYIKwYBBQUHAgIwRDAfGhhQYXJh
bGxlbHMgSG9sZGluZ3MsIGx0ZC4wAwIBARohRXh0ZXJuYWwgQmFzaWMgQ2VydGlm
aWNhdGUgUG9saWN5MGcGDisGAQQBgcw7g30CAmYDMFUwUwYIKwYBBQUHAgIwRzAf
GhhQYXJhbGxlbHMgSG9sZGluZ3MsIGx0ZC4wAwIBARokUGFyYWxsZWxzIERlc2t0
b3AgQ2VydGlmaWNhdGUgUG9saWN5MA0GCSqGSIb3DQEBCwUAA4ICAQApB9JZT+cw
KSGZuR5Lje1lgxueMEkq0QrBUgIaijImTo5nwD3jSpHX3iwX11DA0wvDDhS2bPOY
CvOn9KFy+iIli0cc1/4kBH/DYsAh+SUdZs/w3G/0JsucQD5AaL3pehsf3dZfR7cq
3q8D6ia/SoMrDLpQCJjm798yUevi4ZNJwEHIOH5gNv76eCx+nNJHvnw0yKKfq52M
h6aVRBiF73LcvCmNtgeDJxPUAdbVYgv7b0zpgypkph0aWQP90tqPAWnpjHQ2P7/o
P+ynKB3dX6ZcA5CJ5o4jXJX/+vS1HQWuTU8ChYBxFB67eCPDtbwtRwLmS4TTLBpX
gEWW8jaJCm4sYLMmj/uw3AqrXH3TFZEdaqhXT9s6igBL7V0NrC2rIpqjg9b1ZybY
Za/gCfPJ73sIUkFola1Kr50Sjar6aFfQDjYCfZeC6s4VgR6p0bs7jr61zwsPUlCu
AZWAiMtpzAq6YJY3njXTZQnlFZ2eAmgxYDaCRgjDnZtHVN8sVsc6vBJh6XaR84t+
itDGJfpm0RXOy2bblmleVPBDbGDruOzNJvB+0H6PbMqY1ROy4ZcLKVftQzScYBUQ
dDdT+4gPkIu1YhzBQjMNF/kPwUPE8WvVpe5bT+VMj7tIX2wQIJcdNGIvyCQ5aWoq
eo6QhWmNlc3k/k63MhxRNe55cq64VyskFA==
-----END CERTIFICATE-----


I have not come across digital signature and certificates before.

I googled and generated a certificate and a private key using openssl as a test. Then, using a different tutorial, I generated public and private keys. None of the tutorials I read mentioned "signature".

Actually, what is the "signature" field in JSON in this context and how to interact with it?
Those. Can I somehow use one of the certificates from the "public_key" file and the value from the "signature" field to verify the value of the "some_field" field? If so, how?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
C
CityCat4, 2021-06-14
@Drovosek01

There are different types of information security.
There is an electronic signature. There is encryption. There is a combination of these things - it is usually used to protect e-mail.
An electronic signature does not encrypt anything. It calculates the signature of the text and places this signature in the transmitted message. By checking this signature, you can verify that the text is intact (that is, that it was not distorted during transmission).
Encryption changes the text of the document, turning it into an unreadable canoe.
The electronic signature of the ciphertext allows you to make sure that the text will be successfully decrypted.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question