PubKeySign, version 1.3.1, February 2022 http://SecTools.free.fr This software is intended to easily verify that a public key matches a private one, and to use loaded keys for signing or verifying a message or file. As a reminder, a private key is needed for signing and a public key for verifying. Please note that even if the private key file contains also the public part, to avoid any confusion this software ignores it (leaving the 'verify' button disabled). To try the software, you can use the keys you will find in the 'keys' sub-directory : RSAKey.der RSA private key, 'DER' formated RSAKey.pem same as above but 'PEM' formatted, RSAKey.pk8.der allways the same but PKCS8 / DER, RSAKey.pk8.pem and again the same PKCS8 / PEM formatted. RSAPubKey.pem public key corresponding to RSAKey.* Certificate.cer the same embedded in an X509 self-signed certificate. Certificate.p12 PKCS12 container with RSAkey and Certificate.cer. RSAKey2.pem another RSA private key, RSAPubKey2.pem and the corresponding public key. DSAKey.pem DSA private key,, DSAPubKey.pem and the corresponding public key. ECnKey.pem a private key on a well-known elliptic curve, ECnPubKey.pem and the corresponding public key. ECxKey.pem an elliptic curve private key explicitly defined ECxPubKey.pem and the corresponding public key. DHKey.pem a 'Diffie-Hellman' private key DHPubKey.pem and the corresponding public key. Some files are password protected with 'test' (lower case). Loading a key : ------------- Just drag-and-drop 1 or 2 file(s) from the Windows Explorer. In case of protected files, you will have to fill in the passphrase first. Loading data : ------------ It is possible to 'copy-and-paste' a message, or 'drag-and-drop' a text file in the edit control. If the file is not too large (below 32 Kb), data will be loaded and displayed. Otherwise, or if file contains binary part(s), you have to choose the 'File' option and 'drag-and-drop' the file you want to sign or verify. The 'Remove blanks' button removes all blanks or control bytes that are not allways visible, (empty line, ...) whose presence would impact the signature. 'URL Decode' and 'URL Encode' adapts data when it comes from HTTP/GET. Although signing such data is generally not a good idea, it is usefull to people I know. Signature can be filled by 'copy-and-paste' or 'drag-and-drop' on its dedicated edit control. It has to be 'Base64' or 'hexa' encoded and the corresponding option has to be selected. The 'Clean' button removes formatted or other unwanted characters for the choosen encoding (for example, removing the separator when hexa is given like xx:xx:xx...) Signing or verifying : -------------------- When a private key is loaded, it is possible to sign the message or the file by clicking the 'Sign' button. When it is a RSA key, 'digest' and 'padding' options are used. It is not possible to sign or verify with 'Diffie-Hellman', X25519 or X448 keys. Perhaps I will add a 'derivation' operation later. When a public key is available, verifying can be done by using the 'Verify' button. A message box will show up to display the result.