#!/bin/bash # =========================================================== # create a digial signature (hash) of a file # =========================================================== # -sha256 digest type # -sign $key digitally sign the digest using a private # key # -out $hash output file # $file file (or files) to digest # =========================================================== # for help: openssl dgst -help # =========================================================== dir="hashes" file="gettysburg_address.txt" hash="hashes/gettysburg_address.sha256" key="keys/client.key.pem" # does the hashes directory exists? if [ ! -d $dir ]; then echo echo "Hash directory ($dir) does not exists" echo exit 1 fi # does the file exists? if [ ! -f $file ]; then echo echo "File ($file) does not exist" echo exit 1 fi # does the hash already exist? if [ -f $hash ]; then echo echo "Hash file ($hash) already exists" echo exit 1 fi # does the client key exist? if [ ! -f $key ]; then echo echo "Key ($key) does not exist" echo exit 1 fi # create hash of file openssl dgst -sha256 -sign $key -out $hash $file