The following command was run and the content of content_file, signature_file and id_rsa.pub (or pem) are inserted into a Postgres database.
openssl dgst -sign id_rsa content_file > signature_file
Is there any way to verify that the signature corresponds with the content/public key within Postgres?
I have looked at the pgcrypto functions however the only relevant function seems to be pgp_pub_decrypt which requires the secret key.
Basically I am looking to perform the following in Postgres:
openssl dgst -verify .\id_rsa.pem -signature .\signature_file .\content_file
I am not married to using the openssl dgst commands, I would also feel comfortable using gpg –sign. I would prefer not to load untrusted libraries (plpythonu etc) or create a C extension if possible.
Thanks, Jon
