Verify DNIe Linux software's signature

The spanish electronic national identity card, known as DNIe (Documento Nacional de Identidad Electrónico) contains user certificates for authentication and for signature.

It can be used on Linux, Windows, and MacOSX systems, and the Spanish Ministry of Interior distributes software for each platform to enable the use of the DNIe. The official webpage is http://www.dnielectronico.es/. Software packages and related documents are distributed along with a signature file to verify their authenticity and integrity, before you use them on your computer.

The DNIe website states that OpenSSL is used to verify the signature, but they don't provide step-by-step instructions to make it easy for users to verify signatures (in fact they claim that the signature "will be useful for users with advanced computer knowledge who wish to verify the integrity of the software packages", which I think is not very nice on the part of the Ministry, as they should promote signature verification by making it easy for people who don't know how to do it, not only experts). Even after searching on the Internet, I found no quick guide to help the novice user verify those signatures.

It turns out they do use OpenSSL to sign their files, but they omit some details, which I wish to document in this post: They distribute a certificate file, of which one needs to extract the key first, and they used SHA1 for the digest for the signature.

They provide a certificate to verify signatures, found here: http://www.dnielectronico.es/seccion_integradores/cert_fir_cod_des.html

When using OpenSSL to verify a signature, one must provide the public key, but OpenSSL doesn't take the certificate file directly. Therefore, the following steps are needed to extract the public key from the DNIe software signature certificate:

> unzip CertCodeSigning.zip (will output "CertCodeSigning.pem")
> openssl x509 -inform pem -in CertCodeSigning.pem -pubkey -noout > DNIeCodeSigningKey.pem

Now we have the public key in file "DNIeCodeSigningKey.pem".

Finally, we can run the OpenSSL command to verify a signature.
For instance, let's say you have downloaded the following two files: DNIe_v4_0_0.zip and DNIe_v4_0_0.zip.sign (DNIe CSP drivers for Windows).
In order to verify the signature, run the following command:
> openssl dgst -sha1 -verify DNIeCodeSigningKey.pem -signature DNIe_v4_0_0.zip.sign DNIe_v4_0_0.zip

The equivalent command to verify the signature of DNIe software packages for linux would be:
> openssl dgst -sha1 -verify DNIeSoftSigningKey.pem -signature opensc-dnie_1.4.5-1_i386_Ubuntu_Intrepid_Ibex.deb.tar.sign opensc-dnie_1.4.5-1_i386_Ubuntu_Intrepid_Ibex.deb.tar

The result of both commands should be a message "Verified OK". If you get something different, double check the steps above, or make sure you are downloading the right DNIe software.