|
rsautl -sign only encript data using private key,
do not make digest (SHA1).
Francesco Petruzzi
----- Original Message -----
Sent: Tuesday, May 25, 2004 10:24
AM
Subject: Sign and Verify
Dear
Friends,
I am using openssl
to sign a message using the following
commands
rsautl -sign -in test.txt -inkey ycs.pem -out
tobase64.txt
base64 -in tobase64.txt -out
result.txt
Once I convert
into base64 format, I am sending the digest to another application. The second
application is written in java and it is using the following code to verify.
But it is not able to verify the digest generated by openssl.
Signature dsa = Signature.getInstance(
"SHA1withRSA" );
dsa.initVerify( publicKey
);
dsa.update( plaintext.getBytes()
);
boolean verifies = dsa.verify( getBytes(
signature ) );
Also the signed digest of a string is different in both openssl and java
security.
Anybody has any idea on this behavior?
With Regards
Nelby
|
