Hello
I have to sign a string using RSA and SHA1 and I wanted to use the
openssl command line utility to do that( can't use the C library since
our code is in C#). I also have a C program( not written by me ), that
can be used to test if the signature is correct and that it will be
accepted by the web page we are interfacing our code with. When I try to
sign the string like this: openssl dgst -sha1 -sign privkey.pem -out
file.bin file.in && openssl enc -base64 -in file.bin -out out.b64 then I
get one signature, but when using the C program, which basically only
uses the EVP_Sign* functions I get another signature, different from the
one I got from the openssl utility.
My question is, doesn't openssl dgst -sha1 -sign just do the same thing
as the C code below? If not, then what does it do differently, do I have
to give it some other options? I looked at openssl's dgst.c and saw that
it used only EVP_SignFinal, so it must do something differently, but what?
The C code
EVP_SignInit(&md_ctx, EVP_sha1());
EVP_SignUpdate (&md_ctx, data, data_len);
EVP_SignFinal(&md_ctx, md, &sig_len, pkey);
--
Tõnis Märtmaa
Apprise OÜ
tel 6567626
[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
