On Fri, Jun 07, 2013, Michael Wild wrote:
> Dear all
>
> I'm quite the noob in all things OpenSSL, and I'm struggling getting
> started with signing a piece of data.
>
> Here a MWE that should illustrate the problem. It loads "private.pem" (a
> RSA private key I generated using `openssl genrsa -out private.pem
> 1024`) and then tries to sign a piece of data (here, it is a SHA1 hash,
> but that's irrelevant) and then outputs the signature using base64 coding.
>
> #include <openssl/bio.h>
> #include <openssl/conf.h>
> #include <openssl/evp.h>
> #include <openssl/pem.h>
> #include <openssl/err.h>
>
> int main()
> {
> // data to sign
> char data[] = "de9f2c7fd25e1b3afad3e85a0bd17d9b100db4b3";
>
> // init openssl
> OPENSSL_config(NULL);
> OpenSSL_add_all_digests();
> ERR_load_crypto_strings();
>
> // load private key for signing
> EVP_PKEY* prv_key = NULL;
> BIO* bio = BIO_new_file("./private.pem", "rt");
> prv_key = PEM_read_bio_PrivateKey(bio, &prv_key, NULL, NULL);
> BIO_free(bio);
>
> // sign "data"
> EVP_MD_CTX ctx;
> unsigned char* sign = malloc(EVP_PKEY_size(prv_key));
> unsigned int s;
>
> EVP_MD_CTX_init(&ctx);
> if (!EVP_SignInit_ex(&ctx, EVP_sha1(), NULL)) abort();
> if (!EVP_SignUpdate(&ctx, data, sizeof(data))) abort();
> if (!EVP_SignFinal(&ctx, sign, &s, prv_key)) abort();
> EVP_MD_CTX_cleanup(&ctx);
>
> // create base64 encoded output of the signature
> BIO* b64 = BIO_new(BIO_f_base64());
> BIO* bstdout = BIO_new_fp(stdout, BIO_NOCLOSE);
> bstdout = BIO_push(b64, bstdout);
> BIO_write(bstdout, sign, s);
> BIO_flush(bstdout);
> BIO_free_all(bstdout);
>
> // cleanup
> free(sign);
> ERR_remove_state(0);
> ERR_free_strings();
> EVP_cleanup();
> CONF_modules_free();
> CRYPTO_cleanup_all_ex_data();
> }
>
>
> Using this program I get the following output:
>
> enUqkBwItEkyodfDSXk2FJ1YmGl1oX+jNg/N7dDFil0v4PtHCGMB1SqaMELGEfvL
> C+R7FVv2cDqU5Kglik5XWFyRukN5S97jWb3Ye9BbgWswlNNIdUtLZMl9FWOaqDnB
> 1UhZEhaav+yskidlqX261nYCpzBEWdFdGnVxNMLoafA=
>
> However, when using the rsautl utility as follows, the result is different:
>
> $ printf de9f2c7fd25e1b3afad3e85a0bd17d9b100db4b3 | \
> openssl rsautl -sign -inkey ./private.pem | \
> openssl enc -base64
> FoP7JQNO7U5PgeChqArv4072avjK9/EOhZvhPpMtDtL5fWFb6+OzUSXdSBHDXDqG
> RCDOH3RU8EABzO4Tk66lUa9400KFGPw0fupSedlwIWlGgy/wtydEr2sV2rOW9aBh
> 170GYbbs6rjEsInWo2KXChkNXi4uib4I45ZaLNC5Ib4=
>
> Am I missing something? AFAIK the default digest is SHA1, but I also
> tried playing around with others (MD5, SHA256) and
> EVP_PKEY_get_default_digest(), but still the result was different from
> the one obtained with rsautl.
>
>
> Any help would be greatly appreciated.
>
As well as the points other people have raised you're actually signing things
in two different ways. Your program hashes and signs the data whereas your
command line version just signs the raw data.
If you want to hash and sign on the command line you need the dgst utility
and its -sign option.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
