Thanks for all the answers. Now I feel really stupid about forgetting the implicit 0...
Stephen: How do I prevent my program from hashing the data? EVP_md_null()? After all, hashing a hash is pretty pointless for my case... Michael On 07.06.2013 14:56, Dr. Stephen Henson wrote: > On Fri, Jun 07, 2013, Michael Wild wrote: > >> Dear all >> >> I'm quite the noob in all things OpenSSL, and I'm struggling getting >> started with signing a piece of data. >> >> Here a MWE that should illustrate the problem. It loads "private.pem" (a >> RSA private key I generated using `openssl genrsa -out private.pem >> 1024`) and then tries to sign a piece of data (here, it is a SHA1 hash, >> but that's irrelevant) and then outputs the signature using base64 coding. >> >> #include <openssl/bio.h> >> #include <openssl/conf.h> >> #include <openssl/evp.h> >> #include <openssl/pem.h> >> #include <openssl/err.h> >> >> int main() >> { >> // data to sign >> char data[] = "de9f2c7fd25e1b3afad3e85a0bd17d9b100db4b3"; >> >> // init openssl >> OPENSSL_config(NULL); >> OpenSSL_add_all_digests(); >> ERR_load_crypto_strings(); >> >> // load private key for signing >> EVP_PKEY* prv_key = NULL; >> BIO* bio = BIO_new_file("./private.pem", "rt"); >> prv_key = PEM_read_bio_PrivateKey(bio, &prv_key, NULL, NULL); >> BIO_free(bio); >> >> // sign "data" >> EVP_MD_CTX ctx; >> unsigned char* sign = malloc(EVP_PKEY_size(prv_key)); >> unsigned int s; >> >> EVP_MD_CTX_init(&ctx); >> if (!EVP_SignInit_ex(&ctx, EVP_sha1(), NULL)) abort(); >> if (!EVP_SignUpdate(&ctx, data, sizeof(data))) abort(); >> if (!EVP_SignFinal(&ctx, sign, &s, prv_key)) abort(); >> EVP_MD_CTX_cleanup(&ctx); >> >> // create base64 encoded output of the signature >> BIO* b64 = BIO_new(BIO_f_base64()); >> BIO* bstdout = BIO_new_fp(stdout, BIO_NOCLOSE); >> bstdout = BIO_push(b64, bstdout); >> BIO_write(bstdout, sign, s); >> BIO_flush(bstdout); >> BIO_free_all(bstdout); >> >> // cleanup >> free(sign); >> ERR_remove_state(0); >> ERR_free_strings(); >> EVP_cleanup(); >> CONF_modules_free(); >> CRYPTO_cleanup_all_ex_data(); >> } >> >> >> Using this program I get the following output: >> >> enUqkBwItEkyodfDSXk2FJ1YmGl1oX+jNg/N7dDFil0v4PtHCGMB1SqaMELGEfvL >> C+R7FVv2cDqU5Kglik5XWFyRukN5S97jWb3Ye9BbgWswlNNIdUtLZMl9FWOaqDnB >> 1UhZEhaav+yskidlqX261nYCpzBEWdFdGnVxNMLoafA= >> >> However, when using the rsautl utility as follows, the result is different: >> >> $ printf de9f2c7fd25e1b3afad3e85a0bd17d9b100db4b3 | \ >> openssl rsautl -sign -inkey ./private.pem | \ >> openssl enc -base64 >> FoP7JQNO7U5PgeChqArv4072avjK9/EOhZvhPpMtDtL5fWFb6+OzUSXdSBHDXDqG >> RCDOH3RU8EABzO4Tk66lUa9400KFGPw0fupSedlwIWlGgy/wtydEr2sV2rOW9aBh >> 170GYbbs6rjEsInWo2KXChkNXi4uib4I45ZaLNC5Ib4= >> >> Am I missing something? AFAIK the default digest is SHA1, but I also >> tried playing around with others (MD5, SHA256) and >> EVP_PKEY_get_default_digest(), but still the result was different from >> the one obtained with rsautl. >> >> >> Any help would be greatly appreciated. >> > > As well as the points other people have raised you're actually signing things > in two different ways. Your program hashes and signs the data whereas your > command line version just signs the raw data. How do I prevent my program from hashing the data? > > If you want to hash and sign on the command line you need the dgst utility > and its -sign option. > > Steve. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org