Thanks for all the answers. Now I feel really stupid about forgetting
the implicit 0...
Stephen: How do I prevent my program from hashing the data?
EVP_md_null()? After all, hashing a hash is pretty pointless for my case...
Michael
On 07.06.2013 14:56, Dr. Stephen Henson wrote:
> On Fri, Jun 07, 2013, Michael Wild wrote:
>
>> Dear all
>>
>> I'm quite the noob in all things OpenSSL, and I'm struggling getting
>> started with signing a piece of data.
>>
>> Here a MWE that should illustrate the problem. It loads "private.pem" (a
>> RSA private key I generated using `openssl genrsa -out private.pem
>> 1024`) and then tries to sign a piece of data (here, it is a SHA1 hash,
>> but that's irrelevant) and then outputs the signature using base64 coding.
>>
>> #include <openssl/bio.h>
>> #include <openssl/conf.h>
>> #include <openssl/evp.h>
>> #include <openssl/pem.h>
>> #include <openssl/err.h>
>>
>> int main()
>> {
>> // data to sign
>> char data[] = "de9f2c7fd25e1b3afad3e85a0bd17d9b100db4b3";
>>
>> // init openssl
>> OPENSSL_config(NULL);
>> OpenSSL_add_all_digests();
>> ERR_load_crypto_strings();
>>
>> // load private key for signing
>> EVP_PKEY* prv_key = NULL;
>> BIO* bio = BIO_new_file("./private.pem", "rt");
>> prv_key = PEM_read_bio_PrivateKey(bio, &prv_key, NULL, NULL);
>> BIO_free(bio);
>>
>> // sign "data"
>> EVP_MD_CTX ctx;
>> unsigned char* sign = malloc(EVP_PKEY_size(prv_key));
>> unsigned int s;
>>
>> EVP_MD_CTX_init(&ctx);
>> if (!EVP_SignInit_ex(&ctx, EVP_sha1(), NULL)) abort();
>> if (!EVP_SignUpdate(&ctx, data, sizeof(data))) abort();
>> if (!EVP_SignFinal(&ctx, sign, &s, prv_key)) abort();
>> EVP_MD_CTX_cleanup(&ctx);
>>
>> // create base64 encoded output of the signature
>> BIO* b64 = BIO_new(BIO_f_base64());
>> BIO* bstdout = BIO_new_fp(stdout, BIO_NOCLOSE);
>> bstdout = BIO_push(b64, bstdout);
>> BIO_write(bstdout, sign, s);
>> BIO_flush(bstdout);
>> BIO_free_all(bstdout);
>>
>> // cleanup
>> free(sign);
>> ERR_remove_state(0);
>> ERR_free_strings();
>> EVP_cleanup();
>> CONF_modules_free();
>> CRYPTO_cleanup_all_ex_data();
>> }
>>
>>
>> Using this program I get the following output:
>>
>> enUqkBwItEkyodfDSXk2FJ1YmGl1oX+jNg/N7dDFil0v4PtHCGMB1SqaMELGEfvL
>> C+R7FVv2cDqU5Kglik5XWFyRukN5S97jWb3Ye9BbgWswlNNIdUtLZMl9FWOaqDnB
>> 1UhZEhaav+yskidlqX261nYCpzBEWdFdGnVxNMLoafA=
>>
>> However, when using the rsautl utility as follows, the result is different:
>>
>> $ printf de9f2c7fd25e1b3afad3e85a0bd17d9b100db4b3 | \
>> openssl rsautl -sign -inkey ./private.pem | \
>> openssl enc -base64
>> FoP7JQNO7U5PgeChqArv4072avjK9/EOhZvhPpMtDtL5fWFb6+OzUSXdSBHDXDqG
>> RCDOH3RU8EABzO4Tk66lUa9400KFGPw0fupSedlwIWlGgy/wtydEr2sV2rOW9aBh
>> 170GYbbs6rjEsInWo2KXChkNXi4uib4I45ZaLNC5Ib4=
>>
>> Am I missing something? AFAIK the default digest is SHA1, but I also
>> tried playing around with others (MD5, SHA256) and
>> EVP_PKEY_get_default_digest(), but still the result was different from
>> the one obtained with rsautl.
>>
>>
>> Any help would be greatly appreciated.
>>
>
> As well as the points other people have raised you're actually signing things
> in two different ways. Your program hashes and signs the data whereas your
> command line version just signs the raw data.
How do I prevent my program from hashing the data?
>
> If you want to hash and sign on the command line you need the dgst utility
> and its -sign option.
>
> Steve.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
