Multiple OpenSSL RSA signing methods produce different results

by

Dupe: Difference between openSSL rsautl and dgst
Closely related:
Why are the RSA-SHA256 signatures I generate with OpenSSL and Java different?
Different signatures when using C routines and openssl dgst, rsautl commands
Signing 20-byte message with 256-bit RSA key working with openssl.exe but not in code
Crossdupe: https://superuser.com/questions/943972/what-is-the-difference-between-openssl-pkeyutl-sign-and-openssl-rsautl-sign

TLDR: dgst -sign for RSA does the full RSASSA-PKCS1-v1_5: hash the data, encode the hash in ASN.1, pad the result, and modexp d. rsautl -sign does only the last two and dgst by itself only the first, thus skipping the encode producing a different and nonstandard signature. dgst (or your own hash) then pkeyutl -sign with an RSA key and -pkeyopt digest:name_of_digest (important!) also works and answers your real question.

More Related Contents:

  1. Differences between “BEGIN RSA PRIVATE KEY” and “BEGIN PRIVATE KEY”
  2. Use RSA private key to generate public key? [closed]
  3. RSA: Get exponent and modulus given a public key
  4. How to create public and private key with openssl?
  5. Load RSA public key from file
  6. How can I transform between the two styles of public key format, one “BEGIN RSA PUBLIC KEY”, the other is “BEGIN PUBLIC KEY”
  7. How to generate RSA private key using OpenSSL?
  8. Use OpenSSL RSA key with .Net
  9. Converting pfx to pem using openssl
  10. CMake not able to find OpenSSL library
  11. C# RSA Public Key Output Not Correct
  12. Converting PKCS#12 certificate into PEM using OpenSSL
  13. Difference between openSSL rsautl and dgst
  14. Verify a certificate chain using openssl verify
  15. Convert PEM traditional private key to PKCS8 private key
  16. How do I use a X509 certificate with PyCrypto?
  17. How to extract public key using OpenSSL?
  18. OpenSSL Verify return code: 20 (unable to get local issuer certificate)
  19. How do I manage the error “OpenSSL v1.1.1 ssl_choose_client_version unsupported protocol”? [closed]
  20. Why is Apple Deprecating OpenSSL in MacOS 10.7 (Lion)? [closed]
  21. Correct location of openssl.cnf file
  22. How to generate an openSSL key using a passphrase from the command line?
  23. How to save public key from a certificate in .pem format
  24. How to convert an ECDSA key to PEM format
  25. Unable to load Private Key. (PEM routines:PEM_read_bio:no start line:pem_lib.c:648:Expecting: ANY PRIVATE KEY) [closed]
  26. Creating a .p12 file
  27. Digital signature for a file using openssl
  28. When was TLS 1.2 support added to OpenSSL?
  29. Cross Compile OpenSSH for ARM
  30. Why does RSA encrypted text give me different results for the same text

Leave a Comment