On Mon, Feb 06, 2012, Paul Suhler wrote: > I'm trying to use OpenSSL 1.0.1 Beta2 to create a SHA-2 digest for a > 256-byte-long file and generate a signature using an RSA 2048-bit > private key. Unfortunately it fails. One of the examples on page > http://www.openssl.org/docs/apps/pkeyutl.html# > <http://www.openssl.org/docs/apps/pkeyutl.html> says: > > Sign data using a message digest value (this is currently only valid > for RSA): > > openssl pkeyutl -sign -in file.bin -inkey key.pem -out sig -pkeyopt > digest:sha256 > > However, the result is: > > > > >openssl pkeyutl -sign -in infile.bin -inkey privatekey.pem -out sig.bin > -pkeyopt digest:sha256 > > > > Loading 'screen' into random state - done > > Public Key operation error > > 2388:error:0408E08F:rsa routines:PKEY_RSA_SIGN:invalid digest > length:.\crypto\rsa\rsa_pmeth.c:206: > > > > Again, infile.bin is 256 bytes long. > > (If I don't specify the digest, then of course I get a complaint about > the input data's being too long.) > > Is the behavior broken, or have I overlooked something? >
Input file should be 256 *bits* long. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
