Hello, I'd like to calculate a digest first, then sign/verify it after the SHA is generated. I thought I could do this by using
>openssl dgst -sha256 -binary and then put those results through >openssl rsautl -sign But the results of do not match that from >openssl dgst -sha256 -sign I'm wondering why these two methods of signing a SHA256 digest result in different signatures. >openssl dgst -sha256 -sign ./rsa.priv ./foo | hexdump -C 00000000 b5 90 b9 5b e1 65 5e 35 25 c7 45 2f 59 65 6d e2 |...[.e^5%.E/Yem.| 00000010 e2 3c 34 a9 37 bd af 64 94 c8 66 f2 e7 66 28 52 |.<4.7..d..f..f(R| 00000020 95 9b 6a 07 29 b7 f6 2b 23 0c 60 24 fd 76 2c 7b |..j.)..+#.`$.v,{| 00000030 e4 b9 d5 0a c2 f0 97 02 a1 28 4f c2 a9 4d 51 d7 |.........(O..MQ.| 00000040 >openssl dgst -sha256 -binary ./foo | openssl rsautl -sign -inkey ./rsa.priv | >hexdump -C 00000000 8b 8b c4 eb f1 f4 5c 62 6c a8 a0 df 81 94 43 37 |......\bl.....C7| 00000010 fb 28 f6 76 73 ed 9f 43 7b 2c a7 5e 6c b0 45 93 |.(.vs..C{,.^l.E.| 00000020 a5 71 36 41 3d da 8f 6c 1a d7 72 71 a8 e7 ef c6 |.q6A=..l..rq....| 00000030 90 3b 09 c7 95 87 91 86 b2 c1 e0 4d 69 3d ed 03 |.;.........Mi=..| 00000040 Thanks in advance!! Patrick Herbst ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org