Re: [openssl-users] Java Snippet output is not equal to command line openssl command output , Why ?
Actually, it all works just fine. Viktor's point about adding terminating "\n"
to the input text helped.
-BEGIN PRIVATE KEY-
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDGlXflMDDD8kOP
TP5y06tSXe1g8G3uJAoGHT8NewYANIONuJEZveXnfL8+bJRIu8FDzeCc4SWsCISK
WMmX/VY+IzZxLvUlOzRaKmO3Su7A9ABSc/AtcEVcrXhr9qV3axZDMXRXsWTxFnhO
/lRK8RpfGoGIhgCKkuNswy/DUjka0x03HymD7HwWhaNgsuvon+zWlSNTIV3t/WU4
093DlykKgDwEPym3UXHIgAecEAsYvm/YeYtM8NsHF2tzr40dKxA460lO/P8Vr7rL
df+AF9sNyfNFR81KBtPp2aqvZVXabHQrIZEpoZLrkz6uCObmyPiFx2m59Y3nXQV2
Fac8DuATAgEDAoIBAQCEY6VDdXXX9te03f73N8eMPp5AoElJbVwEE39eUgQAIwJe
ewtmfplE/dTUSGLbJ9YtM+sTQMPIBa2xkIZlU47UF3mgyfjDfM2RcZfPh0nV+AA2
9/VzoC49yPrypG5PnLmCIPg6dkNLZFA0qY2HS2bqEauwWVWxt0JIgh/XjCYR4OYZ
y7unFj5XnW93cAfL9U8CZPonO6iHCB14unk/UyiIHNrR41at0+qwVJYXdTFx+m0C
3KiWAwleRdVy2LBj3Fq1R3/pW3tnYTadgOInRYF4hQuF+ttIzEiuimhd6blUdMlR
WWbw8xp2A8buS4DQUKz0u1OAAhDvsqfEDsWLIAq7AoGBAPHwbdW8aLN85Y3W1pYf
2ELIlV1422sH+MrKv/jqQFf9LVmiXzq2+EZiYQcSxUFp5/1OvnRIHfY2hiBtq4Ww
VBq9/0u/D8Rv9bKPOvpLxYZP9FIOo8/BaLp5VV3Vz4pxVort0xHr+DfWFWH7t0cC
m/3LtfC1Y7j0TKyL/soyDWzXAoGBANIf/7pM4msWM+5WtEoW17OKaE6fbHYbeG44
/C76WhRBJ5onCuz7m0tdoB9mGv+D3s8FcBojzlbDKIrZvv7XDG1rAL2x5AGKqDZP
+bH5ahKJDg/tq7Sba6xqtLBMtzVqZrtDSGTUPLNkeDJM4F6rs/dK+HvEjruLhF1E
ALS5UWMlAoGBAKFK8+PS8HeomQk55GQVOtcwY5Ol55yv+zHcf/tG1Y/+HjvBlNHP
UC7sQK9h2NZGmqjfKaLavqQkWWrzx651jWcpVN0qCoL1TncKJ1GH2QQ1TYwJwoqA
8HxQ45Pj37Gg5FyejLadUCU5Y5anz4SsZ/6HzqB47SX4Mx2yqdwhXkiPAoGBAIwV
VSbd7EdkIp7keDFkj80G8DRqSE68+vQl/XSm5rgrb7waB0invNzpFWpEEf+tPzSu
SrwX3uSCGwc71KnksvOcqykhQquxxXmKpnamRrcGCV/zx8288nLxzcrdz3jxmdIs
2u3i0yJC+swzQD8dIqTcpafYXyeyWD4tVc3Q4OzDAoGBAML1gJ2slF0egQmxKSJK
YktcRX4IP1rWlYClgcJ9OLAxZBFWPwW8+hsTfCDoa5WEk4+CFHZ37PyibzjGuASC
UQmOZj6tVnaRkB62ExArgjzyyIMEUAbfFw4vKHe8cyF8MFC6JbTYj0EDlQtkhK65
HE0xeJjwo/swhpkBItsH0cYJ
-END PRIVATE KEY-
-BEGIN PUBLIC KEY-
MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAxpV35TAww/JDj0z+ctOr
Ul3tYPBt7iQKBh0/DXsGADSDjbiRGb3l53y/PmyUSLvBQ83gnOElrAiEiljJl/1W
PiM2cS71JTs0Wipjt0ruwPQAUnPwLXBFXK14a/ald2sWQzF0V7Fk8RZ4Tv5USvEa
XxqBiIYAipLjbMMvw1I5GtMdNx8pg+x8FoWjYLLr6J/s1pUjUyFd7f1lONPdw5cp
CoA8BD8pt1FxyIAHnBALGL5v2HmLTPDbBxdrc6+NHSsQOOtJTvz/Fa+6y3X/gBfb
DcnzRUfNSgbT6dmqr2VV2mx0KyGRKaGS65M+rgjm5sj4hcdpufWN510FdhWnPA7g
EwIBAw==
-END PUBLIC KEY-
$ cat rsa_tst1.java
import java.security.KeyFactory;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
public class rsa_tst1
{
public static void main(String[] args) throws Exception
{
String input = "sample input\n";
final String strPk =
"-BEGIN PRIVATE KEY-\n"
+
"MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDGlXflMDDD8kOP\n"
+
"TP5y06tSXe1g8G3uJAoGHT8NewYANIONuJEZveXnfL8+bJRIu8FDzeCc4SWsCISK\n"
+
"WMmX/VY+IzZxLvUlOzRaKmO3Su7A9ABSc/AtcEVcrXhr9qV3axZDMXRXsWTxFnhO\n"
+
"/lRK8RpfGoGIhgCKkuNswy/DUjka0x03HymD7HwWhaNgsuvon+zWlSNTIV3t/WU4\n"
+
"093DlykKgDwEPym3UXHIgAecEAsYvm/YeYtM8NsHF2tzr40dKxA460lO/P8Vr7rL\n"
+
"df+AF9sNyfNFR81KBtPp2aqvZVXabHQrIZEpoZLrkz6uCObmyPiFx2m59Y3nXQV2\n"
+
"Fac8DuATAgEDAoIBAQCEY6VDdXXX9te03f73N8eMPp5AoElJbVwEE39eUgQAIwJe\n"
+
"ewtmfplE/dTUSGLbJ9YtM+sTQMPIBa2xkIZlU47UF3mgyfjDfM2RcZfPh0nV+AA2\n"
+
"9/VzoC49yPrypG5PnLmCIPg6dkNLZFA0qY2HS2bqEauwWVWxt0JIgh/XjCYR4OYZ\n"
+
"y7unFj5XnW93cAfL9U8CZPonO6iHCB14unk/UyiIHNrR41at0+qwVJYXdTFx+m0C\n"
+
"3KiWAwleRdVy2LBj3Fq1R3/pW3tnYTadgOInRYF4hQuF+ttIzEiuimhd6blUdMlR\n"
+
"WWbw8xp2A8buS4DQUKz0u1OAAhDvsqfEDsWLIAq7AoGBAPHwbdW8aLN85Y3W1pYf\n"
+
"2ELIlV1422sH+MrKv/jqQFf9LVmiXzq2+EZiYQcSxUFp5/1OvnRIHfY2hiBtq4Ww\n"
+
"VBq9/0u/D8Rv9bKPOvpLxYZP9FIOo8/BaLp5VV3Vz4pxVort0xHr+DfWFWH7t0cC\n"
+
"m/3LtfC1Y7j0TKyL/soyDWzXAoGBANIf/7pM4msWM+5WtEoW17OKaE6fbHYbeG44\n"
+
"/C76WhRBJ5onCuz7m0tdoB9mGv+D3s8FcBojzlbDKIrZvv7XDG1rAL2x5AGKqDZP\n"
+
"+bH5ahKJDg/tq7Sba6xqtLBMtzVqZrtDSGTUPLNkeDJM4F6rs/dK+HvEjruLhF1E\n"
+
"ALS5UWMlAoGBAKFK8+PS8HeomQk55GQVOtcwY5Ol55yv+zHcf/tG1Y/+HjvBlNHP\n"
+
"UC7sQK9h2NZGmqjfKaLavqQkWWrzx651jWcpVN0qCoL1TncKJ1GH2QQ1TYwJwoqA\n"
+
"8HxQ45Pj37Gg5FyejLadUCU5Y5anz4SsZ/6HzqB47SX4Mx2yqdwhXkiPAoGBAIwV\n"
+
"VSbd7EdkIp7keDFkj80G8DRqSE68+vQl/XSm5rgrb7waB0invNzpFWpEEf+tPzSu\n"
+
"SrwX3uSCGwc71KnksvOcqykhQquxxXmKpnamRrcGCV/zx8288nLxzcrdz3jxmdIs\n"
+
"2u3i0yJC+swzQD8dIqTcpafYXyeyWD4tVc3Q4OzDAoGBAML1gJ2slF0egQmxKSJK\n"
+
"YktcRX4IP1rWlYClgcJ9OLAxZBFWPwW8+hsTfCDoa5WEk4+CFHZ37PyibzjGuASC\n"
+
"UQmOZj6tVnaRkB62ExArgjzyyIMEUAbfFw4vKHe8cyF8MFC6JbTYj0EDlQtkhK65\n"
+ "HE0xeJjwo/swhpkBItsH0cYJ\n"
+ "-END PRIVATE KEY-\n";
String base64Signature = signSHA256RSA(input,strPk);
Re: [openssl-users] Java Snippet output is not equal to command line openssl command output , Why ?
> On Aug 1, 2018, at 12:47 PM, timmy pony wrote:
>
> On Wed, Aug 1, 2018 at 4:28 PM Viktor Dukhovni
> wrote:
> On Wed, Aug 01, 2018 at 09:24:38AM +0100, timmy pony wrote:
>
> > I have tried this
> >
> > openssl dgst -sha256 -sign my_private.key -out /tmp/sign.sha256
> > codeTosign.txt
>
> This produces raw binary output, no base64 encoding. What is the
> content of the file "codeToSign.txt"? Post the output of:
>
> od -tx1 < /tmp/codeToSign.txt
>
> od -tx1 < codeToSign.txt
> 00073 61 6d 70 6c 65 20 69 6e 70 75 74 0a
> 015
As expected, the disk file has a newline ending (0x0a) after the
input string.
> > public class SHA256RSA {
> >
> > public static void main(String[] args) throws Exception {
> > String input = "sample input";
>
> This input has no newline ending, perhaps the disk file does.
The input string signed by the Java code does not. The signatures
are therefore *expected* to be different.
Either include a newline in the Java string, or create an input
file with no newline ending.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Java Snippet output is not equal to command line openssl command output , Why ?
Hi Vicktor - I put a '\n' at end of java snippet
Both are now equal
Thank you for your help.
On Wed, Aug 1, 2018 at 5:47 PM timmy pony wrote:
> Hi Vicktor, Speed read the previous mail.
>
>
>
> On Wed, Aug 1, 2018 at 4:28 PM Viktor Dukhovni
> wrote:
>
>> On Wed, Aug 01, 2018 at 09:24:38AM +0100, timmy pony wrote:
>>
>> > I have tried this
>> >
>> > openssl dgst -sha256 -sign my_private.key -out /tmp/sign.sha256
>> codeTosign.txt
>>
>> This produces raw binary output, no base64 encoding. What is the
>> content of the file "codeToSign.txt"? Post the output of:
>>
>> od -tx1 < /tmp/codeToSign.txt
>>
>
> od -tx1 < codeToSign.txt
>
> 00073 61 6d 70 6c 65 20 69 6e 70 75 74 0a
>
> 015
>
>
>>
>> > public class SHA256RSA {
>> >
>> > public static void main(String[] args) throws Exception {
>> > String input = "sample input";
>>
>> This input has no newline ending, perhaps the disk file does.
>>
>> > // Not a real private key! Replace with your private key!
>> > String strPk = "-BEGIN PRIVATE
>> KEY-\nMIIEvwIBADANBgkqhkiG9"
>> > + "w0BAQEFAASCBKkwggSlAgEAAoIBAQDJUGqaRB11KjxQ\nKHDeG"
>> > +
>> ""
>> > + "Ldt0hAPNl4QKYWCfJm\nNf7Afqaa/RZq0+y/36v83NGENQ==\n"
>> > + "-END PRIVATE KEY-\n";
>>
>> I sure hope your production code will *NOT* have the private key
>> embedded in the executable.
>>
>> > String base64Signature = signSHA256RSA(input,strPk);
>> > System.out.println("Signature="+base64Signature);
>>
>> This outputs a signature encoded in base64.
>>
>> --
>> Viktor.
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Java Snippet output is not equal to command line openssl command output , Why ?
Hi Vicktor, Speed read the previous mail.
On Wed, Aug 1, 2018 at 4:28 PM Viktor Dukhovni
wrote:
> On Wed, Aug 01, 2018 at 09:24:38AM +0100, timmy pony wrote:
>
> > I have tried this
> >
> > openssl dgst -sha256 -sign my_private.key -out /tmp/sign.sha256
> codeTosign.txt
>
> This produces raw binary output, no base64 encoding. What is the
> content of the file "codeToSign.txt"? Post the output of:
>
> od -tx1 < /tmp/codeToSign.txt
>
od -tx1 < codeToSign.txt
00073 61 6d 70 6c 65 20 69 6e 70 75 74 0a
015
>
> > public class SHA256RSA {
> >
> > public static void main(String[] args) throws Exception {
> > String input = "sample input";
>
> This input has no newline ending, perhaps the disk file does.
>
> > // Not a real private key! Replace with your private key!
> > String strPk = "-BEGIN PRIVATE
> KEY-\nMIIEvwIBADANBgkqhkiG9"
> > + "w0BAQEFAASCBKkwggSlAgEAAoIBAQDJUGqaRB11KjxQ\nKHDeG"
> > +
> ""
> > + "Ldt0hAPNl4QKYWCfJm\nNf7Afqaa/RZq0+y/36v83NGENQ==\n"
> > + "-END PRIVATE KEY-\n";
>
> I sure hope your production code will *NOT* have the private key
> embedded in the executable.
>
> > String base64Signature = signSHA256RSA(input,strPk);
> > System.out.println("Signature="+base64Signature);
>
> This outputs a signature encoded in base64.
>
> --
> Viktor.
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Java Snippet output is not equal to command line openssl command output , Why ?
> On Aug 1, 2018, at 12:14 PM, timmy pony wrote: > > Thanks Viktor, > for assistance . > The embedded private key "skeleton" is only for visualisation purposes; No it > will not. > > > the openssl command returns binary. > so i can do .But they are still coming out different. > > openssl base64 -in /tmp/sign.sha256 -out Please re-read my previous post and respond to *all* the points. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Java Snippet output is not equal to command line openssl command output , Why ?
Thanks Viktor,
for assistance .
The embedded private key "skeleton" is only for visualisation purposes; No
it will not.
the openssl command returns binary.
so i can do .But they are still coming out different.
openssl base64 -in /tmp/sign.sha256 -out
On Wed, Aug 1, 2018 at 4:28 PM Viktor Dukhovni
wrote:
> On Wed, Aug 01, 2018 at 09:24:38AM +0100, timmy pony wrote:
>
> > I have tried this
> >
> > openssl dgst -sha256 -sign my_private.key -out /tmp/sign.sha256
> codeTosign.txt
>
> This produces raw binary output, no base64 encoding. What is the
> content of the file "codeToSign.txt"? Post the output of:
>
> od -tx1 < /tmp/codeToSign.txt
>
> > public class SHA256RSA {
> >
> > public static void main(String[] args) throws Exception {
> > String input = "sample input";
>
> This input has no newline ending, perhaps the disk file does.
>
> > // Not a real private key! Replace with your private key!
> > String strPk = "-BEGIN PRIVATE
> KEY-\nMIIEvwIBADANBgkqhkiG9"
> > + "w0BAQEFAASCBKkwggSlAgEAAoIBAQDJUGqaRB11KjxQ\nKHDeG"
> > +
> ""
> > + "Ldt0hAPNl4QKYWCfJm\nNf7Afqaa/RZq0+y/36v83NGENQ==\n"
> > + "-END PRIVATE KEY-\n";
>
> I sure hope your production code will *NOT* have the private key
> embedded in the executable.
>
> > String base64Signature = signSHA256RSA(input,strPk);
> > System.out.println("Signature="+base64Signature);
>
> This outputs a signature encoded in base64.
>
> --
> Viktor.
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Java Snippet output is not equal to command line openssl command output , Why ?
On Wed, Aug 01, 2018 at 09:24:38AM +0100, timmy pony wrote:
> I have tried this
>
> openssl dgst -sha256 -sign my_private.key -out /tmp/sign.sha256 codeTosign.txt
This produces raw binary output, no base64 encoding. What is the
content of the file "codeToSign.txt"? Post the output of:
od -tx1 < /tmp/codeToSign.txt
> public class SHA256RSA {
>
> public static void main(String[] args) throws Exception {
> String input = "sample input";
This input has no newline ending, perhaps the disk file does.
> // Not a real private key! Replace with your private key!
> String strPk = "-BEGIN PRIVATE KEY-\nMIIEvwIBADANBgkqhkiG9"
> + "w0BAQEFAASCBKkwggSlAgEAAoIBAQDJUGqaRB11KjxQ\nKHDeG"
> + ""
> + "Ldt0hAPNl4QKYWCfJm\nNf7Afqaa/RZq0+y/36v83NGENQ==\n"
> + "-END PRIVATE KEY-\n";
I sure hope your production code will *NOT* have the private key
embedded in the executable.
> String base64Signature = signSHA256RSA(input,strPk);
> System.out.println("Signature="+base64Signature);
This outputs a signature encoded in base64.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Java Snippet output is not equal to command line openssl command output , Why ?
Hi,
Could some openssl expert please advise ?
Trying to get the equivalent Openssl command-line version of the following
java snippet.
I have tried this openssl dgst -sha256 -sign my_private.key -out
/tmp/sign.sha256 codeTosign.txt
But the the results do not match ?
```
From: "tim.fortinbras"
To: openssl-users@openssl.org
Cc:
Bcc:
Date: Tue, 31 Jul 2018 06:48:59 -0700 (MST)
Subject: Looking for exact openssl commands to do the following from
command line ?
import java.security.KeyFactory;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
public class SHA256RSA {
public static void main(String[] args) throws Exception {
String input = "sample input";
// Not a real private key! Replace with your private key!
String strPk = "-BEGIN PRIVATE KEY-\nMIIEvwIBADANBgkqhkiG9"
+ "w0BAQEFAASCBKkwggSlAgEAAoIBAQDJUGqaRB11KjxQ\nKHDeG"
+ ""
+ "Ldt0hAPNl4QKYWCfJm\nNf7Afqaa/RZq0+y/36v83NGENQ==\n"
+ "-END PRIVATE KEY-\n";
String base64Signature = signSHA256RSA(input,strPk);
System.out.println("Signature="+base64Signature);
}
// Create base64 encoded signature using SHA256/RSA.
private static String signSHA256RSA(String input, String strPk) throws
Exception {
// Remove markers and new line characters in private key
String realPK = strPk.replaceAll("-END PRIVATE KEY-", "")
.replaceAll("-BEGIN PRIVATE KEY-", "")
.replaceAll("\n", "");
byte[] b1 = Base64.getDecoder().decode(realPK);
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(b1);
KeyFactory kf = KeyFactory.getInstance("RSA");
Signature privateSignature = Signature.getInstance("SHA256withRSA");
privateSignature.initSign(kf.generatePrivate(spec));
privateSignature.update(input.getBytes("UTF-8"));
byte[] s = privateSignature.sign();
return Base64.getEncoder().encodeToString(s);
}
}
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
