以下命令为输入文件生成签名:
openssl dgst -sha1 -sign privateKey.pem -out signature1 someInputFile
以下命令还为输入文件生成签名:
openssl dgst -binary -sha1 someInputFile > digest
openssl rsautl -sign -in digest -inkey privateKey.pem -out signature2
据我所知,他们都应该创建文件的 SHA1 摘要的 RSA 签名。但它们不会生成相同的签名。
因此,方法2生成的签名也无法被验证。openssl dgst -verify
call.
有人知道差异是什么以及如何克服吗?
简单的答案是dgst -sign
创建一个哈希,ASN1对其进行编码,然后对ASN1编码的哈希进行签名,而rsautl -sign
只需对输入进行签名,无需散列或 ASN1 编码。两种方法都在输出中包含输入数据以及签名,而不是仅生成签名作为输出。这是一个 Bash 脚本,显示了之间的区别openssl dgst -sign
and openssl rsautl -sign
.
#!/bin/bash
# @(#) Bash script demos difference between openssl rsautl and dgst signing
# Usage: $0 <name of file to sign> <private key file, without passphrase>
# 1. Make an ASN1 config file
cat >asn1.conf <<EOF
asn1 = SEQUENCE:digest_info_and_digest
[digest_info_and_digest]
dinfo = SEQUENCE:digest_info
digest = FORMAT:HEX,OCT:`openssl dgst -sha256 $1 |cut -f 2 -d ' '`
[digest_info]
algid = OID:2.16.840.1.101.3.4.2.1
params = NULL
EOF
# If you are wondering what the "algid = OID:2.16.840.1.101.3.4.2.1" is, it's
# the SHA256 OID, see http://oid-info.com/get/2.16.840.1.101.3.4.2.1
# 2. Make a DER encoded ASN1 structure that contains the hash and
# the hash type
openssl asn1parse -i -genconf asn1.conf -out $1.dgst.asn1
# 3. Make a signature file that contains both the ASN1 structure and
# its signature
openssl rsautl -sign -in $1.dgst.asn1 -inkey $2 -out $1.sig.rsa
# 4. Verify the signature that we just made and ouput the ASN structure
openssl rsautl -verify -in $1.sig.rsa -inkey $2 -out $1.dgst.asn1_v
# 5. Verify that the output from the signature matches the original
# ASN1 structure
diff $1.dgst.asn1 $1.dgst.asn1_v
# 6. Do the equivalent of steps 1-5 above in one "dgst" command
openssl dgst -sha256 -sign $2 -out $1.sig.rsa_dgst $1
# 7. Verify that the signature file produced from the rsautl and the dgst
# are identical
diff $1.sig.rsa $1.sig.rsa_dgst
请参阅我上面对 OP 的评论以获得学分。
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)