(no subject)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

(no subject)



Trying to get the Openssl command line version of the following snippet.

I have tried this  openssl dgst -sha256 -sign my_private.key -out /tmp/sign.sha256 codeTosign.txt

But the  the results do not match ?

From: "tim.fortinbras" <[hidden email]>
To: [hidden email]
Date: Tue, 31 Jul 2018 06:48:59 -0700 (MST)
Subject: Looking for exact openssl commands to do the following from command line ?
import java.security.KeyFactory;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;

public class SHA256RSA {

    public static void main(String[] args) throws Exception {
        String input = "sample input";

        // Not a real private key! Replace with your private key!
        String strPk = "-----BEGIN PRIVATE KEY-----\nMIIEvwIBADANBgkqhkiG9"
                + "w0BAQEFAASCBKkwggSlAgEAAoIBAQDJUGqaRB11KjxQ\nKHDeG"
                + "........................................................"
                + "Ldt0hAPNl4QKYWCfJm\nNf7Afqaa/RZq0+y/36v83NGENQ==\n" 
                + "-----END PRIVATE KEY-----\n";

        String base64Signature = signSHA256RSA(input,strPk);

    // Create base64 encoded signature using SHA256/RSA.
    private static String signSHA256RSA(String input, String strPk) throws
Exception {
        // Remove markers and new line characters in private key
        String realPK = strPk.replaceAll("-----END PRIVATE KEY-----", "")
                             .replaceAll("-----BEGIN PRIVATE KEY-----", "")
                             .replaceAll("\n", "");

        byte[] b1 = Base64.getDecoder().decode(realPK);
        PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(b1);
        KeyFactory kf = KeyFactory.getInstance("RSA");

        Signature privateSignature = Signature.getInstance("SHA256withRSA");
        byte[] s = privateSignature.sign();
        return Base64.getEncoder().encodeToString(s);

openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users