Using openssl-rsautl for verifying signatures

[Philip Prindeville]

Hi,

I did the following in trying to build some validation steps to use against my own rewrite of the crypto functions in Asterisk (to use EVP-PKEY).

% echo -n "Mary had a little lamb." | openssl sha1 -binary > digest

% od -t x1 digest
0000000 4e 07 b8 c7 aa f2 a4 ed 4c e3 9e 76 f6 5d 2a 04
0000020 bd ef 57 00
0000024

% openssl rsautl -sign -inkey tests/keys/rsa_key1.key -pkcs -in digest > signing

% openssl rsautl -verify -inkey tests/keys/rsa_key1.pub -pubin -pkcs -in signing > digest2

% od -t x1 digest
0000000 4e 07 b8 c7 aa f2 a4 ed 4c e3 9e 76 f6 5d 2a 04
0000020 bd ef 57 00
0000024

And all of that looks good.

But when I take the result of calling:

	const char msg[] = "Mary had a little lamb.";
	unsigned msglen = sizeof(msg) - 1;
	char digest[20];

        /* Calculate digest of message */
        SHA1((unsigned char *)msg, msglen, digest);

        res = RSA_sign(NID_sha1, digest, sizeof(digest), dsig, &siglen, key->rsa);

And write that (dsig, siglen) to a file (signing2) and then try to verify that, I get very different results:

openssl rsautl -verify -inkey tests/keys/rsa_key1.pub -pubin -pkcs -in signing2  -asn1parse
    0:d=0  hl=2 l=  33 cons: SEQUENCE          
    2:d=1  hl=2 l=   9 cons:  SEQUENCE          
    4:d=2  hl=2 l=   5 prim:   OBJECT            :sha1
   11:d=2  hl=2 l=   0 prim:   NULL              
   13:d=1  hl=2 l=  20 prim:  OCTET STRING      
      0000 - 4e 07 b8 c7 aa f2 a4 ed-4c e3 9e 76 f6 5d 2a 04   N.......L..v.]*.
      0010 - bd ef 57 00                                       ..W.

Why is RSA_sign() wrapping the signature in ASN.1?

Or, put a different way, how do I reproduce what RSA_sign() is doing from the command line?

Is there another command that does RSA signing besides rsautl?

Thanks,

-Philip