Hi, David,
I don't quite understand. Are you trying sign something? If you're
trying to sign something, then it looks like this (please excuse my
pseudo-code!):
byte[] twentyBytes = sha1( input );
byte[] signature = rsaEncrypt( privateKey, twentyBytes );
In other words, you can use RSA to encrypt the 20 byte sha1 digest.
But the output of the RSA encryption is going to be larger than 20
bytes! (Unless you use a very small RSA key - 160 bits?).
Using a 2048 bit RSA private key, my output was 256 bytes (2048 bits).
$ openssl dgst -sha1 -sign samples/rsa/openssl_rsa_unencrypted.pem
-hex README.txt
SHA1(README.txt)=
9699dc843a1608b4dbfd13a8f977d7381daae6bc659ebed6f9165f4a1417e447
86c8ec5373a06f85cb0d6c2d128bf9317e69274efa741b2a6289fb576bbe0c28
9efc1de644cf10bd64b4d4a1b24e1cc5688dc22e1732bc22a37984e554dbd2ef
e42a0acd4e48e1f937129d20ea8465d4c1795a705825d8292df329d60660bd93
312fd5f66e0d6745bacd02190da091c2bb78854b1761d58b5ddd793bcd687328
3c3b52c2e370199465554397d70b4a5ceaf49df597b29cc50c50b69d16aaaf6a
a7598192d0912509e6458ba3e611025c708d1f6f3260ddde332326ba87385a98
d2b84115c473a1df7deea4e189956656165fcfcd6abb92f2a7ca804e612677ad
yours,
Julius
On 2/25/07, WCR <[EMAIL PROTECTED]> wrote:
Hi All
I have two simple questions that perhaps someone can answer.
1. Does Openssl version 0.9.8e allow one to produce an SHA1 digest
with
RSA?
2. If so, can I do it from a command line or do I need to link the
libraries?
I think an SHA1 digest with RSA returns a string of length 28 Bytes but I
get 40 Bytes when I use the command: openssl dgst -sha1 -key mykey.pem
mydata.txt > mydigest.out (I want 28 bytes)
Can anyone help samples etc?
TIA
David
--
yours,
Julius Davies
416-652-0183
http://juliusdavies.ca/commons-ssl/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
