It depends on the type of key used. (Asymmetric) digital signature “algorithms” (schemes) consist of 2 or 3 parts:
- the digest algorithm applied to the data - for RSA only, the padding applied to the digest - the public-key algorithm used (RSA, DSA, ECDSA) Commandline dgst allows you to specify the digest, but since you didn’t it defaults to SHA1. It uses the public-key algorithm determined by the key in the key file provided. For RSA, you can specify the padding with -sigopt or it defaults to PKCS1 (v1.5, type 1). Thus with only the options posted, you got SHA1withRSA(PKCS1) dsawithSHA1 or ecdsawithSHA1. From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Marco A. Cruz Quevedo Sent: Friday, September 20, 2013 16:47 To: openssl-users@openssl.org Subject: *** Spam *** About dgst option Dear sirs: I use your openssl commandline utility but I need to know, which signing algorithm is used when openssl dgst -sign %key_pem% ... is issued.
