2

I have a PKCS#1 RSA Key.

Using Java I generated a digital signature for a text file with the word, "hello". Reference for Java implementation I used: https://docs.oracle.com/javase/tutorial/security/apisign/step3.html

 Signature mysig = Signature.getInstance("SHA256withRSA","SUN");
 mysig.initSign(mykey); //mykey is the PKCS#1 RSA key
 mysig.update(data.getBytes()); //data is the text file with the word hello
 byte[] signdata = mysig.sign();

Using the SAME PKCS#1 RSA Key, I generated digital signature for the SAME file, using OpenSSL

 openssl dgst -sha256 -sign privatekey.pem -out signature.sign file.txt

Turns out that the digital signature generated by Java and OpenSSL does not match. Wondering why is that?

sunny
  • 63
  • 4
  • Did you correctly load the private key into Java? See [Load RSA public key from file](http://stackoverflow.com/a/19387517/5221149). – Andreas Dec 04 '16 at 04:19
  • 2
    Is `data` a string? You may have an encoding issue. I ran a quick test and what you've described works for me. – teppic Dec 04 '16 at 04:30
  • [Why are the RSA-SHA256 signatures I generate with OpenSSL and Java different?](http://stackoverflow.com/q/13419201), [Signed message using openssl. Can't verify with Android/Java](http://stackoverflow.com/q/31004847), [Different RSA signatures when using OpenSSL and Android](http://stackoverflow.com/q/34134848), etc. – jww Dec 04 '16 at 07:31

0 Answers0