Why are the RSA signatures I generate with openssl and golang different?

Question

I use openssl command to sign the message \"Test.\", output with hexdump

# echo \"Test.\" | openssl rsautl -inkey privite.key -sign -hexdump
0000 - 09 1b ce          


        

Answer 1

In addition to the newline added by echo described in helmbert’s answer, the OpenSSL rsautl command operates directly on the supplied data, while the Go code first hashes the data with SHA256 and then signs the resulting digest.

To perform the same as the Go code with OpenSSL, you can use the dgst command with the -sign option (note I’ve included the -n option to echo here too):

$ echo -n "Test." | openssl dgst -sha256 -sign private.key -hex
52e1cce3810c1a89693cf6965d1035618820a9e3a7b95203d885c4153dc3f7424b98e3ba628a186f1074d672bb59a1c0788a9c2064951ca2326eb1bf8e3e49e9

To go the other way and sign the raw message without hashing in Go code, you can pass 0 as the value of the hash argument to rsa.SignPKCS1v15:

indata := []byte("Test.")

s, err := rsa.SignPKCS1v15(nil, privKey, 0, indata)

Answer 2

The echo command prints a string with a trailing newline (\n or 0a):

> echo 'Test.' | hexdump -C
00000000  54 65 73 74 2e 0a                                 |Test..|
00000006

So in your case, you're signing Test.\n the first time, and Test. the second time in your Go program. Use echo's -n switch to suppress the trailing newline:

> echo -n 'Test.' | hexdump -C
00000000  54 65 73 74 2e                                    |Test.|
00000005

Answer 3

This is a very useful link.

// Sign secret with rsa with PKCS 1.5 as the padding algorithm
// The result should be exactly same as "openssl rsautl -sign -inkey "YOUR_RSA_PRIVATE_KEY" -in "YOUR_PLAIN_TEXT""
signer, err := rsa.SignPKCS1v15(rand.Reader, rsaPrivateKey.(*rsa.PrivateKey), crypto.Hash(0), []byte(message))

https://github.com/bitmartexchange/bitmart-go-api/blob/master/bm_client.go