问题
I have a signing server where you can upload a file and it will respond with the digital signature.
It is using openssl dgst -sha256 -sign which works fine.
However, we've had to start signing large files (>1 GB) and the uploads take forever. I had the idea that we could compute the sha256 digest locally and pass just that to the signing server which would speed things up considerably. However, this seemingly simple task seems crazy hard with openssl. Is there a reason for this?
I found one possible solution here but it's very complicated compared to the current dgst one-liner and involves generating an ASN1 config file.
Is this really the only way of generating digital signatures with openssl without needing the file present?
回答1:
You apparently want an RSA signature, specifically OpenSSL's default of RSASSA-PKCS1v1_5, although your question didn't say so and OpenSSL supports several other signature algorithms. And you ignored comment linking #9951559 to Different signatures when using C routines and openssl dgst, rsautl commands as well as dupe Multiple OpenSSL RSA signing methods produce different results and more linked there.
rsautl does not do the ASN.1 DigestInfo encoding at step 2 of rfc8017 et pred 9.2, but since 1.0.0 in 2010 pkeyutl does if you specify the digest algorithm:
openssl pkeyutl -sign -inkey privkey.pem -pkeyopt digest:sha256
# note input is binary; if you transport to the server as hex, use
# xxd -r -p or the printf $(echo $x | sed 's/../\\x&/g') hack or similar
# output is also binary by default, like rsautl which you seem to handle
Or the same section of PKCS1 (rfc8017 et pred) has constant prefix values for all standard hash-with-RSA schemes, which is still simpler than working out DER.
回答2:
Edit: Using @dave_thompson_085's answer, I created the following script:
#!/bin/bash
# Usage: $0 <sha256 digest>
# Example usage: ./sign_256sha.sh 5d525e3513b493798a7ac353401ef040ea6de92809485292201b8f27731e6379
# Input to openssl pkeyutl is binary, not ASCII hex,... need to convert using xxd
echo $1 | xxd -r -p | openssl pkeyutl -sign -inkey privkey.pem -pkeyopt digest:sha256
which is equivalent to:
openssl dgst -sha256 -sign privkey.pem <file>
as long as the sha256 digest of <file> is passed to the first.
来源:https://stackoverflow.com/questions/57929493/openssl-digitally-sign-digest-only