From ecrist at secure-computing.net Wed Aug 13 19:14:01 2008 From: ecrist at secure-computing.net (Eric F Crist) Date: Wed Aug 13 19:15:10 2008 Subject: [X-Unix] Poke... Message-ID: Just wanna make sure everyone's still alive... :) --- Eric Crist From chammann at mac.com Wed Aug 13 19:28:43 2008 From: chammann at mac.com (Christoph Hammann) Date: Wed Aug 13 19:29:21 2008 Subject: [X-Unix] Poke... In-Reply-To: References: Message-ID: Giggle .... 8-^ Am 14.08.2008 um 04:14 schrieb Eric F Crist: > Just wanna make sure everyone's still alive... > > :) > --- > Eric Crist > > > > > _______________________________________________ > X-Unix mailing list > X-Unix@listserver.themacintoshguy.com > http://listserver.themacintoshguy.com/mailman/listinfo/x-unix From douglist at macnauchtan.com Wed Aug 13 19:42:57 2008 From: douglist at macnauchtan.com (Doug McNutt) Date: Wed Aug 13 19:43:10 2008 Subject: [X-Unix] Poke... In-Reply-To: References: Message-ID: At 04:28 +0200 8/14/08, Christoph Hammann wrote: >Giggle .... >8-^ > >Am 14.08.2008 um 04:14 schrieb Eric F Crist: > >> Just wanna make sure everyone's still alive... >> >> :) >> --- >> Eric Crist Echo the giggle but the truth is that I'm having more fun with Ubuntu. -- --> A fair tax is one that you pay but I don't <-- From alex at underwares.org Wed Aug 13 20:36:03 2008 From: alex at underwares.org (Alexandre Gauthier) Date: Wed Aug 13 20:36:32 2008 Subject: [X-Unix] Poke... In-Reply-To: References: Message-ID: <03D99BE9-476A-493F-A7A9-D6CF23B85B8E@underwares.org> Le 08-08-13 ? 22:42, Doug McNutt a ?crit : > At 04:28 +0200 8/14/08, Christoph Hammann wrote: >> Giggle .... >> 8-^ >> >> Am 14.08.2008 um 04:14 schrieb Eric F Crist: >> >>> Just wanna make sure everyone's still alive... >>> >>> :) >>> --- >>> Eric Crist > > Echo the giggle but the truth is that I'm having more fun with Ubuntu. > Echo as well :) From filipp at mac.com Wed Aug 13 21:15:32 2008 From: filipp at mac.com (Filipp Lepalaan) Date: Wed Aug 13 21:15:43 2008 Subject: [X-Unix] Poke... In-Reply-To: <03D99BE9-476A-493F-A7A9-D6CF23B85B8E@underwares.org> References: <03D99BE9-476A-493F-A7A9-D6CF23B85B8E@underwares.org> Message-ID: On 14.8.2008, at 6.36, Alexandre Gauthier wrote: > > Le 08-08-13 ? 22:42, Doug McNutt a ?crit : > >> At 04:28 +0200 8/14/08, Christoph Hammann wrote: >>> Giggle .... >>> 8-^ >>> >>> Am 14.08.2008 um 04:14 schrieb Eric F Crist: >>> >>>> Just wanna make sure everyone's still alive... >>>> >>>> :) >>>> --- >>>> Eric Crist >> >> Echo the giggle but the truth is that I'm having more fun with >> Ubuntu. >> > > Echo as well :)_______________________________________________ echo! :) -filipp From simon-lists at ldml.com Thu Aug 14 00:46:43 2008 From: simon-lists at ldml.com (Simon Forster) Date: Thu Aug 14 00:46:53 2008 Subject: [X-Unix] Ubuntu [Was: Poke...] In-Reply-To: References: Message-ID: <05A2186F-9F44-4347-8AA3-10D7A43F4199@ldml.com> On 14 Aug 2008, at 03:42, Doug McNutt wrote: > Echo the giggle but the truth is that I'm having more fun with Ubuntu. So how is it? Are you productive with it or is it simply a time sink? TIA Simon From douglist at macnauchtan.com Thu Aug 14 09:24:46 2008 From: douglist at macnauchtan.com (Doug McNutt) Date: Thu Aug 14 09:25:04 2008 Subject: [X-Unix] Ubuntu [Was: Poke...] In-Reply-To: <05A2186F-9F44-4347-8AA3-10D7A43F4199@ldml.com> References: <05A2186F-9F44-4347-8AA3-10D7A43F4199@ldml.com> Message-ID: At 08:46 +0100 8/14/08, Simon Forster wrote: >On 14 Aug 2008, at 03:42, Doug McNutt wrote: > >> Echo the giggle but the truth is that I'm having more fun with Ubuntu. > >So how is it? Are you productive with it or is it simply a time sink? I'd say not yet productive but a whole lot more fun than OS neXt and X-code. My productivity machine remains this 8500 running OS 9.1 with MPW, Excel 2001, Nisus 5.1, and Eudora 5.1. My G4 running 10.3.9 does my CAD stuff with Vectorworks and perl. BBEdit worksheets sort of work but it's not nearly as well as MPW. The Intel box running Ubuntu with two monitors and an Nvidia "video" board was 2 k$ cheaper than a Mac Pro would have been and it does my web stuff with Firefox quite well. The claws email client is much like Eudora and NOT like AppleMail. I did have to shut down my Mac IIFX to make room. Ubuntu even talks to my SE/30 file server which is more than OS 10.4 and higher can do. There is no suitable open source CAD software for the electronic design that I do. When I do need OS 10.5 it's available on the lady's machine at the other end of the house but that's pretty much only for art and entertainment. But the best part - the time sink - is that gedit is truly extensible and if I don't like it the source code is right there for recompilation and that's true of everything else. Gtk and gnome need something like Inside Macintosh with its 10 volumes still on my shelf. My goal is to make gedit into an editor-shell the way MPW worked. But. . . finding the information I need is a problem. It's somewhere out there on the web but reading source code is the only way to get real truth and that keeps changing with an update or two every day. I am running BIND and thinking about qmail for the extended family. ssh is pretty much a pleasure and I find myself logging in from the G4 regularly. Most of all, I feel like I know what I'm doing. It's almost like the old days with a Control Data 3800 and a 56 kb/sec link to Houston. System updates came as a tape of card images with INSERT and DELETE items for the assembler. I'm at the point where I occasionally try to use CONTROL-C,V instead of COMMAND-C,V on the Macs and that scares me. -- --> The best programming tool is a soldering iron <-- From simon-lists at ldml.com Thu Aug 14 09:41:28 2008 From: simon-lists at ldml.com (Simon Forster) Date: Thu Aug 14 09:41:36 2008 Subject: [X-Unix] Ubuntu [Was: Poke...] In-Reply-To: References: <05A2186F-9F44-4347-8AA3-10D7A43F4199@ldml.com> Message-ID: <5892DCE1-66EE-4526-BB3B-AE553BD80FDA@ldml.com> On 14 Aug 2008, at 17:24, Doug McNutt wrote: > At 08:46 +0100 8/14/08, Simon Forster wrote: >> On 14 Aug 2008, at 03:42, Doug McNutt wrote: >> >>> Echo the giggle but the truth is that I'm having more fun with >>> Ubuntu. >> >> So how is it? Are you productive with it or is it simply a time sink? > > I'd say not yet productive but a whole lot more fun than OS neXt and > X-code.... So Linux is still that time sink where you can find 101 things to do other than that one crappy job you've been putting off for the past 2 weeks anyway. Tempting but I'll have to pass. :-\ Simon From alex at underwares.org Thu Aug 14 11:43:51 2008 From: alex at underwares.org (Alexandre Gauthier) Date: Thu Aug 14 11:46:46 2008 Subject: [X-Unix] Ubuntu [Was: Poke...] In-Reply-To: <5892DCE1-66EE-4526-BB3B-AE553BD80FDA@ldml.com> References: <05A2186F-9F44-4347-8AA3-10D7A43F4199@ldml.com> <5892DCE1-66EE-4526-BB3B-AE553BD80FDA@ldml.com> Message-ID: <48A47CE7.9070501@underwares.org> Simon Forster a ?crit : > > On 14 Aug 2008, at 17:24, Doug McNutt wrote: > >> At 08:46 +0100 8/14/08, Simon Forster wrote: >>> On 14 Aug 2008, at 03:42, Doug McNutt wrote: >>> >>>> Echo the giggle but the truth is that I'm having more fun with Ubuntu. >>> >>> So how is it? Are you productive with it or is it simply a time sink? >> >> I'd say not yet productive but a whole lot more fun than OS neXt and >> X-code.... > > > > So Linux is still that time sink where you can find 101 things to do > other than that one crappy job you've been putting off for the past 2 > weeks anyway. > > Tempting but I'll have to pass. > > :-\ > I can't speak for others but my main production machine is running Ubuntu. I do most of my productivity stuff on it. But then again, i'm a network guy, so it makes sense. The old-ish dual G5 with its 8 gigabytes of memory is actually the time sink machine, on my end. In any case, why do you not try it for yourself? Just shove the livecd in, and boot. From simon-lists at ldml.com Thu Aug 14 12:51:41 2008 From: simon-lists at ldml.com (Simon Forster) Date: Thu Aug 14 12:54:43 2008 Subject: [X-Unix] Ubuntu [Was: Poke...] In-Reply-To: <48A47CE7.9070501@underwares.org> References: <05A2186F-9F44-4347-8AA3-10D7A43F4199@ldml.com> <5892DCE1-66EE-4526-BB3B-AE553BD80FDA@ldml.com> <48A47CE7.9070501@underwares.org> Message-ID: On 14 Aug 2008, at 19:43, Alexandre Gauthier wrote: > In any case, why do you not try it for yourself? Just shove the > livecd in, and boot. On 14 Aug 2008, at 17:41, Simon Forster wrote: > So Linux is still that time sink where you can find 101 things to do > other than that one crappy job you've been putting off for the past > 2 weeks anyway. > > Tempting but I'll have to pass. And you sir are the devil. Really, I do NOT need someone waving a fun Friday afternoon activity in front of me when I have that I've-put-it- off-for-months job and finally have run out of all the displacement jobettes I can find. arrggghhh. I am strong. Resist the dark side. ;-) Simon P.S. Tomorrow afternoon you are likely to find me in front of my computer playing with Ubuntu. God I'm pathetic. All the will power of an amoeba. From andrew at trevorrow.com Thu Aug 14 16:05:57 2008 From: andrew at trevorrow.com (Andrew Trevorrow) Date: Thu Aug 14 16:06:21 2008 Subject: [X-Unix] Poke... In-Reply-To: <20080814195510.E1B4237ADF24@listserver.themacintoshguy.com> References: <20080814195510.E1B4237ADF24@listserver.themacintoshguy.com> Message-ID: > Just wanna make sure everyone's still alive... I'm alive, but I seem to be stuck in some sort of time warp: Date: Thu, 29 May 2008 09:41:53 +1000 From: Andrew Trevorrow Subject: [X-Unix] Re: Was Folder, Became Application ... Can anybody explain how a message I sent over 2 months ago has only just now appeared!? Andrew From ecrist at secure-computing.net Thu Aug 14 16:12:45 2008 From: ecrist at secure-computing.net (Eric F Crist) Date: Thu Aug 14 16:13:51 2008 Subject: [X-Unix] Poke... In-Reply-To: References: <20080814195510.E1B4237ADF24@listserver.themacintoshguy.com> Message-ID: I got that on the date indicated. You sure you weren't having mail problems on May 29th? Eric On Aug 14, 2008, at 6:05 PM, Andrew Trevorrow wrote: >> Just wanna make sure everyone's still alive... > > I'm alive, but I seem to be stuck in some sort of time warp: > > Date: Thu, 29 May 2008 09:41:53 +1000 > From: Andrew Trevorrow > Subject: [X-Unix] Re: Was Folder, Became Application > ... > > Can anybody explain how a message I sent over 2 months ago has > only just now appeared!? > > Andrew > _______________________________________________ > X-Unix mailing list > X-Unix@listserver.themacintoshguy.com > http://listserver.themacintoshguy.com/mailman/listinfo/x-unix --- Eric Crist From macmonster at myrealbox.com Fri Aug 15 07:26:26 2008 From: macmonster at myrealbox.com (Stroller) Date: Fri Aug 15 09:05:14 2008 Subject: [X-Unix] Poke... In-Reply-To: References: <20080814195510.E1B4237ADF24@listserver.themacintoshguy.com> Message-ID: If he was, then so was I. I had assumed the last couple of months that the listserv was suffering from one of its occasional hiccups, so I am surprised to read that you received it in May. Until yesterday the last message in my mail folder for this list was "Re: Was Folder, Became Application" from Andrew Trevorrow (29 May 2008 00:41:53 BST). I'm pretty sure that was the last message in the list archive, too. Hove airport, what? The swishest of international hubs. Stroller. On 15 Aug 2008, at 00:12, Eric F Crist wrote: > I got that on the date indicated. You sure you weren't having mail > problems on May 29th? > > Eric > > > On Aug 14, 2008, at 6:05 PM, Andrew Trevorrow wrote: > >>> Just wanna make sure everyone's still alive... >> >> I'm alive, but I seem to be stuck in some sort of time warp: >> >> Date: Thu, 29 May 2008 09:41:53 +1000 >> From: Andrew Trevorrow >> Subject: [X-Unix] Re: Was Folder, Became Application >> ... >> >> Can anybody explain how a message I sent over 2 months ago has >> only just now appeared!? >> From douglist at macnauchtan.com Fri Aug 15 13:43:50 2008 From: douglist at macnauchtan.com (Doug McNutt) Date: Fri Aug 15 15:11:10 2008 Subject: [X-Unix] Poke... In-Reply-To: References: <20080814195510.E1B4237ADF24@listserver.themacintoshguy.com> Message-ID: At 15:26 +0100 8/15/08, Stroller wrote: >If he was, then so was I. > >I had assumed the last couple of months that the listserv was suffering from one of its occasional hiccups, so I am surprised to read that you received it in May. > >Until yesterday the last message in my mail folder for this list was "Re: Was Folder, Became Application" from Andrew Trevorrow (29 May 2008 00:41:53 BST). I'm pretty sure that was the last message in the list archive, too. > >On 15 Aug 2008, at 00:12, Eric F Crist wrote: > >> I got that on the date indicated. You sure you weren't having mail problems on May 29th? >> >> Eric At 21:14 -0500 8/13/08, Eric F Crist wrote, in his email headers: These headers indicate that the message we got left Eric's mail system on 13 August. >Received: from listserver.themacintoshguy.com (listserver.themacintoshguy.com [68.178.107.253]) by mailwash42.pair.com (Postfix) with ESMTP id 0129327259 for ; Wed, 13 Aug 2008 22:15:12 -0400 (EDT) >Received: from listserver.themacintoshguy.com (localhost [127.0.0.1]) by listserver.themacintoshguy.com (Postfix) with ESMTP id BACB4377735B; Wed, 13 Aug 2008 19:15:08 -0700 (PDT) >Received: from snipe.secure-computing.net (snipe.secure-computing.net [209.240.66.149]) by listserver.themacintoshguy.com (Postfix) with ESMTP id 4BB38377733F for ; Wed, 13 Aug 2008 19:15:02 -0700 (PDT) >Received: from [192.168.1.200] (hq.secure-computing.net [209.240.66.157]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: ecrist@secure-computing.net) by snipe.secure-computing.net (Postfix) with ESMTP id 049F52E042 for ; Wed, 13 Aug 2008 21:15:00 -0500 (CDT) I show zero activity between May 28 and Aug 13. There was another gap between May 9 and May 23. -- --> Marriage and kilo are troubled words. Turmoil results when centuries-old usage is altered in specialized jargon <--. From ecrist at secure-computing.net Fri Aug 15 15:18:00 2008 From: ecrist at secure-computing.net (Eric F Crist) Date: Fri Aug 15 16:14:41 2008 Subject: [X-Unix] Poke... In-Reply-To: References: <20080814195510.E1B4237ADF24@listserver.themacintoshguy.com> Message-ID: <1C65D1E7-3C37-4D8E-B7E7-D9F60270CAF0@secure-computing.net> On Aug 15, 2008, at 3:43 PM, Doug McNutt wrote: > At 21:14 -0500 8/13/08, Eric F Crist wrote, in his email headers: > > These headers indicate that the message we got left Eric's mail > system on 13 August. > >> Received: from listserver.themacintoshguy.com >> (listserver.themacintoshguy.com [68.178.107.253]) by >> mailwash42.pair.com (Postfix) with ESMTP id 0129327259 for > >; Wed, 13 Aug 2008 22:15:12 -0400 (EDT) > >> Received: from listserver.themacintoshguy.com (localhost >> [127.0.0.1]) by listserver.themacintoshguy.com (Postfix) with ESMTP >> id BACB4377735B; Wed, 13 Aug 2008 19:15:08 -0700 (PDT) > >> Received: from snipe.secure-computing.net (snipe.secure- >> computing.net [209.240.66.149]) by listserver.themacintoshguy.com >> (Postfix) with ESMTP id 4BB38377733F for > >; Wed, 13 Aug 2008 19:15:02 -0700 (PDT) > >> Received: from [192.168.1.200] (hq.secure-computing.net >> [209.240.66.157]) (using TLSv1 with cipher AES128-SHA (128/128 >> bits)) (No client certificate requested) (Authenticated sender: ecrist@secure-computing.net >> ) by snipe.secure-computing.net (Postfix) with ESMTP id 049F52E042 >> for ; Wed, 13 Aug 2008 >> 21:15:00 -0500 (CDT) > > > I show zero activity between May 28 and Aug 13. There was another > gap between May 9 and May 23. Wow. Postfix seems popular. :) --- Eric Crist From jerry at ieee.org Tue Aug 19 01:04:14 2008 From: jerry at ieee.org (Jerry Krinock) Date: Tue Aug 19 01:04:44 2008 Subject: [X-Unix] En/Decrypt Mismatch: Command-Line openssl vs. Perl's Crypt::OpenSSL::RSA Message-ID: I cannot get RSA-encrypted messages which I generate using Perl's Crypt::OpenSSL::RSA to decrypt using the openssl command-line tool. Attempting to cut the problem in half, I then did another experiment to see if these two tools would would generate the same signature. They don't. So I conclude that the problem is in the ENcrypting. I gave both encryptors (Crypt::OpenSSL::RSA and openssl command) the... Same message Same private key Same padding (PKCS1) Same digest (SHA1) Both running on same Macintosh, presumably using the same OpenSSL version 0.9.7l library in Mac OS X 10.5.4. Here are my commands/code and results, starting with the command-line: ############################################################### # Create a private key Jerrys-Mac-Mini: jk$ openssl genrsa -out Test248.private.pem Generating RSA private key, 512 bit long modulus .........++++++++++++ .............++++++++++++ e is 65537 (0x10001) # Create signature of message "Bonehead" using the key in file # Test248.private.pem, SHA1 digest and PKCS padding [1]: Jerrys-Mac-Mini: jk$ echo -n "Bonehead" \ | openssl dgst -sha1 -binary\ | openssl rsautl -pkcs -sign -inkey Test248.private.pem -hexdump 0000 - 8a c6 56 19 97 f5 e7 16-20 30 f2 2f 0e af 7c 28 0010 - df 9d cd 5a 0e b0 11 c1-cc bb f2 3b 03 87 f0 96 0020 - 0d ce b4 55 dc 69 81 bc-30 40 75 9d 74 b8 b7 bd 0030 - 3b 15 a0 5d c2 db ab 9a-8d d3 f2 4b 77 e1 e9 a1 ############################################################## Now I try to create the same signature using a perl script: ############################################################## #!/usr/local/bin/perl -w use strict ; use warnings ; use Crypt::OpenSSL::Random ; use Crypt::OpenSSL::RSA ; # Read in the key file just created my $private_key_string = "" ; my $key_path = "/Users/jk/Documents/SheepSystems/Keys/ Test248.private.pem" ; open (KEY_FILE, $key_path) ; while (my $line = ) { $private_key_string .= $line ; } close(KEY_FILE); print "Read key from file:\n$private_key_string\n" ; my $rsa_priv = Crypt::OpenSSL::RSA- >new_private_key($private_key_string); # Use same message, padding and digest as in the command-line test my $msg = "Bonehead" ; $rsa_priv->use_pkcs1_padding(); $rsa_priv->use_sha1_hash() ; my $signature = $rsa_priv->sign($msg); my $showHexSig = showHex($signature) ; print "signature of 'Bonehead':\n$showHexSig\n" ; # sub showHex is shown at the bottom of this message ############################################################## Running the above script, I get this: ############################################################## Read key from file: -----BEGIN RSA PRIVATE KEY----- MIIBOgIBAAJBALE2d5DpKbYxfIqv+6jYnW6DDvDyJFCdQt+s432GQsy8+ymL9DOR mPcRQfk1jas1pqtsy+GGUlYd4R1kxbBZb4UCAwEAAQJANqtw83ma7qQRoc9sucgp uUAhSd/JqDz7tnllrQHQdcyLMRSCBxvZ/i72YVixRRTHb1GVZ79iJWBmzh8ATLvj uQIhAOuYWu6Vkve+zQ4Cd5EGWpytY/Or/6ZXvQf3L9ELIB07AiEAwI+miVT8t22w Ge1IX+Q3L7lK2uBm97Pkwix9Wf7K2j8CIFUrQtQ1ZmgBpgeGhMr8zQ0O8a9JYqYz 2bZjefnMV9O5AiEAqSrKLKYcKm1To0NhLNUKYoPPLkCsVPqWgruhGDoOLfMCIE1E kpJF13Dtq3KQOsaCoXbL4vo350vkBUrSovu45/6p -----END RSA PRIVATE KEY----- signature of 'Bonehead': 64 bytes: 78 b3 43 22 4b 4b 86 7f 47 25 00 f1 62 a2 66 70 e6 7e 82 f2 7a b6 cf ff ab dd f1 8a ff 0d cf a1 b5 3d 60 dc ac 9f 6f 0c 83 b9 51 c9 ac fa 7d 15 0b cc 97 cf 99 e5 6b ee 41 f0 d1 35 a1 a0 c1 09 ############################################################## As you can see the two signatures are both 64 bytes long but do not match. What might I be missing? Thanks very much, Jerry Krinock [1] The reason I used PKCS padding (-pkcs) is because if I change it to -oaep in the command-line test, I get an error message: RSA operation error error:04066076:rsa routines:RSA_EAY_PRIVATE_ENCRYPT:unknown padding type:rsa_eay.c:360: which does not make sense because my version is: Jerrys-Mac-Mini:Keys jk$ openssl OpenSSL> version OpenSSL 0.9.7l 28 Sep 2006 and "RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() were added in OpenSSL 0.9.2b" according to documentation: http://openssl.org/docs/crypto/RSA_padding_add_PKCS1_type_1.html# [2] sub showHex { my $data = shift ; use bytes ; my $len = length($data) ; my $i ; my $show = "" ; for ($i=0; $i<$len; $i++) { my $value = ord(substr($data, $i, 1)) ; $show .= " " ; $show .= sprintf("%02x", $value) ; if ((($i+1) % 16) == 0) { $show .= "\n" ; } } return "$len bytes:\n$show" ; From jerry at ieee.org Wed Aug 20 13:59:22 2008 From: jerry at ieee.org (Jerry Krinock) Date: Wed Aug 20 13:59:50 2008 Subject: [X-Unix] En/Decrypt Mismatch: Command-Line openssl vs. Perl's Crypt::OpenSSL::RSA In-Reply-To: References: Message-ID: <51866F43-3853-4D4B-A4D3-82E50F504501@ieee.org> Well, I got this working, although I there are several things that don't seem to work they way they should. Summary: Must use perl function private_encrypt() instead of sign(), even though, to generate the same signature, the command-line tool must use -sign. Must use the SHA1 digest generated by command-line tool, since $rsa_priv- >use_sha1_hash() has no effect on private_encrypt(). I don't understand this well enough to say that these are bugs. More comments are in the code in case anyone is interested. Here are my revised commands/code and working results, starting with the command-line: ############################################################### # Create private key jk$ openssl genrsa -out Test248.private.pem Generating RSA private key, 512 bit long modulus .........++++++++++++ .............++++++++++++ e is 65537 (0x10001) # Create SHA1 digest of message "Bonehead". # The, write digest to file for later use by perl script. # Finally, sign the digest using the key in file Test248.private.pem # and PKCS padding. Why PKCS? See note [1]. echo -n "Bonehead" > clearMsg.txt openssl dgst -sha1 -binary -out msgDigest clearMsg.txt cat msgDigest | openssl rsautl -pkcs -sign -inkey Test248.private.pem - hexdump 0000 - 8a c6 56 19 97 f5 e7 16-20 30 f2 2f 0e af 7c 28 0010 - df 9d cd 5a 0e b0 11 c1-cc bb f2 3b 03 87 f0 96 0020 - 0d ce b4 55 dc 69 81 bc-30 40 75 9d 74 b8 b7 bd 0030 - 3b 15 a0 5d c2 db ab 9a-8d d3 f2 4b 77 e1 e9 a1 ### Now create the same signature using a Crypt::OpenSSL in Perl: ### #!/usr/local/bin/perl -w use strict ; use warnings ; use Crypt::OpenSSL::Random ; use Crypt::OpenSSL::RSA ; # Read in key from file my $private_key_string = "" ; my $key_path = "/Users/jk/Documents/SheepSystems/Keys/ Test248.private.pem" ; open (KEY_FILE, $key_path) ; while (my $line = ) { $private_key_string .= $line ; } close(KEY_FILE); my $rsa_priv = Crypt::OpenSSL::RSA- >new_private_key($private_key_string); $rsa_priv->use_pkcs1_padding() ; =com The above affects encrypting with the private key but does not affect signature generation. It is necessary when using the private_encrypt(). Without it, private_encrypt() will fail/error. I believe the problem is that OpenSSL does not support oaep padding for signing, which is what you're doing when you encrypt with the private key, despite doc to the contrary. See note [1]. =cut # $rsa_priv->use_sha1_hash() ; # The above has no effect on the output of the # private_encrypt() method. my $msgDigest ; my $msgDigest_path = "/Users/jk/Documents/SheepSystems/Keys/msgDigest" ; open (MSG_DIGEST_FH, $msgDigest_path) ; # SHA1 Digest is 20 bytes... read MSG_DIGEST_FH, $msgDigest, 20 ; close(MSG_DIGEST_FH) ; my $output = $rsa_priv->private_encrypt($msgDigest); # If you use sign() instead of private_encrypt() # above you get a different output. This does not make sense # to me because I thought that signing was the same as # encrypting with the private key. my $outputHex = showHex($output) ; print "$outputHex\n" ; # sub showHex [2] ### Running the above script, I get this: 64 bytes: 8a c6 56 19 97 f5 e7 16 20 30 f2 2f 0e af 7c 28 df 9d cd 5a 0e b0 11 c1 cc bb f2 3b 03 87 f0 96 0d ce b4 55 dc 69 81 bc 30 40 75 9d 74 b8 b7 bd 3b 15 a0 5d c2 db ab 9a 8d d3 f2 4b 77 e1 e9 a1 ### which matches the output from the command-line openssl. Thanks for reading. If anyone can explain some of the anomalies noted, let us know. Jerry [1] The reason I used PKCS padding (-pkcs) is because if I change it to -oaep in the command-line test, I get an error message. This does not make sense because the version on my Mac (OS X 10.5) is OpenSSL 0.9.7l. and "RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() were added in OpenSSL 0.9.2b" according to documentation: http://openssl.org/docs/crypto/RSA_padding_add_PKCS1_type_1.html# [2] See prior message