Sample code for 30+ languages & platforms
DataFlex

Duplicate openssl rsautl -sign -in small.dat -inkey private.pem -out rsautl.sig

See more OpenSSL Examples

Demonstrates how to duplicate this OpenSSL command:
openssl rsautl -sign -in small.dat -inkey private.pem -out rsautl.sig
The small.dat file is a small file that can contain text or binary data of any type. The "openssl rsautl" command is different than "openssl dgst -sign" because it signs the input data directly with the RSA algorithm. The "openssl dgst -sign" command first digests the input data and then signs the digest.

How much data can be signed with "openssl rsautl"? The maximum size (in bytes) is the key size minus the overhead for the padding. The overhead size depends on the padding. With OAEP padding, the overhead is 42 bytes. With the default PKCSv1.5 padding, the overhead is 11 bytes.

Given a 2048-bit RSA key (256 bytes) and using PKCSv1.5 padding, the max data size that can be signed is 256 - 11 = 245 bytes.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Variant vPkey
    Handle hoPkey
    Variant vBd
    Handle hoBd
    Handle hoRsa
    String sTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatPrivateKey)) To hoPkey
    If (Not(IsComObjectCreated(hoPkey))) Begin
        Send CreateComObject of hoPkey
    End

    // Load the private key from an PEM file:
    Get ComLoadPemFile Of hoPkey "private.pem" To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoPkey To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Load the file to be signed.
    Get Create (RefClass(cComChilkatBinData)) To hoBd
    If (Not(IsComObjectCreated(hoBd))) Begin
        Send CreateComObject of hoBd
    End
    Get ComLoadFile Of hoBd "small.dat" To iSuccess

    Get Create (RefClass(cComChilkatRsa)) To hoRsa
    If (Not(IsComObjectCreated(hoRsa))) Begin
        Send CreateComObject of hoRsa
    End
    Get pvComObject of hoPkey to vPkey
    Get ComUsePrivateKey Of hoRsa vPkey To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoRsa To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // OpenSSL uses big-endian.
    Set ComLittleEndian Of hoRsa To False

    // Sign bd.  If successful, bd will contain the RSA signature that contains the original data.
    Get pvComObject of hoBd to vBd
    Get ComSignRawBd Of hoRsa vBd To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoRsa To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Save the binary signature to a file.
    Get ComWriteFile Of hoBd "rsautl.sig" To iSuccess
    If (iSuccess <> True) Begin
        Showln "Failed to save output signature file."
        Procedure_Return
    End

    Showln "Success."


End_Procedure