openSSL signs

I’ve wrote a simple script to sign and verify some text and generate a
PKCS7 using OpenSSL.

require ‘openssl’
include OpenSSL

data = ‘abcdefghijklmnsopqrstuvwxyz\n’

cert = X509::Certificate.new( File::read(“my_cert.pem”) )
prv_key = PKey::RSA.new( File::read(“key_prv.pem”) )

store = X509::Store.new
store.add_cert(cert)

#gen sign
p7 = PKCS7.sign(cert,prv_key,data)

#verify sign
puts “verified: #{p7.verify([cert],store,data,0)}”

executed, the result is:

verified: true

but changing the data variable from sigle quoted to double quoted:

data = “abcdefghijklmnsopqrstuvwxyz\n”

the answer is:

verified: false

i know that escaped characters are treated diferently within double
quoted strings, but i sign and verify the same data in both cases.
¿what’s happen?

this is the content of the file ‘my_cert.pem’
-----BEGIN CERTIFICATE-----
MIIDDjCCAfYCAQEwDQYJKoZIhvcNAQEFBQAwTTELMAkGA1UEBhMCRVMxDzANBgNV
BAgMBk1hZHJpZDEtMCsGA1UEAwwkTklGIC0gMDk3NTkwMDZLIE5PTUJSRSAtIFJB
VE8gREEgTFVBMB4XDTA2MTEyOTE4MzM0M1oXDTA4MTEyOTE4MzM0M1owTTELMAkG
A1UEBhMCRVMxDzANBgNVBAgMBk1hZHJpZDEtMCsGA1UEAwwkTklGIC0gMDk3NTkw
MDZLIE5PTUJSRSAtIFJBVE8gREEgTFVBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEArlOHgLZa/7xnDbRMADjv7pdSFmSxuUXjhCH9Rn6NLblRkPcxfdJh
BHleGF9cB00y1SNoN3JzxQ+Wg+lsOteRJGjXcP8weywQtCczKt2Pr9z4kPSq173Z
AyLx0pdRowqNvvDXh2HnH6MHzJVqtEOoSTKfQU7p+8c80mgkkx3U5ijctr64fY7W
bUd1zy9o1AMNLda/CudG9m8+qo6VVlGdizcNkJQGz6GW1FdAHab7xCwzqrDvdkHS
dkWou7YSLuY4t+RG6bxhDccckPhxt2ZVShwvCZIDSkOHG9Hqb8ji8UxGX+3gLTM8
pnPfiEvhw/EOtHQl1ZsG9Fr3wxmyWqUAiQIDAQABMA0GCSqGSIb3DQEBBQUAA4IB
AQCSLRyUjFfErk92MKdjRwIHv3OtBSH55YsKuYViwlutqX18BASJWrrLnMsbI4t3
WlZDKrp57luoeTuTVOciS7+PgvozhZiIANqUs0MScjIiwWSTYon7XRAhlrdrmnFr
GciqfvXIgVifH7Az9/5Evh//oQtwc4ubvag3vjBZD83qmNpmF6u27czcfEuOAR3+
JMx4rciXnHQfzyl+0Hqsg+5B5yveKn/VPdYab4waAmLD4tKGBumxfiWWcdp82/BY
LaAbbVkX8Kux5PFxPT62kICmrVZABtZBzbf0wYNS6zjnq3uAC5xDbyqk5zKb1cwN
9kXTJLBRlMAy/qLGRwqAwO6U
-----END CERTIFICATE-----

and ‘prv_key.pem’
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA2jLsuD6gUhbfqOjY/cIEp9vnta2oaWpqMD9mcZ6jWckwM8Q0
xzPfW/spfvYDCxxPMyh6s7xoXNNv1pku64WeWqjunNKKQsGvOsW11uR9X0Z6+tMI
DvTLrXtgkm6AgPcYWiakJ9uCGLumRGXq5aggw5IytSGjNgVZLho97hLn4GXWRml6
ABf+2T8UJgP5QPA+TsKhmX6qQK/+WRplUBVfxZd4P8SAaOP3vpATScU4/QSgHprx
Y+kfEc1DB6Is5Tq5mg//EdEcjLrvlfov+GD8nybQ1pnO/2Lbj6bRxRlNUzMemKSP
k1vxUXwi9cmtSEuXEryWJmr0k68sUSVfOE1VqQIDAQABAoIBAQCmKDVfMEGBgW2c
AISM6FwHP0w5ax5d9+0ZBI6MYxNdYflU0kqmjve94Yr95XT31vzwphiaGhUW6uO1
dTznmP63ZwEdZq5mm3tGtBv+okxeaxtnOaBfU0Zuuw8VMxSkIIXo0JgcyelN0EeS
ulGfxOH+S6xVhmH01ynME6upSbhNhZZBr2qG770s8JwT6FqB9BvdvGTtj3TadojN
H2D2ZhcrQLuwrqZR9CKbwC/nhDEMMwtJoEbmN8NLBJoOSMtJqPuDOKd5yfrpt9g+
vt9TdbvoLKnrpdtPxAHRK2SAIvZNgUL41bq7WLkK1mvFPI4W6MclPqUR0kjfpVK7
cB9SmippAoGBAP3MRI+AUI6IPCZxbWW4fodXcYtO020l22SRmdNtnlxQrZKB5Orb
SGiw446dHLFIzlRNI7RGcV7ccZNzYp9RXt0wrIL00wPT+7Qpj0vbdAhT4B4OKUke
W13nMzmHNz3B60+4VKvcbAmEmX6bli2XN75rYNeas3OYLWJIIPZTUzNvAoGBANwX
lbx+o4+6FpHh1FXH38w8AFfUB02siTgfduUZTj7MvnHLUlGk0nQP0wNLzMX0jtDg
s/s09+mPQsVTAU1HwQmFTaOj1+sMgpw043fVsz/AZ01JRt2Gq0Bx8A/jURrm0H16
gWxvQh8UYpJ7gEsDVQC0tO/cGgUseTsj1KN7RJxnAoGBAPI9+x6hEcLJo+fpkcpq
a1KREw4tgb4HST3Xf2R/l4xzcQiKtM252YYbeEeSDGXmoRFzw2V5axJpBHsBwhtg
1lP29mHUfmiD+BZBKMX1w+2C6UKmr59bu0eIuqrpNb/bjNc9kIutSu1WxA9FP/Vq
BUnaQcfon+nwUTkisVuLsrk/AoGBAMPO79atTFMYme/b3I8crc0ELMH2zzCZqdMW
my6j3uscOOsAmxIr81hyo6cxDtOnClBnOXjq3Q0b+amYeXYJuoH/6N0HbZeen6zd
mOoKY9j6Em2+HaAEqeNB+vQHpyap5x9bmD2ilk8UUcZEvhT+t+dS3g7v4O5tbMXi
0NFJX/dNAoGAQ/0dS8xZrQDcIGIxwa71nCr2ql8i/RjkzYdyieEpSI5AAJxY2xpr
nV2qfPz8pnAodc3Q9zxHxaPdUS1V+rPBfVRic3YUfcuK0f0nUMfFJxJ4A6a4sYV+
E8PFHHHb9D+i0MxCLlfhUhNNJCWr/KKcUuqvPOzC01ZcF93qJO7pBkA=
-----END RSA PRIVATE KEY-----

Thanks
jfglez

On 30 Nov 2006, at 18:36, Jose francisco Gonzalez carmona wrote:

data = ‘abcdefghijklmnsopqrstuvwxyz\n’

[snip]

quoted strings, but i sign and verify the same data in both cases.
¿what’s happen?

It’s not quite the same data in both cases. The \n is treated
differently as you mentioned and this difference makes the whole
string different.

In IRB:

puts ‘abc\n’
abc\n
=> nil

puts “abc\n”
abc
=> nil

‘abc\n’.length
=> 5

“abc\n”.length
=> 4

Regards,
Andy S.