Openssl无法验证Azure Key保管库的签名。签名是使用下面的代码生成的
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hash = digest.digest(secureContent.getBytes(StandardCharsets.UTF_8));
KeyOperationResult signedResult = config.getKeyVaultClient().sign(props.getUrl(), props.getKeyName(), props.getKeyVersion(),
JsonWebKeySignatureAlgorithm.ES256, hash);
digitalSignature = signedResult.result();
但是使用openSSL进行验证工作
openssl dgst -sha256 -sign key.pem data.txt | openssl enc -base64 -A > signature.txt
openssl enc -base64 -d -in signature.txt -out signature.bin -A
openssl dgst -sha256 -verify pubkey.pem -signature signature.bin data.txt