Multiple OpenSSL RSA signing methods produce different results

Question

Trying to wrap my head around signing and use/test various options.

I can sign using this command:

openssl dgst -sha256 -sign private_key.pem -binary         


        

Answer 1

Dupe: Difference between openSSL rsautl and dgst
Closely related:
Why are the RSA-SHA256 signatures I generate with OpenSSL and Java different?
Different signatures when using C routines and openssl dgst, rsautl commands
Signing 20-byte message with 256-bit RSA key working with openssl.exe but not in code
Crossdupe: https://superuser.com/questions/943972/what-is-the-difference-between-openssl-pkeyutl-sign-and-openssl-rsautl-sign

TLDR: dgst -sign for RSA does the full RSASSA-PKCS1-v1_5: hash the data, encode the hash in ASN.1, pad the result, and modexp d. rsautl -sign does only the last two and dgst by itself only the first, thus skipping the encode producing a different and nonstandard signature. dgst (or your own hash) then pkeyutl -sign with an RSA key and -pkeyopt digest:name_of_digest (important!) also works and answers your real question.