'Shell script running Openssl command fails with ProcessBuilder

I have the following shell script

Script

#! /bin/sh

set -ex

cp /tmp/untouched_input_backup /tmp/untouched_input
#sign the digest

cp /tmp/untouched_input_backup /tmp/untouched_input
openssl dgst -sha256 -sign /usr/local/abc/digest-signing/scripts/keys/fake/dev/nid_image_ecc384_fakepriv.pem -out "/tmp/untouched_output" -engine cloudhsm "/tmp/untouched_input"

openssl dgst -sha256 -verify /tmp/publickey.pem  -signature /tmp/untouched_output /tmp/untouched_input

When I run the command manually, it works fine and I see this

Output

+ cp /tmp/untouched_input_backup /tmp/untouched_input
+ cp /tmp/untouched_input_backup /tmp/untouched_input
+ openssl dgst -sha256 -sign /usr/local/abc/digest-signing/scripts/keys/fake/dev/nid_image_ecc384_fakepriv.pem -out /tmp/untouched_output -engine cloudhsm /tmp/untouched_input
engine "cloudhsm" set.
+ openssl dgst -sha256 -verify /tmp/publickey.pem -signature /tmp/untouched_output /tmp/untouched_input
Verified OK

But when I use the process builder java library to execute the same shell, I see "Verification Failure error"

Code

processBuilder = processBuilder.command("sh", script);

File dir = new File(signingToolLocation);
processBuilder = processBuilder.directory(dir);

logger.info("Executing command is " + processBuilder.command().toString());
Process process = processBuilder.start();

BufferedReader stdOutReader = new BufferedReader(new InputStreamReader(process.getInputStream()));
String line;
while ((line = stdOutReader.readLine()) != null) {
    log.append(line).append("\n");
    logger.info(line);
}

BufferedReader errorReader = new BufferedReader(new InputStreamReader(process.getErrorStream()));
String errLine;
while ((errLine = errorReader.readLine()) != null) {
log.append(errLine).append("\n");
logger.error(errLine);
}

int exitVal = process.waitFor();
if (exitVal == 0) {
return new Response(log.toString(), Boolean.TRUE);
} else {
logger.error("Error during running  tool exist status " + exitVal);
}

Output

Verification Failure

I am not sure what's happening here. Should I set some specific options in ProcessBuilder to make this work ?



Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source