payload: use correct option (pkcs and sha256) to sign the payload

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>

Author: tormath1

src/update_engine/payload_processor_unittest.cc

@@ -211,7 +211,7 @@ static void SignGeneratedShellPayload(SignatureTest signature_test,
   ScopedPathUnlinker sig_unlinker(sig_file);
   ASSERT_EQ(0,
             System(StringPrintf(
-                "openssl rsautl -raw -sign -inkey %s -in %s -out %s",
+                "openssl pkeyutl -sign -pkeyopt digest:sha256 -pkeyopt rsa_padding_mode:pkcs1 -inkey %s -in %s -out %s",
                 private_key_path.c_str(),
                 hash_file.c_str(),
                 sig_file.c_str())));
@@ -222,7 +222,7 @@ static void SignGeneratedShellPayload(SignatureTest signature_test,
       signature_test == kSignatureGeneratedShellRotateCl2) {
     ASSERT_EQ(0,
               System(StringPrintf(
-                  "openssl rsautl -raw -sign -inkey %s -in %s -out %s",
+                  "openssl pkeyutl -sign -pkeyopt digest:sha256 -pkeyopt rsa_padding_mode:pkcs1 -inkey %s -in %s -out %s",
                   kUnittestPrivateKey2Path,
                   hash_file.c_str(),
                   sig_file2.c_str())));

src/update_engine/payload_signer.cc

@@ -132,7 +132,7 @@ bool PayloadSigner::SignHash(const vector<char>& hash,
 
   // This runs on the server, so it's okay to cop out and call openssl
   // executable rather than properly use the library
-  vector<string> cmd = {"openssl", "rsautl", "-raw", "-sign",
+  vector<string> cmd = {"openssl", "pkeyutl", "-sign", "-pkeyopt", "digest:sha256", "-pkeyopt", "rsa_padding_mode:pkcs1",
                         "-inkey", private_key_path,
                         "-in", hash_path,
                         "-out", sig_path};