https://stackoverflow.com/questions/22480262
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianTo make the comments an answer...
There are two major reasons why signatures of the same data by the same private key may vary.
Signature algorithm induced variations
Certain signature algorithms, foremost DSA and ECDSA, explicitly base the signature creation on a randomly chosen value k. This "randomness" is required, the entropy, secrecy, and uniqueness of the random signature value k is critical. It is so critical that violating any one of those three requirements can reveal the entire private key to an attacker. Using the same value twice (even while keeping k secret), using a predictable value, or leaking even a few bits of k in each of several signatures, is enough to break the algorithm. The requirement can be fulfilled by an actually random k or by a k built in a deterministic way which also guarantees entropy, secrecy, and uniqueness, cf. RFC 6967.
The OP, though, refers to code which uses RSA. This algorithm does not require such a random parameter (even though padding schemes may include randomness).
Signature attribute induced variations
Another reason for variations is that the signed data include more than just the document data.
When talking about "signatures", often people do not merely mean the signing process byte array output but instead a signature container according to the CMS standard.
There may be multiple individual signatures in such a container, and each of them may have a number of unsigned or signed attributes. As the name "signed attributes" implies, the signature value calculation includes these attributes, too.
Very often these signed attributes include the signing time. As the signing time normally varies in different signing runs, the actual signature value varies, too.
The OP uses CMS signature containers. Thus, most likely this is the cause why the OP's signatures vary.
