man-pages/man1/rsautl.1ssl.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML><HEAD><TITLE>Man page of RSAUTL</TITLE>
</HEAD><BODY>
<H1>RSAUTL</H1>
Section: OpenSSL (1SSL)<BR>Updated: 2021-03-22<BR><A HREF="#index">Index</A>
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>






<A NAME="lbAB">&nbsp;</A>
<H2>NAME</H2>

openssl-rsautl, rsautl - RSA utility
<A NAME="lbAC">&nbsp;</A>
<H2>SYNOPSIS</H2>



<B>openssl</B> <B>rsautl</B>
[<B>-help</B>]
[<B>-in file</B>]
[<B>-out file</B>]
[<B>-inkey file</B>]
[<B>-keyform PEM|DER|ENGINE</B>]
[<B>-pubin</B>]
[<B>-certin</B>]
[<B>-sign</B>]
[<B>-verify</B>]
[<B>-encrypt</B>]
[<B>-decrypt</B>]
[<B>-rand file...</B>]
[<B>-writerand file</B>]
[<B>-pkcs</B>]
[<B>-ssl</B>]
[<B>-raw</B>]
[<B>-hexdump</B>]
[<B>-asn1parse</B>]
<A NAME="lbAD">&nbsp;</A>
<H2>DESCRIPTION</H2>



The <B>rsautl</B> command can be used to sign, verify, encrypt and decrypt
data using the <FONT SIZE="-1">RSA</FONT> algorithm.
<A NAME="lbAE">&nbsp;</A>
<H2>OPTIONS</H2>



<DL COMPACT>
<DT id="1"><B>-help</B><DD>


Print out a usage message.
<DT id="2"><B>-in filename</B><DD>


This specifies the input filename to read data from or standard input
if this option is not specified.
<DT id="3"><B>-out filename</B><DD>


Specifies the output filename to write to or standard output by
default.
<DT id="4"><B>-inkey file</B><DD>


The input key file, by default it should be an <FONT SIZE="-1">RSA</FONT> private key.
<DT id="5"><B>-keyform PEM|DER|ENGINE</B><DD>


The key format <FONT SIZE="-1">PEM, DER</FONT> or <FONT SIZE="-1">ENGINE.</FONT>
<DT id="6"><B>-pubin</B><DD>


The input file is an <FONT SIZE="-1">RSA</FONT> public key.
<DT id="7"><B>-certin</B><DD>


The input is a certificate containing an <FONT SIZE="-1">RSA</FONT> public key.
<DT id="8"><B>-sign</B><DD>


Sign the input data and output the signed result. This requires
an <FONT SIZE="-1">RSA</FONT> private key.
<DT id="9"><B>-verify</B><DD>


Verify the input data and output the recovered data.
<DT id="10"><B>-encrypt</B><DD>


Encrypt the input data using an <FONT SIZE="-1">RSA</FONT> public key.
<DT id="11"><B>-decrypt</B><DD>


Decrypt the input data using an <FONT SIZE="-1">RSA</FONT> private key.
<DT id="12"><B>-rand file...</B><DD>


A file or files containing random data used to seed the random number
generator.
Multiple files can be specified separated by an OS-dependent character.
The separator is <B>;</B> for MS-Windows, <B>,</B> for OpenVMS, and <B>:</B> for
all others.
<DT id="13">[<B>-writerand file</B>]<DD>


Writes random data to the specified <I>file</I> upon exit.
This can be used with a subsequent <B>-rand</B> flag.
<DT id="14"><B>-pkcs, -oaep, -ssl, -raw</B><DD>


The padding to use: PKCS#1 v1.5 (the default), PKCS#1 <FONT SIZE="-1">OAEP,</FONT>
special padding used in <FONT SIZE="-1">SSL</FONT> v2 backwards compatible handshakes,
or no padding, respectively.
For signatures, only <B>-pkcs</B> and <B>-raw</B> can be used.
<DT id="15"><B>-hexdump</B><DD>


Hex dump the output data.
<DT id="16"><B>-asn1parse</B><DD>


Parse the <FONT SIZE="-1">ASN.1</FONT> output data, this is useful when combined with the
<B>-verify</B> option.
</DL>
<A NAME="lbAF">&nbsp;</A>
<H2>NOTES</H2>



<B>rsautl</B> because it uses the <FONT SIZE="-1">RSA</FONT> algorithm directly can only be
used to sign or verify small pieces of data.
<A NAME="lbAG">&nbsp;</A>
<H2>EXAMPLES</H2>



Sign some data using a private key:
<P>



<PRE>
 openssl rsautl -sign -in file -inkey key.pem -out sig

</PRE>


<P>

Recover the signed data
<P>



<PRE>
 openssl rsautl -verify -in sig -inkey key.pem

</PRE>


<P>

Examine the raw signed data:
<P>



<PRE>
 openssl rsautl -verify -in sig -inkey key.pem -raw -hexdump

 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64   .....hello world

</PRE>


<P>

The PKCS#1 block formatting is evident from this. If this was done using
encrypt and decrypt the block would have been of type 2 (the second byte)
and random padding data visible instead of the 0xff bytes.
<P>

It is possible to analyse the signature of certificates using this
utility in conjunction with <B>asn1parse</B>. Consider the self signed
example in certs/pca-cert.pem . Running <B>asn1parse</B> as follows yields:
<P>



<PRE>
 openssl asn1parse -in pca-cert.pem

    0:d=0  hl=4 l= 742 cons: SEQUENCE
    4:d=1  hl=4 l= 591 cons:  SEQUENCE
    8:d=2  hl=2 l=   3 cons:   cont [ 0 ]
   10:d=3  hl=2 l=   1 prim:    INTEGER           :02
   13:d=2  hl=2 l=   1 prim:   INTEGER           :00
   16:d=2  hl=2 l=  13 cons:   SEQUENCE
   18:d=3  hl=2 l=   9 prim:    OBJECT            :md5WithRSAEncryption
   29:d=3  hl=2 l=   0 prim:    NULL
   31:d=2  hl=2 l=  92 cons:   SEQUENCE
   33:d=3  hl=2 l=  11 cons:    SET
   35:d=4  hl=2 l=   9 cons:     SEQUENCE
   37:d=5  hl=2 l=   3 prim:      OBJECT            :countryName
   42:d=5  hl=2 l=   2 prim:      PRINTABLESTRING   :AU
  ....
  599:d=1  hl=2 l=  13 cons:  SEQUENCE
  601:d=2  hl=2 l=   9 prim:   OBJECT            :md5WithRSAEncryption
  612:d=2  hl=2 l=   0 prim:   NULL
  614:d=1  hl=3 l= 129 prim:  BIT STRING

</PRE>


<P>

The final <FONT SIZE="-1">BIT STRING</FONT> contains the actual signature. It can be extracted with:
<P>



<PRE>
 openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614

</PRE>


<P>

The certificate public key can be extracted with:
<P>



<PRE>
 openssl x509 -in test/testx509.pem -pubkey -noout &gt;pubkey.pem

</PRE>


<P>

The signature can be analysed with:
<P>



<PRE>
 openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin

    0:d=0  hl=2 l=  32 cons: SEQUENCE
    2:d=1  hl=2 l=  12 cons:  SEQUENCE
    4:d=2  hl=2 l=   8 prim:   OBJECT            :md5
   14:d=2  hl=2 l=   0 prim:   NULL
   16:d=1  hl=2 l=  16 prim:  OCTET STRING
      0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5   .F...Js.7...H%..

</PRE>


<P>

This is the parsed version of an <FONT SIZE="-1">ASN1</FONT> DigestInfo structure. It can be seen that
the digest used was md5. The actual part of the certificate that was signed can
be extracted with:
<P>



<PRE>
 openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4

</PRE>


<P>

and its digest computed with:
<P>



<PRE>
 openssl md5 -c tbs
 MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5

</PRE>


<P>

which it can be seen agrees with the recovered value above.
<A NAME="lbAH">&nbsp;</A>
<H2>SEE ALSO</H2>



<B><A HREF="/cgi-bin/man/man2html?1+dgst">dgst</A></B>(1), <B><A HREF="/cgi-bin/man/man2html?1+rsa">rsa</A></B>(1), <B><A HREF="/cgi-bin/man/man2html?1+genrsa">genrsa</A></B>(1)
<A NAME="lbAI">&nbsp;</A>
<H2>COPYRIGHT</H2>



Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
<P>

Licensed under the OpenSSL license (the ``License'').  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file <FONT SIZE="-1">LICENSE</FONT> in the source distribution or at
&lt;<A HREF="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</A>&gt;.
<P>

<HR>
<A NAME="index">&nbsp;</A><H2>Index</H2>
<DL>
<DT id="17"><A HREF="#lbAB">NAME</A><DD>
<DT id="18"><A HREF="#lbAC">SYNOPSIS</A><DD>
<DT id="19"><A HREF="#lbAD">DESCRIPTION</A><DD>
<DT id="20"><A HREF="#lbAE">OPTIONS</A><DD>
<DT id="21"><A HREF="#lbAF">NOTES</A><DD>
<DT id="22"><A HREF="#lbAG">EXAMPLES</A><DD>
<DT id="23"><A HREF="#lbAH">SEE ALSO</A><DD>
<DT id="24"><A HREF="#lbAI">COPYRIGHT</A><DD>
</DL>
<HR>
This document was created by
<A HREF="/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 00:05:26 GMT, March 31, 2021
</BODY>
</HTML>