1 .\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.41)
4 .\" ========================================================================
5 .de Sp \" Vertical space (when we can't use .PP)
9 .de Vb \" Begin verbatim text
14 .de Ve \" End verbatim text
18 .\" Set up some character translations and predefined strings. \*(-- will
19 .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
20 .\" double quote, and \*(R" will give a right double quote. \*(C+ will
21 .\" give a nicer C++. Capital omega is used to do unbreakable dashes and
22 .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
23 .\" nothing in troff, for use with C<>.
25 .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
29 . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30 . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
45 .\" Escape single quotes in literal strings from groff's Unicode transform.
49 .\" If the F register is >0, we'll generate index entries on stderr for
50 .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
51 .\" entries marked with X<> in POD. Of course, you'll have to process the
52 .\" output yourself in some meaningful fashion.
54 .\" Avoid warning from groff about undefined register 'F'.
58 .if \n(.g .if rF .nr rF 1
59 .if (\n(rF:(\n(.g==0)) \{\
62 . tm Index:\\$1\t\\n%\t"\\$2"
72 .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
73 .\" Fear. Run. Save yourself. No user-serviceable parts.
74 . \" fudge factors for nroff and troff
83 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
89 . \" simple accents for nroff and troff
99 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
100 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
101 . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
102 . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
103 . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
104 . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
106 . \" troff and (daisy-wheel) nroff accents
107 .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
108 .ds 8 \h'\*(#H'\(*b\h'-\*(#H'
109 .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
110 .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
111 .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
112 .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
113 .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
114 .ds ae a\h'-(\w'a'u*4/10)'e
115 .ds Ae A\h'-(\w'A'u*4/10)'E
116 . \" corrections for vroff
117 .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
118 .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
119 . \" for low resolution devices (crt and lpr)
120 .if \n(.H>23 .if \n(.V>19 \
133 .\" ========================================================================
136 .TH RSAUTL 1 "2020-12-08" "1.1.1i" "OpenSSL"
137 .\" For nroff, turn off justification. Always turn off hyphenation; it makes
138 .\" way too many mistakes in technical documents.
142 openssl\-rsautl, rsautl \- RSA utility
144 .IX Header "SYNOPSIS"
145 \&\fBopenssl\fR \fBrsautl\fR
150 [\fB\-keyform PEM|DER|ENGINE\fR]
157 [\fB\-rand file...\fR]
158 [\fB\-writerand file\fR]
165 .IX Header "DESCRIPTION"
166 The \fBrsautl\fR command can be used to sign, verify, encrypt and decrypt
167 data using the \s-1RSA\s0 algorithm.
172 Print out a usage message.
173 .IP "\fB\-in filename\fR" 4
174 .IX Item "-in filename"
175 This specifies the input filename to read data from or standard input
176 if this option is not specified.
177 .IP "\fB\-out filename\fR" 4
178 .IX Item "-out filename"
179 Specifies the output filename to write to or standard output by
181 .IP "\fB\-inkey file\fR" 4
182 .IX Item "-inkey file"
183 The input key file, by default it should be an \s-1RSA\s0 private key.
184 .IP "\fB\-keyform PEM|DER|ENGINE\fR" 4
185 .IX Item "-keyform PEM|DER|ENGINE"
186 The key format \s-1PEM, DER\s0 or \s-1ENGINE.\s0
187 .IP "\fB\-pubin\fR" 4
189 The input file is an \s-1RSA\s0 public key.
190 .IP "\fB\-certin\fR" 4
192 The input is a certificate containing an \s-1RSA\s0 public key.
195 Sign the input data and output the signed result. This requires
196 an \s-1RSA\s0 private key.
197 .IP "\fB\-verify\fR" 4
199 Verify the input data and output the recovered data.
200 .IP "\fB\-encrypt\fR" 4
202 Encrypt the input data using an \s-1RSA\s0 public key.
203 .IP "\fB\-decrypt\fR" 4
205 Decrypt the input data using an \s-1RSA\s0 private key.
206 .IP "\fB\-rand file...\fR" 4
207 .IX Item "-rand file..."
208 A file or files containing random data used to seed the random number
210 Multiple files can be specified separated by an OS-dependent character.
211 The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
213 .IP "[\fB\-writerand file\fR]" 4
214 .IX Item "[-writerand file]"
215 Writes random data to the specified \fIfile\fR upon exit.
216 This can be used with a subsequent \fB\-rand\fR flag.
217 .IP "\fB\-pkcs, \-oaep, \-ssl, \-raw\fR" 4
218 .IX Item "-pkcs, -oaep, -ssl, -raw"
219 The padding to use: PKCS#1 v1.5 (the default), PKCS#1 \s-1OAEP,\s0
220 special padding used in \s-1SSL\s0 v2 backwards compatible handshakes,
221 or no padding, respectively.
222 For signatures, only \fB\-pkcs\fR and \fB\-raw\fR can be used.
223 .IP "\fB\-hexdump\fR" 4
225 Hex dump the output data.
226 .IP "\fB\-asn1parse\fR" 4
227 .IX Item "-asn1parse"
228 Parse the \s-1ASN.1\s0 output data, this is useful when combined with the
229 \&\fB\-verify\fR option.
232 \&\fBrsautl\fR because it uses the \s-1RSA\s0 algorithm directly can only be
233 used to sign or verify small pieces of data.
235 .IX Header "EXAMPLES"
236 Sign some data using a private key:
239 \& openssl rsautl \-sign \-in file \-inkey key.pem \-out sig
242 Recover the signed data
245 \& openssl rsautl \-verify \-in sig \-inkey key.pem
248 Examine the raw signed data:
251 \& openssl rsautl \-verify \-in sig \-inkey key.pem \-raw \-hexdump
253 \& 0000 \- 00 01 ff ff ff ff ff ff\-ff ff ff ff ff ff ff ff ................
254 \& 0010 \- ff ff ff ff ff ff ff ff\-ff ff ff ff ff ff ff ff ................
255 \& 0020 \- ff ff ff ff ff ff ff ff\-ff ff ff ff ff ff ff ff ................
256 \& 0030 \- ff ff ff ff ff ff ff ff\-ff ff ff ff ff ff ff ff ................
257 \& 0040 \- ff ff ff ff ff ff ff ff\-ff ff ff ff ff ff ff ff ................
258 \& 0050 \- ff ff ff ff ff ff ff ff\-ff ff ff ff ff ff ff ff ................
259 \& 0060 \- ff ff ff ff ff ff ff ff\-ff ff ff ff ff ff ff ff ................
260 \& 0070 \- ff ff ff ff 00 68 65 6c\-6c 6f 20 77 6f 72 6c 64 .....hello world
263 The PKCS#1 block formatting is evident from this. If this was done using
264 encrypt and decrypt the block would have been of type 2 (the second byte)
265 and random padding data visible instead of the 0xff bytes.
267 It is possible to analyse the signature of certificates using this
268 utility in conjunction with \fBasn1parse\fR. Consider the self signed
269 example in certs/pca\-cert.pem . Running \fBasn1parse\fR as follows yields:
272 \& openssl asn1parse \-in pca\-cert.pem
274 \& 0:d=0 hl=4 l= 742 cons: SEQUENCE
275 \& 4:d=1 hl=4 l= 591 cons: SEQUENCE
276 \& 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
277 \& 10:d=3 hl=2 l= 1 prim: INTEGER :02
278 \& 13:d=2 hl=2 l= 1 prim: INTEGER :00
279 \& 16:d=2 hl=2 l= 13 cons: SEQUENCE
280 \& 18:d=3 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption
281 \& 29:d=3 hl=2 l= 0 prim: NULL
282 \& 31:d=2 hl=2 l= 92 cons: SEQUENCE
283 \& 33:d=3 hl=2 l= 11 cons: SET
284 \& 35:d=4 hl=2 l= 9 cons: SEQUENCE
285 \& 37:d=5 hl=2 l= 3 prim: OBJECT :countryName
286 \& 42:d=5 hl=2 l= 2 prim: PRINTABLESTRING :AU
288 \& 599:d=1 hl=2 l= 13 cons: SEQUENCE
289 \& 601:d=2 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption
290 \& 612:d=2 hl=2 l= 0 prim: NULL
291 \& 614:d=1 hl=3 l= 129 prim: BIT STRING
294 The final \s-1BIT STRING\s0 contains the actual signature. It can be extracted with:
297 \& openssl asn1parse \-in pca\-cert.pem \-out sig \-noout \-strparse 614
300 The certificate public key can be extracted with:
303 \& openssl x509 \-in test/testx509.pem \-pubkey \-noout >pubkey.pem
306 The signature can be analysed with:
309 \& openssl rsautl \-in sig \-verify \-asn1parse \-inkey pubkey.pem \-pubin
311 \& 0:d=0 hl=2 l= 32 cons: SEQUENCE
312 \& 2:d=1 hl=2 l= 12 cons: SEQUENCE
313 \& 4:d=2 hl=2 l= 8 prim: OBJECT :md5
314 \& 14:d=2 hl=2 l= 0 prim: NULL
315 \& 16:d=1 hl=2 l= 16 prim: OCTET STRING
316 \& 0000 \- f3 46 9e aa 1a 4a 73 c9\-37 ea 93 00 48 25 08 b5 .F...Js.7...H%..
319 This is the parsed version of an \s-1ASN1\s0 DigestInfo structure. It can be seen that
320 the digest used was md5. The actual part of the certificate that was signed can
324 \& openssl asn1parse \-in pca\-cert.pem \-out tbs \-noout \-strparse 4
327 and its digest computed with:
330 \& openssl md5 \-c tbs
331 \& MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5
334 which it can be seen agrees with the recovered value above.
336 .IX Header "SEE ALSO"
337 \&\fBdgst\fR\|(1), \fBrsa\fR\|(1), \fBgenrsa\fR\|(1)
339 .IX Header "COPYRIGHT"
340 Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
342 Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
343 this file except in compliance with the License. You can obtain a copy
344 in the file \s-1LICENSE\s0 in the source distribution or at
345 <https://www.openssl.org/source/license.html>.