2000-09-06 06:30:38 +08:00
|
|
|
=pod
|
2019-10-31 11:35:08 +08:00
|
|
|
{- OpenSSL::safe::output_do_not_edit_headers(); -}
|
2019-10-13 05:45:56 +08:00
|
|
|
|
2000-09-06 06:30:38 +08:00
|
|
|
=head1 NAME
|
|
|
|
|
2019-08-22 07:04:41 +08:00
|
|
|
openssl-rsautl - RSA utility
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
|
|
|
B<openssl> B<rsautl>
|
2016-02-06 00:58:45 +08:00
|
|
|
[B<-help>]
|
2019-09-26 03:20:11 +08:00
|
|
|
[B<-in> I<file>]
|
|
|
|
[B<-out> I<file>]
|
|
|
|
[B<-inkey> I<file>]
|
|
|
|
[B<-keyform> B<DER>|B<PEM>|B<ENGINE>]
|
2000-09-06 06:30:38 +08:00
|
|
|
[B<-pubin>]
|
|
|
|
[B<-certin>]
|
|
|
|
[B<-sign>]
|
|
|
|
[B<-verify>]
|
|
|
|
[B<-encrypt>]
|
|
|
|
[B<-decrypt>]
|
|
|
|
[B<-pkcs>]
|
|
|
|
[B<-ssl>]
|
|
|
|
[B<-raw>]
|
|
|
|
[B<-hexdump>]
|
|
|
|
[B<-asn1parse>]
|
2019-10-13 05:45:56 +08:00
|
|
|
{- $OpenSSL::safe::opt_r_synopsis -}
|
2000-09-06 06:30:38 +08:00
|
|
|
|
2019-10-11 23:52:12 +08:00
|
|
|
=for openssl ifdef engine
|
2019-09-23 07:49:25 +08:00
|
|
|
|
2000-09-06 06:30:38 +08:00
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
Command docs: fix up command references
Almost all OpenSSL commands are in reality 'openssl cmd', so make sure
they are refered to like that and not just as the sub-command.
Self-references are avoided as much as is possible, and replaced with
"this command". In some cases, we even avoid that with a slight
rewrite of the sentence or paragrah they were in. However, in the few
cases where a self-reference is still admissible, they are done in
bold, i.e. openssl-speed.pod references itself like this:
B<openssl speed>
References to other commands are done as manual links, i.e. CA.pl.pod
references 'openssl req' like this: L<openssl-req(1)>
Some commands are examples rather than references; we enclose those in
C<>.
While we are it, we abolish "utility", replacing it with "command", or
remove it entirely in some cases.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10065)
2019-10-02 01:43:36 +08:00
|
|
|
This command can be used to sign, verify, encrypt and decrypt
|
2000-09-06 06:30:38 +08:00
|
|
|
data using the RSA algorithm.
|
|
|
|
|
2016-12-13 00:14:40 +08:00
|
|
|
=head1 OPTIONS
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
2016-02-06 00:58:45 +08:00
|
|
|
=item B<-help>
|
|
|
|
|
|
|
|
Print out a usage message.
|
|
|
|
|
2019-09-26 03:20:11 +08:00
|
|
|
=item B<-in> I<filename>
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
This specifies the input filename to read data from or standard input
|
|
|
|
if this option is not specified.
|
|
|
|
|
2019-09-26 03:20:11 +08:00
|
|
|
=item B<-out> I<filename>
|
2000-09-06 06:30:38 +08:00
|
|
|
|
2017-03-30 05:38:30 +08:00
|
|
|
Specifies the output filename to write to or standard output by
|
2000-09-06 06:30:38 +08:00
|
|
|
default.
|
|
|
|
|
2019-09-26 03:20:11 +08:00
|
|
|
=item B<-inkey> I<file>
|
2000-09-06 06:30:38 +08:00
|
|
|
|
2017-03-30 05:38:30 +08:00
|
|
|
The input key file, by default it should be an RSA private key.
|
2000-09-06 06:30:38 +08:00
|
|
|
|
2019-09-26 03:20:11 +08:00
|
|
|
=item B<-keyform> B<DER>|B<PEM>|B<ENGINE>
|
2016-02-02 13:37:41 +08:00
|
|
|
|
2019-10-10 09:48:33 +08:00
|
|
|
The key format; the default is B<PEM>.
|
|
|
|
See L<openssl(1)/Format Options> for details.
|
2016-02-02 13:37:41 +08:00
|
|
|
|
2000-09-06 06:30:38 +08:00
|
|
|
=item B<-pubin>
|
|
|
|
|
2017-03-30 05:38:30 +08:00
|
|
|
The input file is an RSA public key.
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
=item B<-certin>
|
|
|
|
|
2017-03-30 05:38:30 +08:00
|
|
|
The input is a certificate containing an RSA public key.
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
=item B<-sign>
|
|
|
|
|
2017-03-30 05:38:30 +08:00
|
|
|
Sign the input data and output the signed result. This requires
|
2015-10-29 06:31:06 +08:00
|
|
|
an RSA private key.
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
=item B<-verify>
|
|
|
|
|
2017-03-30 05:38:30 +08:00
|
|
|
Verify the input data and output the recovered data.
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
=item B<-encrypt>
|
|
|
|
|
2017-03-30 05:38:30 +08:00
|
|
|
Encrypt the input data using an RSA public key.
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
=item B<-decrypt>
|
|
|
|
|
2017-03-30 05:38:30 +08:00
|
|
|
Decrypt the input data using an RSA private key.
|
2000-09-06 06:30:38 +08:00
|
|
|
|
2019-10-02 23:13:03 +08:00
|
|
|
=item B<-pkcs>, B<-oaep>, B<-ssl>, B<-raw>
|
2000-09-06 06:30:38 +08:00
|
|
|
|
2017-03-30 05:38:30 +08:00
|
|
|
The padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP,
|
2000-09-06 19:49:43 +08:00
|
|
|
special padding used in SSL v2 backwards compatible handshakes,
|
|
|
|
or no padding, respectively.
|
|
|
|
For signatures, only B<-pkcs> and B<-raw> can be used.
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
=item B<-hexdump>
|
|
|
|
|
2017-03-30 05:38:30 +08:00
|
|
|
Hex dump the output data.
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
=item B<-asn1parse>
|
|
|
|
|
2017-03-30 05:38:30 +08:00
|
|
|
Parse the ASN.1 output data, this is useful when combined with the
|
2000-09-06 06:30:38 +08:00
|
|
|
B<-verify> option.
|
|
|
|
|
2019-10-13 05:45:56 +08:00
|
|
|
{- $OpenSSL::safe::opt_r_item -}
|
|
|
|
|
2000-09-06 06:30:38 +08:00
|
|
|
=back
|
|
|
|
|
|
|
|
=head1 NOTES
|
|
|
|
|
Command docs: fix up command references
Almost all OpenSSL commands are in reality 'openssl cmd', so make sure
they are refered to like that and not just as the sub-command.
Self-references are avoided as much as is possible, and replaced with
"this command". In some cases, we even avoid that with a slight
rewrite of the sentence or paragrah they were in. However, in the few
cases where a self-reference is still admissible, they are done in
bold, i.e. openssl-speed.pod references itself like this:
B<openssl speed>
References to other commands are done as manual links, i.e. CA.pl.pod
references 'openssl req' like this: L<openssl-req(1)>
Some commands are examples rather than references; we enclose those in
C<>.
While we are it, we abolish "utility", replacing it with "command", or
remove it entirely in some cases.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10065)
2019-10-02 01:43:36 +08:00
|
|
|
Since this command uses the RSA algorithm directly, it can only be
|
2000-09-06 06:30:38 +08:00
|
|
|
used to sign or verify small pieces of data.
|
|
|
|
|
|
|
|
=head1 EXAMPLES
|
|
|
|
|
2000-09-06 19:49:43 +08:00
|
|
|
Sign some data using a private key:
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
openssl rsautl -sign -in file -inkey key.pem -out sig
|
|
|
|
|
|
|
|
Recover the signed data
|
|
|
|
|
2001-04-25 23:24:47 +08:00
|
|
|
openssl rsautl -verify -in sig -inkey key.pem
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
Examine the raw signed data:
|
|
|
|
|
2017-09-10 21:02:07 +08:00
|
|
|
openssl rsautl -verify -in sig -inkey key.pem -raw -hexdump
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
|
|
|
|
0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
|
|
|
|
0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
|
|
|
|
0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
|
|
|
|
0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
|
|
|
|
0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
|
|
|
|
0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
|
|
|
|
0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64 .....hello world
|
|
|
|
|
|
|
|
The PKCS#1 block formatting is evident from this. If this was done using
|
|
|
|
encrypt and decrypt the block would have been of type 2 (the second byte)
|
|
|
|
and random padding data visible instead of the 0xff bytes.
|
|
|
|
|
|
|
|
It is possible to analyse the signature of certificates using this
|
Command docs: fix up command references
Almost all OpenSSL commands are in reality 'openssl cmd', so make sure
they are refered to like that and not just as the sub-command.
Self-references are avoided as much as is possible, and replaced with
"this command". In some cases, we even avoid that with a slight
rewrite of the sentence or paragrah they were in. However, in the few
cases where a self-reference is still admissible, they are done in
bold, i.e. openssl-speed.pod references itself like this:
B<openssl speed>
References to other commands are done as manual links, i.e. CA.pl.pod
references 'openssl req' like this: L<openssl-req(1)>
Some commands are examples rather than references; we enclose those in
C<>.
While we are it, we abolish "utility", replacing it with "command", or
remove it entirely in some cases.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10065)
2019-10-02 01:43:36 +08:00
|
|
|
utility in conjunction with L<openssl-asn1parse(1)>. Consider the self signed
|
2019-10-02 02:19:45 +08:00
|
|
|
example in F<certs/pca-cert.pem>. Running L<openssl-asn1parse(1)> as follows
|
Command docs: fix up command references
Almost all OpenSSL commands are in reality 'openssl cmd', so make sure
they are refered to like that and not just as the sub-command.
Self-references are avoided as much as is possible, and replaced with
"this command". In some cases, we even avoid that with a slight
rewrite of the sentence or paragrah they were in. However, in the few
cases where a self-reference is still admissible, they are done in
bold, i.e. openssl-speed.pod references itself like this:
B<openssl speed>
References to other commands are done as manual links, i.e. CA.pl.pod
references 'openssl req' like this: L<openssl-req(1)>
Some commands are examples rather than references; we enclose those in
C<>.
While we are it, we abolish "utility", replacing it with "command", or
remove it entirely in some cases.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10065)
2019-10-02 01:43:36 +08:00
|
|
|
yields:
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
openssl asn1parse -in pca-cert.pem
|
|
|
|
|
2016-05-20 20:11:46 +08:00
|
|
|
0:d=0 hl=4 l= 742 cons: SEQUENCE
|
|
|
|
4:d=1 hl=4 l= 591 cons: SEQUENCE
|
|
|
|
8:d=2 hl=2 l= 3 cons: cont [ 0 ]
|
2000-09-06 06:30:38 +08:00
|
|
|
10:d=3 hl=2 l= 1 prim: INTEGER :02
|
|
|
|
13:d=2 hl=2 l= 1 prim: INTEGER :00
|
2016-05-20 20:11:46 +08:00
|
|
|
16:d=2 hl=2 l= 13 cons: SEQUENCE
|
2000-09-06 06:30:38 +08:00
|
|
|
18:d=3 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption
|
2016-05-20 20:11:46 +08:00
|
|
|
29:d=3 hl=2 l= 0 prim: NULL
|
|
|
|
31:d=2 hl=2 l= 92 cons: SEQUENCE
|
|
|
|
33:d=3 hl=2 l= 11 cons: SET
|
|
|
|
35:d=4 hl=2 l= 9 cons: SEQUENCE
|
2000-09-06 06:30:38 +08:00
|
|
|
37:d=5 hl=2 l= 3 prim: OBJECT :countryName
|
|
|
|
42:d=5 hl=2 l= 2 prim: PRINTABLESTRING :AU
|
|
|
|
....
|
2016-05-20 20:11:46 +08:00
|
|
|
599:d=1 hl=2 l= 13 cons: SEQUENCE
|
2000-09-06 06:30:38 +08:00
|
|
|
601:d=2 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption
|
2016-05-20 20:11:46 +08:00
|
|
|
612:d=2 hl=2 l= 0 prim: NULL
|
|
|
|
614:d=1 hl=3 l= 129 prim: BIT STRING
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
|
|
|
|
The final BIT STRING contains the actual signature. It can be extracted with:
|
|
|
|
|
|
|
|
openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614
|
|
|
|
|
|
|
|
The certificate public key can be extracted with:
|
2016-05-20 20:11:46 +08:00
|
|
|
|
2007-09-18 01:54:31 +08:00
|
|
|
openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem
|
2000-09-06 06:30:38 +08:00
|
|
|
|
|
|
|
The signature can be analysed with:
|
|
|
|
|
|
|
|
openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin
|
|
|
|
|
2016-05-20 20:11:46 +08:00
|
|
|
0:d=0 hl=2 l= 32 cons: SEQUENCE
|
|
|
|
2:d=1 hl=2 l= 12 cons: SEQUENCE
|
2000-09-06 06:30:38 +08:00
|
|
|
4:d=2 hl=2 l= 8 prim: OBJECT :md5
|
2016-05-20 20:11:46 +08:00
|
|
|
14:d=2 hl=2 l= 0 prim: NULL
|
|
|
|
16:d=1 hl=2 l= 16 prim: OCTET STRING
|
2000-09-06 06:30:38 +08:00
|
|
|
0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5 .F...Js.7...H%..
|
|
|
|
|
|
|
|
This is the parsed version of an ASN1 DigestInfo structure. It can be seen that
|
|
|
|
the digest used was md5. The actual part of the certificate that was signed can
|
|
|
|
be extracted with:
|
|
|
|
|
|
|
|
openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4
|
|
|
|
|
|
|
|
and its digest computed with:
|
|
|
|
|
|
|
|
openssl md5 -c tbs
|
|
|
|
MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5
|
|
|
|
|
|
|
|
which it can be seen agrees with the recovered value above.
|
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
2019-08-22 07:04:41 +08:00
|
|
|
L<openssl(1)>,
|
|
|
|
L<openssl-dgst(1)>,
|
|
|
|
L<openssl-rsa(1)>,
|
|
|
|
L<openssl-genrsa(1)>
|
2016-05-18 22:16:40 +08:00
|
|
|
|
2016-05-18 23:44:05 +08:00
|
|
|
=head1 COPYRIGHT
|
|
|
|
|
2019-08-22 07:04:41 +08:00
|
|
|
Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
|
2016-05-18 23:44:05 +08:00
|
|
|
|
2018-12-06 21:04:11 +08:00
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
2016-05-18 23:44:05 +08:00
|
|
|
this file except in compliance with the License. You can obtain a copy
|
|
|
|
in the file LICENSE in the source distribution or at
|
|
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
|
|
|
|
=cut
|