2 ''' $RCSfile$$Revision$$Date$
20 .ie \\n(.$>=3 .ne \\$3
36 ''' Set up \*(-- to give an unbreakable dash;
37 ''' string Tr holds user defined translation string.
38 ''' Bell System Logo is used as a dummy character.
44 .if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
45 .if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
48 ''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of
49 ''' \*(L" and \*(R", except that they are used on ".xx" lines,
50 ''' such as .IP and .SH, which do another additional levels of
51 ''' double-quote interpretation
80 .\" If the F register is turned on, we'll generate
81 .\" index entries out stderr for the following things:
86 .\" X<> Xref (embedded
87 .\" Of course, you have to process the output yourself
88 .\" in some meaninful fashion.
91 .tm Index:\\$1\t\\n%\t"\\$2"
96 .TH RSAUTL 1 "0.9.7d" "2/Sep/2004" "OpenSSL"
100 .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
101 .de CQ \" put $1 in typewriter font
107 \\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
110 .\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
111 . \" AM - accent mark definitions
113 . \" fudge factors for nroff and troff
122 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
128 . \" simple accents for nroff and troff
141 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
142 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
143 . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
144 . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
145 . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
146 . ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
147 . ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
148 . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
149 . ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
151 . \" troff and (daisy-wheel) nroff accents
152 .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
153 .ds 8 \h'\*(#H'\(*b\h'-\*(#H'
154 .ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
155 .ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
156 .ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
157 .ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
158 .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
159 .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
160 .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
161 .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
162 .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
163 .ds ae a\h'-(\w'a'u*4/10)'e
164 .ds Ae A\h'-(\w'A'u*4/10)'E
165 .ds oe o\h'-(\w'o'u*4/10)'e
166 .ds Oe O\h'-(\w'O'u*4/10)'E
167 . \" corrections for vroff
168 .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
169 .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
170 . \" for low resolution devices (crt and lpr)
171 .if \n(.H>23 .if \n(.V>19 \
175 . ds v \h'-1'\o'\(aa\(ga'
191 rsautl \- RSA utility
193 \fBopenssl\fR \fBrsautl\fR
209 The \fBrsautl\fR command can be used to sign, verify, encrypt and decrypt
210 data using the RSA algorithm.
211 .SH "COMMAND OPTIONS"
212 .Ip "\fB\-in filename\fR" 4
213 This specifies the input filename to read data from or standard input
214 if this option is not specified.
215 .Ip "\fB\-out filename\fR" 4
216 specifies the output filename to write to or standard output by
218 .Ip "\fB\-inkey file\fR" 4
219 the input key file, by default it should be an \s-1RSA\s0 private key.
220 .Ip "\fB\-pubin\fR" 4
221 the input file is an \s-1RSA\s0 public key.
222 .Ip "\fB\-certin\fR" 4
223 the input is a certificate containing an \s-1RSA\s0 public key.
225 sign the input data and output the signed result. This requires
226 and \s-1RSA\s0 private key.
227 .Ip "\fB\-verify\fR" 4
228 verify the input data and output the recovered data.
229 .Ip "\fB\-encrypt\fR" 4
230 encrypt the input data using an \s-1RSA\s0 public key.
231 .Ip "\fB\-decrypt\fR" 4
232 decrypt the input data using an \s-1RSA\s0 private key.
233 .Ip "\fB\-pkcs, \-oaep, \-ssl, \-raw\fR" 4
234 the padding to use: \s-1PKCS\s0#1 v1.5 (the default), \s-1PKCS\s0#1 \s-1OAEP\s0,
235 special padding used in \s-1SSL\s0 v2 backwards compatible handshakes,
236 or no padding, respectively.
237 For signatures, only \fB\-pkcs\fR and \fB\-raw\fR can be used.
238 .Ip "\fB\-hexdump\fR" 4
239 hex dump the output data.
240 .Ip "\fB\-asn1parse\fR" 4
241 asn1parse the output data, this is useful when combined with the
242 \fB\-verify\fR option.
244 \fBrsautl\fR because it uses the RSA algorithm directly can only be
245 used to sign or verify small pieces of data.
247 Sign some data using a private key:
250 \& openssl rsautl -sign -in file -inkey key.pem -out sig
252 Recover the signed data
255 \& openssl rsautl -verify -in sig -inkey key.pem
257 Examine the raw signed data:
260 \& openssl rsautl -verify -in file -inkey key.pem -raw -hexdump
263 \& 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
264 \& 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
265 \& 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
266 \& 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
267 \& 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
268 \& 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
269 \& 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
270 \& 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64 .....hello world
272 The PKCS#1 block formatting is evident from this. If this was done using
273 encrypt and decrypt the block would have been of type 2 (the second byte)
274 and random padding data visible instead of the 0xff bytes.
276 It is possible to analyse the signature of certificates using this
277 utility in conjunction with \fBasn1parse\fR. Consider the self signed
278 example in certs/pca-cert.pem . Running \fBasn1parse\fR as follows yields:
281 \& openssl asn1parse -in pca-cert.pem
284 \& 0:d=0 hl=4 l= 742 cons: SEQUENCE
285 \& 4:d=1 hl=4 l= 591 cons: SEQUENCE
286 \& 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
287 \& 10:d=3 hl=2 l= 1 prim: INTEGER :02
288 \& 13:d=2 hl=2 l= 1 prim: INTEGER :00
289 \& 16:d=2 hl=2 l= 13 cons: SEQUENCE
290 \& 18:d=3 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption
291 \& 29:d=3 hl=2 l= 0 prim: NULL
292 \& 31:d=2 hl=2 l= 92 cons: SEQUENCE
293 \& 33:d=3 hl=2 l= 11 cons: SET
294 \& 35:d=4 hl=2 l= 9 cons: SEQUENCE
295 \& 37:d=5 hl=2 l= 3 prim: OBJECT :countryName
296 \& 42:d=5 hl=2 l= 2 prim: PRINTABLESTRING :AU
298 \& 599:d=1 hl=2 l= 13 cons: SEQUENCE
299 \& 601:d=2 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption
300 \& 612:d=2 hl=2 l= 0 prim: NULL
301 \& 614:d=1 hl=3 l= 129 prim: BIT STRING
303 The final BIT STRING contains the actual signature. It can be extracted with:
306 \& openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614
308 The certificate public key can be extracted with:
310 openssl x509 \-in test/testx509.pem \-pubout \-noout >pubkey.pem
312 The signature can be analysed with:
315 \& openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin
318 \& 0:d=0 hl=2 l= 32 cons: SEQUENCE
319 \& 2:d=1 hl=2 l= 12 cons: SEQUENCE
320 \& 4:d=2 hl=2 l= 8 prim: OBJECT :md5
321 \& 14:d=2 hl=2 l= 0 prim: NULL
322 \& 16:d=1 hl=2 l= 16 prim: OCTET STRING
323 \& 0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5 .F...Js.7...H%..
325 This is the parsed version of an ASN1 DigestInfo structure. It can be seen that
326 the digest used was md5. The actual part of the certificate that was signed can
330 \& openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4
332 and its digest computed with:
335 \& openssl md5 -c tbs
336 \& MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5
338 which it can be seen agrees with the recovered value above.
340 dgst(1), rsa(1), genrsa(1)
344 .IX Name "rsautl - RSA utility"
348 .IX Header "SYNOPSIS"
350 .IX Header "DESCRIPTION"
352 .IX Header "COMMAND OPTIONS"
354 .IX Item "\fB\-in filename\fR"
356 .IX Item "\fB\-out filename\fR"
358 .IX Item "\fB\-inkey file\fR"
360 .IX Item "\fB\-pubin\fR"
362 .IX Item "\fB\-certin\fR"
364 .IX Item "\fB\-sign\fR"
366 .IX Item "\fB\-verify\fR"
368 .IX Item "\fB\-encrypt\fR"
370 .IX Item "\fB\-decrypt\fR"
372 .IX Item "\fB\-pkcs, \-oaep, \-ssl, \-raw\fR"
374 .IX Item "\fB\-hexdump\fR"
376 .IX Item "\fB\-asn1parse\fR"
380 .IX Header "EXAMPLES"
382 .IX Header "SEE ALSO"