projects / thirdparty / openssl.git / blame
| Commit | Line | Data |
|---|---|---|
| bbb72003 | 1 | =pod |
| 625c781d | 2 | {- OpenSSL::safe::output_do_not_edit_headers(); -} |
| 9fcb9702 | 3 | |
| bbb72003 DSH |
4 | =head1 NAME |
| 5 | ||
| 4b537191 | 6 | openssl-rsautl - RSA command |
| bbb72003 DSH |
7 | |
| 8 | =head1 SYNOPSIS | |
| 9 | ||
| 10 | B<openssl> B<rsautl> | |
| 169394d4 | 11 | [B<-help>] |
| e8769719 | 12 | [B<-in> I<file>] |
| 65718c51 RS |
13 | [B<-passin> I<arg>] |
| 14 | [B<-rev>] | |
| e8769719 | 15 | [B<-out> I<file>] |
| f91d003a | 16 | [B<-inkey> I<filename>|I<uri>] |
| 6d382c74 | 17 | [B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>] |
| bbb72003 DSH |
18 | [B<-pubin>] |
| 19 | [B<-certin>] | |
| 20 | [B<-sign>] | |
| 21 | [B<-verify>] | |
| 22 | [B<-encrypt>] | |
| 23 | [B<-decrypt>] | |
| 24 | [B<-pkcs>] | |
| 65718c51 RS |
25 | [B<-x931>] |
| 26 | [B<-oaep>] | |
| bbb72003 DSH |
27 | [B<-raw>] |
| 28 | [B<-hexdump>] | |
| 29 | [B<-asn1parse>] | |
| d55e4487 | 30 | {- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_r_synopsis -} |
| 6bd4e3f2 | 31 | {- $OpenSSL::safe::opt_provider_synopsis -} |
| bbb72003 DSH |
32 | |
| 33 | =head1 DESCRIPTION | |
| 34 | ||
| b9f733c2 P |
35 | This command has been deprecated. |
| 36 | The L<openssl-pkeyutl(1)> command should be used instead. | |
| 37 | ||
| 35a810bb | 38 | This command can be used to sign, verify, encrypt and decrypt |
| bbb72003 DSH |
39 | data using the RSA algorithm. |
| 40 | ||
| 3dfda1a6 | 41 | =head1 OPTIONS |
| bbb72003 DSH |
42 | |
| 43 | =over 4 | |
| 44 | ||
| 169394d4 MR |
45 | =item B<-help> |
| 46 | ||
| 47 | Print out a usage message. | |
| 48 | ||
| e8769719 | 49 | =item B<-in> I<filename> |
| bbb72003 DSH |
50 | |
| 51 | This specifies the input filename to read data from or standard input | |
| 52 | if this option is not specified. | |
| 53 | ||
| 65718c51 RS |
54 | =item B<-passin> I<arg> |
| 55 | ||
| 56 | The passphrase used in the output file. | |
| 46949153 | 57 | See see L<openssl-passphrase-options(1)>. |
| 65718c51 RS |
58 | |
| 59 | =item B<-rev> | |
| 60 | ||
| 61 | Reverse the order of the input. | |
| 62 | ||
| e8769719 | 63 | =item B<-out> I<filename> |
| bbb72003 | 64 | |
| c4de074e | 65 | Specifies the output filename to write to or standard output by |
| bbb72003 DSH |
66 | default. |
| 67 | ||
| f91d003a | 68 | =item B<-inkey> I<filename>|I<uri> |
| bbb72003 | 69 | |
| f91d003a | 70 | The input key, by default it should be an RSA private key. |
| bbb72003 | 71 | |
| 6d382c74 | 72 | =item B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE> |
| 0c20802c | 73 | |
| bee3f389 | 74 | The key format; unspecified by default. |
| 46949153 | 75 | See L<openssl-format-options(1)> for details. |
| 0c20802c | 76 | |
| bbb72003 DSH |
77 | =item B<-pubin> |
| 78 | ||
| c4de074e | 79 | The input file is an RSA public key. |
| bbb72003 DSH |
80 | |
| 81 | =item B<-certin> | |
| 82 | ||
| c4de074e | 83 | The input is a certificate containing an RSA public key. |
| bbb72003 DSH |
84 | |
| 85 | =item B<-sign> | |
| 86 | ||
| c4de074e | 87 | Sign the input data and output the signed result. This requires |
| 9f07c405 | 88 | an RSA private key. |
| bbb72003 DSH |
89 | |
| 90 | =item B<-verify> | |
| 91 | ||
| c4de074e | 92 | Verify the input data and output the recovered data. |
| bbb72003 DSH |
93 | |
| 94 | =item B<-encrypt> | |
| 95 | ||
| c4de074e | 96 | Encrypt the input data using an RSA public key. |
| bbb72003 DSH |
97 | |
| 98 | =item B<-decrypt> | |
| 99 | ||
| c4de074e | 100 | Decrypt the input data using an RSA private key. |
| bbb72003 | 101 | |
| b0aae913 | 102 | =item B<-pkcs>, B<-oaep>, B<-x931> B<-raw> |
| bbb72003 | 103 | |
| c4de074e | 104 | The padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP, |
| b0aae913 | 105 | ANSI X9.31, or no padding, respectively. |
| 2b40660e | 106 | For signatures, only B<-pkcs> and B<-raw> can be used. |
| bbb72003 DSH |
107 | |
| 108 | =item B<-hexdump> | |
| 109 | ||
| c4de074e | 110 | Hex dump the output data. |
| bbb72003 DSH |
111 | |
| 112 | =item B<-asn1parse> | |
| 113 | ||
| c4de074e | 114 | Parse the ASN.1 output data, this is useful when combined with the |
| bbb72003 DSH |
115 | B<-verify> option. |
| 116 | ||
| 65718c51 RS |
117 | {- $OpenSSL::safe::opt_engine_item -} |
| 118 | ||
| 9fcb9702 RS |
119 | {- $OpenSSL::safe::opt_r_item -} |
| 120 | ||
| 6bd4e3f2 P |
121 | {- $OpenSSL::safe::opt_provider_item -} |
| 122 | ||
| bbb72003 DSH |
123 | =back |
| 124 | ||
| 125 | =head1 NOTES | |
| 126 | ||
| 35a810bb | 127 | Since this command uses the RSA algorithm directly, it can only be |
| bbb72003 DSH |
128 | used to sign or verify small pieces of data. |
| 129 | ||
| 130 | =head1 EXAMPLES | |
| 131 | ||
| 35eb4588 P |
132 | Examples equivalent to these can be found in the documentation for the |
| 133 | non-deprecated L<openssl-pkeyutl(1)> command. | |
| 134 | ||
| 2b40660e | 135 | Sign some data using a private key: |
| bbb72003 DSH |
136 | |
| 137 | openssl rsautl -sign -in file -inkey key.pem -out sig | |
| 138 | ||
| 139 | Recover the signed data | |
| 140 | ||
| 0ea65947 | 141 | openssl rsautl -verify -in sig -inkey key.pem |
| bbb72003 DSH |
142 | |
| 143 | Examine the raw signed data: | |
| 144 | ||
| f70c22eb | 145 | openssl rsautl -verify -in sig -inkey key.pem -raw -hexdump |
| bbb72003 DSH |
146 | |
| 147 | 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ | |
| 148 | 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ | |
| 149 | 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ | |
| 150 | 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ | |
| 151 | 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ | |
| 152 | 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ | |
| 153 | 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ | |
| 154 | 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64 .....hello world | |
| 155 | ||
| 156 | The PKCS#1 block formatting is evident from this. If this was done using | |
| 157 | encrypt and decrypt the block would have been of type 2 (the second byte) | |
| 158 | and random padding data visible instead of the 0xff bytes. | |
| 159 | ||
| 160 | It is possible to analyse the signature of certificates using this | |
| 4b537191 | 161 | command in conjunction with L<openssl-asn1parse(1)>. Consider the self signed |
| 1948394d | 162 | example in F<certs/pca-cert.pem>. Running L<openssl-asn1parse(1)> as follows |
| 35a810bb | 163 | yields: |
| bbb72003 DSH |
164 | |
| 165 | openssl asn1parse -in pca-cert.pem | |
| 166 | ||
| 1bc74519 RS |
167 | 0:d=0 hl=4 l= 742 cons: SEQUENCE |
| 168 | 4:d=1 hl=4 l= 591 cons: SEQUENCE | |
| 169 | 8:d=2 hl=2 l= 3 cons: cont [ 0 ] | |
| bbb72003 DSH |
170 | 10:d=3 hl=2 l= 1 prim: INTEGER :02 |
| 171 | 13:d=2 hl=2 l= 1 prim: INTEGER :00 | |
| 1bc74519 | 172 | 16:d=2 hl=2 l= 13 cons: SEQUENCE |
| bbb72003 | 173 | 18:d=3 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption |
| 1bc74519 RS |
174 | 29:d=3 hl=2 l= 0 prim: NULL |
| 175 | 31:d=2 hl=2 l= 92 cons: SEQUENCE | |
| 176 | 33:d=3 hl=2 l= 11 cons: SET | |
| 177 | 35:d=4 hl=2 l= 9 cons: SEQUENCE | |
| bbb72003 DSH |
178 | 37:d=5 hl=2 l= 3 prim: OBJECT :countryName |
| 179 | 42:d=5 hl=2 l= 2 prim: PRINTABLESTRING :AU | |
| 180 | .... | |
| 1bc74519 | 181 | 599:d=1 hl=2 l= 13 cons: SEQUENCE |
| bbb72003 | 182 | 601:d=2 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption |
| 1bc74519 RS |
183 | 612:d=2 hl=2 l= 0 prim: NULL |
| 184 | 614:d=1 hl=3 l= 129 prim: BIT STRING | |
| bbb72003 DSH |
185 | |
| 186 | ||
| 187 | The final BIT STRING contains the actual signature. It can be extracted with: | |
| 188 | ||
| 189 | openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614 | |
| 190 | ||
| 191 | The certificate public key can be extracted with: | |
| 1bc74519 | 192 | |
| a529a801 | 193 | openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem |
| bbb72003 DSH |
194 | |
| 195 | The signature can be analysed with: | |
| 196 | ||
| 197 | openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin | |
| 198 | ||
| 1bc74519 RS |
199 | 0:d=0 hl=2 l= 32 cons: SEQUENCE |
| 200 | 2:d=1 hl=2 l= 12 cons: SEQUENCE | |
| bbb72003 | 201 | 4:d=2 hl=2 l= 8 prim: OBJECT :md5 |
| 1bc74519 RS |
202 | 14:d=2 hl=2 l= 0 prim: NULL |
| 203 | 16:d=1 hl=2 l= 16 prim: OCTET STRING | |
| bbb72003 DSH |
204 | 0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5 .F...Js.7...H%.. |
| 205 | ||
| 206 | This is the parsed version of an ASN1 DigestInfo structure. It can be seen that | |
| 207 | the digest used was md5. The actual part of the certificate that was signed can | |
| 208 | be extracted with: | |
| 209 | ||
| 210 | openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4 | |
| 211 | ||
| 212 | and its digest computed with: | |
| 213 | ||
| 214 | openssl md5 -c tbs | |
| 215 | MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5 | |
| 216 | ||
| 217 | which it can be seen agrees with the recovered value above. | |
| 218 | ||
| 219 | =head1 SEE ALSO | |
| 220 | ||
| b6b66573 | 221 | L<openssl(1)>, |
| b9f733c2 | 222 | L<openssl-pkeyutl(1)>, |
| b6b66573 DMSP |
223 | L<openssl-dgst(1)>, |
| 224 | L<openssl-rsa(1)>, | |
| 225 | L<openssl-genrsa(1)> | |
| 99ec4fdb | 226 | |
| b9f733c2 P |
227 | =head1 HISTORY |
| 228 | ||
| 229 | This command was deprecated in OpenSSL 3.0. | |
| 230 | ||
| 0f221d9c P |
231 | The B<-engine> option was deprecated in OpenSSL 3.0. |
| 232 | ||
| e2f92610 RS |
233 | =head1 COPYRIGHT |
| 234 | ||
| 8020d79b | 235 | Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. |
| e2f92610 | 236 | |
| 449040b4 | 237 | Licensed under the Apache License 2.0 (the "License"). You may not use |
| e2f92610 RS |
238 | this file except in compliance with the License. You can obtain a copy |
| 239 | in the file LICENSE in the source distribution or at | |
| 240 | L<https://www.openssl.org/source/license.html>. | |
| 241 | ||
| 242 | =cut |