1OPENSSL-RSAUTL(1ossl)               OpenSSL              OPENSSL-RSAUTL(1ossl)
2
3
4

NAME

6       openssl-rsautl - RSA command
7

SYNOPSIS

9       openssl rsautl [-help] [-in file] [-passin arg] [-rev] [-out file]
10       [-inkey filename|uri] [-keyform DER|PEM|P12|ENGINE] [-pubin] [-certin]
11       [-sign] [-verify] [-encrypt] [-decrypt] [-pkcs] [-x931] [-oaep] [-raw]
12       [-hexdump] [-asn1parse] [-engine id] [-rand files] [-writerand file]
13       [-provider name] [-provider-path path] [-propquery propq]
14

DESCRIPTION

16       This command has been deprecated.  The openssl-pkeyutl(1) command
17       should be used instead.
18
19       This command can be used to sign, verify, encrypt and decrypt data
20       using the RSA algorithm.
21

OPTIONS

23       -help
24           Print out a usage message.
25
26       -in filename
27           This specifies the input filename to read data from or standard
28           input if this option is not specified.
29
30       -passin arg
31           The passphrase used in the output file.  See see
32           openssl-passphrase-options(1).
33
34       -rev
35           Reverse the order of the input.
36
37       -out filename
38           Specifies the output filename to write to or standard output by
39           default.
40
41       -inkey filename|uri
42           The input key, by default it should be an RSA private key.
43
44       -keyform DER|PEM|P12|ENGINE
45           The key format; unspecified by default.  See
46           openssl-format-options(1) for details.
47
48       -pubin
49           The input file is an RSA public key.
50
51       -certin
52           The input is a certificate containing an RSA public key.
53
54       -sign
55           Sign the input data and output the signed result. This requires an
56           RSA private key.
57
58       -verify
59           Verify the input data and output the recovered data.
60
61       -encrypt
62           Encrypt the input data using an RSA public key.
63
64       -decrypt
65           Decrypt the input data using an RSA private key.
66
67       -pkcs, -oaep, -x931 -raw
68           The padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP, ANSI
69           X9.31, or no padding, respectively.  For signatures, only -pkcs and
70           -raw can be used.
71
72           Note: because of protection against Bleichenbacher attacks,
73           decryption using PKCS#1 v1.5 mode will not return errors in case
74           padding check failed.  Use -raw and inspect the returned value
75           manually to check if the padding is correct.
76
77       -hexdump
78           Hex dump the output data.
79
80       -asn1parse
81           Parse the ASN.1 output data, this is useful when combined with the
82           -verify option.
83
84       -engine id
85           See "Engine Options" in openssl(1).  This option is deprecated.
86
87       -rand files, -writerand file
88           See "Random State Options" in openssl(1) for details.
89
90       -provider name
91       -provider-path path
92       -propquery propq
93           See "Provider Options" in openssl(1), provider(7), and property(7).
94

NOTES

96       Since this command uses the RSA algorithm directly, it can only be used
97       to sign or verify small pieces of data.
98

EXAMPLES

100       Examples equivalent to these can be found in the documentation for the
101       non-deprecated openssl-pkeyutl(1) command.
102
103       Sign some data using a private key:
104
105        openssl rsautl -sign -in file -inkey key.pem -out sig
106
107       Recover the signed data
108
109        openssl rsautl -verify -in sig -inkey key.pem
110
111       Examine the raw signed data:
112
113        openssl rsautl -verify -in sig -inkey key.pem -raw -hexdump
114
115        0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
116        0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
117        0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
118        0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
119        0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
120        0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
121        0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
122        0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64   .....hello world
123
124       The PKCS#1 block formatting is evident from this. If this was done
125       using encrypt and decrypt the block would have been of type 2 (the
126       second byte) and random padding data visible instead of the 0xff bytes.
127
128       It is possible to analyse the signature of certificates using this
129       command in conjunction with openssl-asn1parse(1). Consider the self
130       signed example in certs/pca-cert.pem. Running openssl-asn1parse(1) as
131       follows yields:
132
133        openssl asn1parse -in pca-cert.pem
134
135           0:d=0  hl=4 l= 742 cons: SEQUENCE
136           4:d=1  hl=4 l= 591 cons:  SEQUENCE
137           8:d=2  hl=2 l=   3 cons:   cont [ 0 ]
138          10:d=3  hl=2 l=   1 prim:    INTEGER           :02
139          13:d=2  hl=2 l=   1 prim:   INTEGER           :00
140          16:d=2  hl=2 l=  13 cons:   SEQUENCE
141          18:d=3  hl=2 l=   9 prim:    OBJECT            :md5WithRSAEncryption
142          29:d=3  hl=2 l=   0 prim:    NULL
143          31:d=2  hl=2 l=  92 cons:   SEQUENCE
144          33:d=3  hl=2 l=  11 cons:    SET
145          35:d=4  hl=2 l=   9 cons:     SEQUENCE
146          37:d=5  hl=2 l=   3 prim:      OBJECT            :countryName
147          42:d=5  hl=2 l=   2 prim:      PRINTABLESTRING   :AU
148         ....
149         599:d=1  hl=2 l=  13 cons:  SEQUENCE
150         601:d=2  hl=2 l=   9 prim:   OBJECT            :md5WithRSAEncryption
151         612:d=2  hl=2 l=   0 prim:   NULL
152         614:d=1  hl=3 l= 129 prim:  BIT STRING
153
154       The final BIT STRING contains the actual signature. It can be extracted
155       with:
156
157        openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614
158
159       The certificate public key can be extracted with:
160
161        openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem
162
163       The signature can be analysed with:
164
165        openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin
166
167           0:d=0  hl=2 l=  32 cons: SEQUENCE
168           2:d=1  hl=2 l=  12 cons:  SEQUENCE
169           4:d=2  hl=2 l=   8 prim:   OBJECT            :md5
170          14:d=2  hl=2 l=   0 prim:   NULL
171          16:d=1  hl=2 l=  16 prim:  OCTET STRING
172             0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5   .F...Js.7...H%..
173
174       This is the parsed version of an ASN1 DigestInfo structure. It can be
175       seen that the digest used was md5. The actual part of the certificate
176       that was signed can be extracted with:
177
178        openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4
179
180       and its digest computed with:
181
182        openssl md5 -c tbs
183        MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5
184
185       which it can be seen agrees with the recovered value above.
186

SEE ALSO

188       openssl(1), openssl-pkeyutl(1), openssl-dgst(1), openssl-rsa(1),
189       openssl-genrsa(1)
190

HISTORY

192       This command was deprecated in OpenSSL 3.0.
193
194       The -engine option was deprecated in OpenSSL 3.0.
195

COPYRIGHT

197       Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
198
199       Licensed under the Apache License 2.0 (the "License").  You may not use
200       this file except in compliance with the License.  You can obtain a copy
201       in the file LICENSE in the source distribution or at
202       <https://www.openssl.org/source/license.html>.
203
204
205
2063.0.9                             2023-07-27             OPENSSL-RSAUTL(1ossl)