diff options
Diffstat (limited to 'deps/openssl/openssl/doc/apps/rsautl.pod')
| -rw-r--r-- | deps/openssl/openssl/doc/apps/rsautl.pod | 63 |
1 files changed, 42 insertions, 21 deletions
diff --git a/deps/openssl/openssl/doc/apps/rsautl.pod b/deps/openssl/openssl/doc/apps/rsautl.pod index e16ce29cf6..c07d60aee7 100644 --- a/deps/openssl/openssl/doc/apps/rsautl.pod +++ b/deps/openssl/openssl/doc/apps/rsautl.pod @@ -8,9 +8,11 @@ rsautl - RSA utility =head1 SYNOPSIS B<openssl> B<rsautl> +[B<-help>] [B<-in file>] [B<-out file>] [B<-inkey file>] +[B<-keyform PEM|DER|ENGINE>] [B<-pubin>] [B<-certin>] [B<-sign>] @@ -28,10 +30,14 @@ B<openssl> B<rsautl> The B<rsautl> command can be used to sign, verify, encrypt and decrypt data using the RSA algorithm. -=head1 COMMAND OPTIONS +=head1 OPTIONS =over 4 +=item B<-help> + +Print out a usage message. + =item B<-in filename> This specifies the input filename to read data from or standard input @@ -46,18 +52,22 @@ default. the input key file, by default it should be an RSA private key. +=item B<-keyform PEM|DER|ENGINE> + +the key format PEM, DER or ENGINE. + =item B<-pubin> -the input file is an RSA public key. +the input file is an RSA public key. =item B<-certin> -the input is a certificate containing an RSA public key. +the input is a certificate containing an RSA public key. =item B<-sign> sign the input data and output the signed result. This requires -and RSA private key. +an RSA private key. =item B<-verify> @@ -127,24 +137,24 @@ example in certs/pca-cert.pem . Running B<asn1parse> as follows yields: openssl asn1parse -in pca-cert.pem - 0:d=0 hl=4 l= 742 cons: SEQUENCE - 4:d=1 hl=4 l= 591 cons: SEQUENCE - 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 0:d=0 hl=4 l= 742 cons: SEQUENCE + 4:d=1 hl=4 l= 591 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] 10:d=3 hl=2 l= 1 prim: INTEGER :02 13:d=2 hl=2 l= 1 prim: INTEGER :00 - 16:d=2 hl=2 l= 13 cons: SEQUENCE + 16:d=2 hl=2 l= 13 cons: SEQUENCE 18:d=3 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption - 29:d=3 hl=2 l= 0 prim: NULL - 31:d=2 hl=2 l= 92 cons: SEQUENCE - 33:d=3 hl=2 l= 11 cons: SET - 35:d=4 hl=2 l= 9 cons: SEQUENCE + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 92 cons: SEQUENCE + 33:d=3 hl=2 l= 11 cons: SET + 35:d=4 hl=2 l= 9 cons: SEQUENCE 37:d=5 hl=2 l= 3 prim: OBJECT :countryName 42:d=5 hl=2 l= 2 prim: PRINTABLESTRING :AU .... - 599:d=1 hl=2 l= 13 cons: SEQUENCE + 599:d=1 hl=2 l= 13 cons: SEQUENCE 601:d=2 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption - 612:d=2 hl=2 l= 0 prim: NULL - 614:d=1 hl=3 l= 129 prim: BIT STRING + 612:d=2 hl=2 l= 0 prim: NULL + 614:d=1 hl=3 l= 129 prim: BIT STRING The final BIT STRING contains the actual signature. It can be extracted with: @@ -152,18 +162,18 @@ The final BIT STRING contains the actual signature. It can be extracted with: openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614 The certificate public key can be extracted with: - + openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem The signature can be analysed with: openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin - 0:d=0 hl=2 l= 32 cons: SEQUENCE - 2:d=1 hl=2 l= 12 cons: SEQUENCE + 0:d=0 hl=2 l= 32 cons: SEQUENCE + 2:d=1 hl=2 l= 12 cons: SEQUENCE 4:d=2 hl=2 l= 8 prim: OBJECT :md5 - 14:d=2 hl=2 l= 0 prim: NULL - 16:d=1 hl=2 l= 16 prim: OCTET STRING + 14:d=2 hl=2 l= 0 prim: NULL + 16:d=1 hl=2 l= 16 prim: OCTET STRING 0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5 .F...Js.7...H%.. This is the parsed version of an ASN1 DigestInfo structure. It can be seen that @@ -181,4 +191,15 @@ which it can be seen agrees with the recovered value above. =head1 SEE ALSO -L<dgst(1)|dgst(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)> +L<dgst(1)>, L<rsa(1)>, L<genrsa(1)> + +=head1 COPYRIGHT + +Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L<https://www.openssl.org/source/license.html>. + +=cut |