=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/openssl/openssl.1,v retrieving revision 1.64 retrieving revision 1.65 diff -c -r1.64 -r1.65 *** src/usr.bin/openssl/openssl.1 2016/08/28 19:34:15 1.64 --- src/usr.bin/openssl/openssl.1 2016/08/30 07:53:59 1.65 *************** *** 1,4 **** ! .\" $OpenBSD: openssl.1,v 1.64 2016/08/28 19:34:15 jmc Exp $ .\" ==================================================================== .\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. .\" --- 1,4 ---- ! .\" $OpenBSD: openssl.1,v 1.65 2016/08/30 07:53:59 jmc Exp $ .\" ==================================================================== .\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. .\" *************** *** 112,118 **** .\" .\" OPENSSL .\" ! .Dd $Mdocdate: August 28 2016 $ .Dt OPENSSL 1 .Os .Sh NAME --- 112,118 ---- .\" .\" OPENSSL .\" ! .Dd $Mdocdate: August 30 2016 $ .Dt OPENSSL 1 .Os .Sh NAME *************** *** 3469,3504 **** options in the configuration file. Any additional fields will be treated as though they were a .Cm DirectoryString . - .Pp - The following messages are frequently asked about: - .Bd -unfilled -offset indent - Using configuration from /some/path/openssl.cnf - Unable to load config info - \&... - unable to find 'distinguished_name' in config - problems making Certificate Request - .Ed - .Pp - In this case it can't find the configuration file! - .Pp - Another puzzling message is: - .Bd -unfilled -offset indent - Attributes: - a0:00 - .Ed - .Pp - This is displayed when no attributes are present and the request includes - the correct empty SET OF structure - (the DER encoding of which is 0xa0 0x00). - If the message is instead: - .Pp - .D1 Attributes: - .Pp - then the SET OF is missing and the encoding is technically invalid - (but it is tolerated). - See the description - .Fl asn1-kludge - for more information. .Sh RSA .nr nS 1 .Nm "openssl rsa" --- 3469,3474 ---- *************** *** 3577,3589 **** .It Fl text Print the public/private key components in plain text. .El - .\" - .\" RSAUTL - .\" .Sh RSAUTL .nr nS 1 .Nm "openssl rsautl" - .Bk -words .Op Fl asn1parse .Op Fl certin .Op Fl decrypt --- 3547,3555 ---- *************** *** 3591,3603 **** .Op Fl hexdump .Op Fl in Ar file .Op Fl inkey Ar file ! .Op Fl keyform Ar DER | PEM .Op Fl oaep | pkcs | raw | ssl .Op Fl out Ar file .Op Fl pubin .Op Fl sign .Op Fl verify - .Ek .nr nS 0 .Pp The --- 3557,3568 ---- .Op Fl hexdump .Op Fl in Ar file .Op Fl inkey Ar file ! .Op Fl keyform Cm der | pem .Op Fl oaep | pkcs | raw | ssl .Op Fl out Ar file .Op Fl pubin .Op Fl sign .Op Fl verify .nr nS 0 .Pp The *************** *** 3620,3650 **** .It Fl hexdump Hex dump the output data. .It Fl in Ar file ! This specifies the input ! .Ar file ! to read data from, or standard input ! if this option is not specified. .It Fl inkey Ar file ! The input key file, by default it should be an RSA private key. ! .It Fl keyform Ar DER | PEM ! Private ket format. ! Default is ! .Ar PEM . .It Fl oaep | pkcs | raw | ssl The padding to use: ! PKCS#1 OAEP, PKCS#1 v1.5 ! .Pq the default , ! or no padding, respectively. For signatures, only .Fl pkcs and .Fl raw can be used. .It Fl out Ar file ! Specifies the output ! .Ar file ! to write to, or standard output by ! default. .It Fl pubin The input file is an RSA public key. .It Fl sign --- 3585,3609 ---- .It Fl hexdump Hex dump the output data. .It Fl in Ar file ! The input to read from, ! or standard input if not specified. .It Fl inkey Ar file ! The input key file; by default an RSA private key. ! .It Fl keyform Cm der | pem ! The private ket format. ! The default is ! .Cm pem . .It Fl oaep | pkcs | raw | ssl The padding to use: ! PKCS#1 OAEP, PKCS#1 v1.5 (the default), or no padding, respectively. For signatures, only .Fl pkcs and .Fl raw can be used. .It Fl out Ar file ! The output file to write to, ! or standard output if not specified. .It Fl pubin The input file is an RSA public key. .It Fl sign *************** *** 3653,3756 **** .It Fl verify Verify the input data and output the recovered data. .El - .Sh RSAUTL NOTES - .Nm rsautl , - because it uses the RSA algorithm directly, can only be - used to sign or verify small pieces of data. - .Sh RSAUTL EXAMPLES - Sign some data using a private key: - .Pp - .Dl "$ openssl rsautl -sign -in file -inkey key.pem -out sig" - .Pp - Recover the signed data: - .Pp - .Dl $ openssl rsautl -verify -in sig -inkey key.pem - .Pp - Examine the raw signed data: - .Pp - .Li "\ \&$ openssl rsautl -verify -in file -inkey key.pem -raw -hexdump" - .Bd -unfilled - \& 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ - \& 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ - \& 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ - \& 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ - \& 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ - \& 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ - \& 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ - \& 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64 .....hello world - .Ed - .Pp - The PKCS#1 block formatting is evident from this. - If this was done using encrypt and decrypt, the block would have been of type 2 - .Pq the second byte - and random padding data visible instead of the 0xff bytes. - .Pp - It is possible to analyse the signature of certificates using this - utility in conjunction with - .Nm asn1parse . - Consider the self-signed example in - .Pa certs/pca-cert.pem : - running - .Nm asn1parse - as follows yields: - .Pp - .Li "\ \&$ openssl asn1parse -in pca-cert.pem" - .Bd -unfilled - \& 0:d=0 hl=4 l= 742 cons: SEQUENCE - \& 4:d=1 hl=4 l= 591 cons: SEQUENCE - \& 8:d=2 hl=2 l= 3 cons: cont [ 0 ] - \& 10:d=3 hl=2 l= 1 prim: INTEGER :02 - \& 13:d=2 hl=2 l= 1 prim: INTEGER :00 - \& 16:d=2 hl=2 l= 13 cons: SEQUENCE - \& 18:d=3 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption - \& 29:d=3 hl=2 l= 0 prim: NULL - \& 31:d=2 hl=2 l= 92 cons: SEQUENCE - \& 33:d=3 hl=2 l= 11 cons: SET - \& 35:d=4 hl=2 l= 9 cons: SEQUENCE - \& 37:d=5 hl=2 l= 3 prim: OBJECT :countryName - \& 42:d=5 hl=2 l= 2 prim: PRINTABLESTRING :AU - \& .... - \& 599:d=1 hl=2 l= 13 cons: SEQUENCE - \& 601:d=2 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption - \& 612:d=2 hl=2 l= 0 prim: NULL - \& 614:d=1 hl=3 l= 129 prim: BIT STRING - .Ed - .Pp - The final BIT STRING contains the actual signature. - It can be extracted with: - .Pp - .Dl "$ openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614" - .Pp - The certificate public key can be extracted with: - .Pp - .Dl $ openssl x509 -in test/testx509.pem -pubkey -noout \*(Gtpubkey.pem - .Pp - The signature can be analysed with: - .Pp - .Li "\ \&$ openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin" - .Bd -unfilled - \& 0:d=0 hl=2 l= 32 cons: SEQUENCE - \& 2:d=1 hl=2 l= 12 cons: SEQUENCE - \& 4:d=2 hl=2 l= 8 prim: OBJECT :md5 - \& 14:d=2 hl=2 l= 0 prim: NULL - \& 16:d=1 hl=2 l= 16 prim: OCTET STRING - \& 0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5 .F...Js.7...H%.. - .Ed - .Pp - This is the parsed version of an ASN1 - .Em DigestInfo - structure. - It can be seen that the digest used was MD5. - The actual part of the certificate that was signed can be extracted with: - .Pp - .Dl "$ openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4" - .Pp - and its digest computed with: - .Pp - .Dl $ openssl md5 -c tbs - .D1 MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5 - .Pp - which it can be seen agrees with the recovered value above. .\" .\" S_CLIENT .\" --- 3612,3617 ----