| version 1.64, 2016/08/28 19:34:15 |
version 1.65, 2016/08/30 07:53:59 |
|
|
| options in the configuration file. |
options in the configuration file. |
| Any additional fields will be treated as though they were a |
Any additional fields will be treated as though they were a |
| .Cm DirectoryString . |
.Cm DirectoryString . |
| .Pp |
|
| The following messages are frequently asked about: |
|
| .Bd -unfilled -offset indent |
|
| Using configuration from /some/path/openssl.cnf |
|
| Unable to load config info |
|
| \&... |
|
| unable to find 'distinguished_name' in config |
|
| problems making Certificate Request |
|
| .Ed |
|
| .Pp |
|
| In this case it can't find the configuration file! |
|
| .Pp |
|
| Another puzzling message is: |
|
| .Bd -unfilled -offset indent |
|
| Attributes: |
|
| a0:00 |
|
| .Ed |
|
| .Pp |
|
| This is displayed when no attributes are present and the request includes |
|
| the correct empty SET OF structure |
|
| (the DER encoding of which is 0xa0 0x00). |
|
| If the message is instead: |
|
| .Pp |
|
| .D1 Attributes: |
|
| .Pp |
|
| then the SET OF is missing and the encoding is technically invalid |
|
| (but it is tolerated). |
|
| See the description |
|
| .Fl asn1-kludge |
|
| for more information. |
|
| .Sh RSA |
.Sh RSA |
| .nr nS 1 |
.nr nS 1 |
| .Nm "openssl rsa" |
.Nm "openssl rsa" |
|
|
| .It Fl text |
.It Fl text |
| Print the public/private key components in plain text. |
Print the public/private key components in plain text. |
| .El |
.El |
| .\" |
|
| .\" RSAUTL |
|
| .\" |
|
| .Sh RSAUTL |
.Sh RSAUTL |
| .nr nS 1 |
.nr nS 1 |
| .Nm "openssl rsautl" |
.Nm "openssl rsautl" |
| .Bk -words |
|
| .Op Fl asn1parse |
.Op Fl asn1parse |
| .Op Fl certin |
.Op Fl certin |
| .Op Fl decrypt |
.Op Fl decrypt |
|
|
| .Op Fl hexdump |
.Op Fl hexdump |
| .Op Fl in Ar file |
.Op Fl in Ar file |
| .Op Fl inkey Ar file |
.Op Fl inkey Ar file |
| .Op Fl keyform Ar DER | PEM |
.Op Fl keyform Cm der | pem |
| .Op Fl oaep | pkcs | raw | ssl |
.Op Fl oaep | pkcs | raw | ssl |
| .Op Fl out Ar file |
.Op Fl out Ar file |
| .Op Fl pubin |
.Op Fl pubin |
| .Op Fl sign |
.Op Fl sign |
| .Op Fl verify |
.Op Fl verify |
| .Ek |
|
| .nr nS 0 |
.nr nS 0 |
| .Pp |
.Pp |
| The |
The |
|
|
| .It Fl hexdump |
.It Fl hexdump |
| Hex dump the output data. |
Hex dump the output data. |
| .It Fl in Ar file |
.It Fl in Ar file |
| This specifies the input |
The input to read from, |
| .Ar file |
or standard input if not specified. |
| to read data from, or standard input |
|
| if this option is not specified. |
|
| .It Fl inkey Ar file |
.It Fl inkey Ar file |
| The input key file, by default it should be an RSA private key. |
The input key file; by default an RSA private key. |
| .It Fl keyform Ar DER | PEM |
.It Fl keyform Cm der | pem |
| Private ket format. |
The private ket format. |
| Default is |
The default is |
| .Ar PEM . |
.Cm pem . |
| .It Fl oaep | pkcs | raw | ssl |
.It Fl oaep | pkcs | raw | ssl |
| The padding to use: |
The padding to use: |
| PKCS#1 OAEP, PKCS#1 v1.5 |
PKCS#1 OAEP, PKCS#1 v1.5 (the default), or no padding, respectively. |
| .Pq the default , |
|
| or no padding, respectively. |
|
| For signatures, only |
For signatures, only |
| .Fl pkcs |
.Fl pkcs |
| and |
and |
| .Fl raw |
.Fl raw |
| can be used. |
can be used. |
| .It Fl out Ar file |
.It Fl out Ar file |
| Specifies the output |
The output file to write to, |
| .Ar file |
or standard output if not specified. |
| to write to, or standard output by |
|
| default. |
|
| .It Fl pubin |
.It Fl pubin |
| The input file is an RSA public key. |
The input file is an RSA public key. |
| .It Fl sign |
.It Fl sign |
|
|
| .It Fl verify |
.It Fl verify |
| Verify the input data and output the recovered data. |
Verify the input data and output the recovered data. |
| .El |
.El |
| .Sh RSAUTL NOTES |
|
| .Nm rsautl , |
|
| because it uses the RSA algorithm directly, can only be |
|
| used to sign or verify small pieces of data. |
|
| .Sh RSAUTL EXAMPLES |
|
| Sign some data using a private key: |
|
| .Pp |
|
| .Dl "$ openssl rsautl -sign -in file -inkey key.pem -out sig" |
|
| .Pp |
|
| Recover the signed data: |
|
| .Pp |
|
| .Dl $ openssl rsautl -verify -in sig -inkey key.pem |
|
| .Pp |
|
| Examine the raw signed data: |
|
| .Pp |
|
| .Li "\ \&$ openssl rsautl -verify -in file -inkey key.pem -raw -hexdump" |
|
| .Bd -unfilled |
|
| \& 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ |
|
| \& 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ |
|
| \& 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ |
|
| \& 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ |
|
| \& 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ |
|
| \& 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ |
|
| \& 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ |
|
| \& 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64 .....hello world |
|
| .Ed |
|
| .Pp |
|
| The PKCS#1 block formatting is evident from this. |
|
| If this was done using encrypt and decrypt, the block would have been of type 2 |
|
| .Pq the second byte |
|
| and random padding data visible instead of the 0xff bytes. |
|
| .Pp |
|
| It is possible to analyse the signature of certificates using this |
|
| utility in conjunction with |
|
| .Nm asn1parse . |
|
| Consider the self-signed example in |
|
| .Pa certs/pca-cert.pem : |
|
| running |
|
| .Nm asn1parse |
|
| as follows yields: |
|
| .Pp |
|
| .Li "\ \&$ openssl asn1parse -in pca-cert.pem" |
|
| .Bd -unfilled |
|
| \& 0:d=0 hl=4 l= 742 cons: SEQUENCE |
|
| \& 4:d=1 hl=4 l= 591 cons: SEQUENCE |
|
| \& 8:d=2 hl=2 l= 3 cons: cont [ 0 ] |
|
| \& 10:d=3 hl=2 l= 1 prim: INTEGER :02 |
|
| \& 13:d=2 hl=2 l= 1 prim: INTEGER :00 |
|
| \& 16:d=2 hl=2 l= 13 cons: SEQUENCE |
|
| \& 18:d=3 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption |
|
| \& 29:d=3 hl=2 l= 0 prim: NULL |
|
| \& 31:d=2 hl=2 l= 92 cons: SEQUENCE |
|
| \& 33:d=3 hl=2 l= 11 cons: SET |
|
| \& 35:d=4 hl=2 l= 9 cons: SEQUENCE |
|
| \& 37:d=5 hl=2 l= 3 prim: OBJECT :countryName |
|
| \& 42:d=5 hl=2 l= 2 prim: PRINTABLESTRING :AU |
|
| \& .... |
|
| \& 599:d=1 hl=2 l= 13 cons: SEQUENCE |
|
| \& 601:d=2 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption |
|
| \& 612:d=2 hl=2 l= 0 prim: NULL |
|
| \& 614:d=1 hl=3 l= 129 prim: BIT STRING |
|
| .Ed |
|
| .Pp |
|
| The final BIT STRING contains the actual signature. |
|
| It can be extracted with: |
|
| .Pp |
|
| .Dl "$ openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614" |
|
| .Pp |
|
| The certificate public key can be extracted with: |
|
| .Pp |
|
| .Dl $ openssl x509 -in test/testx509.pem -pubkey -noout \*(Gtpubkey.pem |
|
| .Pp |
|
| The signature can be analysed with: |
|
| .Pp |
|
| .Li "\ \&$ openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin" |
|
| .Bd -unfilled |
|
| \& 0:d=0 hl=2 l= 32 cons: SEQUENCE |
|
| \& 2:d=1 hl=2 l= 12 cons: SEQUENCE |
|
| \& 4:d=2 hl=2 l= 8 prim: OBJECT :md5 |
|
| \& 14:d=2 hl=2 l= 0 prim: NULL |
|
| \& 16:d=1 hl=2 l= 16 prim: OCTET STRING |
|
| \& 0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5 .F...Js.7...H%.. |
|
| .Ed |
|
| .Pp |
|
| This is the parsed version of an ASN1 |
|
| .Em DigestInfo |
|
| structure. |
|
| It can be seen that the digest used was MD5. |
|
| The actual part of the certificate that was signed can be extracted with: |
|
| .Pp |
|
| .Dl "$ openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4" |
|
| .Pp |
|
| and its digest computed with: |
|
| .Pp |
|
| .Dl $ openssl md5 -c tbs |
|
| .D1 MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5 |
|
| .Pp |
|
| which it can be seen agrees with the recovered value above. |
|
| .\" |
.\" |
| .\" S_CLIENT |
.\" S_CLIENT |
| .\" |
.\" |
![[BACK]](/icons/back.gif){kind=icon}
Return to openssl.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl