=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/openssl/openssl.1,v retrieving revision 1.64 retrieving revision 1.65 diff -u -r1.64 -r1.65 --- src/usr.bin/openssl/openssl.1 2016/08/28 19:34:15 1.64 +++ src/usr.bin/openssl/openssl.1 2016/08/30 07:53:59 1.65 @@ -1,4 +1,4 @@ -.\" $OpenBSD: openssl.1,v 1.64 2016/08/28 19:34:15 jmc Exp $ +.\" $OpenBSD: openssl.1,v 1.65 2016/08/30 07:53:59 jmc Exp $ .\" ==================================================================== .\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. .\" @@ -112,7 +112,7 @@ .\" .\" OPENSSL .\" -.Dd $Mdocdate: August 28 2016 $ +.Dd $Mdocdate: August 30 2016 $ .Dt OPENSSL 1 .Os .Sh NAME @@ -3469,36 +3469,6 @@ options in the configuration file. Any additional fields will be treated as though they were a .Cm DirectoryString . -.Pp -The following messages are frequently asked about: -.Bd -unfilled -offset indent -Using configuration from /some/path/openssl.cnf -Unable to load config info -\&... -unable to find 'distinguished_name' in config -problems making Certificate Request -.Ed -.Pp -In this case it can't find the configuration file! -.Pp -Another puzzling message is: -.Bd -unfilled -offset indent -Attributes: - a0:00 -.Ed -.Pp -This is displayed when no attributes are present and the request includes -the correct empty SET OF structure -(the DER encoding of which is 0xa0 0x00). -If the message is instead: -.Pp -.D1 Attributes: -.Pp -then the SET OF is missing and the encoding is technically invalid -(but it is tolerated). -See the description -.Fl asn1-kludge -for more information. .Sh RSA .nr nS 1 .Nm "openssl rsa" @@ -3577,13 +3547,9 @@ .It Fl text Print the public/private key components in plain text. .El -.\" -.\" RSAUTL -.\" .Sh RSAUTL .nr nS 1 .Nm "openssl rsautl" -.Bk -words .Op Fl asn1parse .Op Fl certin .Op Fl decrypt @@ -3591,13 +3557,12 @@ .Op Fl hexdump .Op Fl in Ar file .Op Fl inkey Ar file -.Op Fl keyform Ar DER | PEM +.Op Fl keyform Cm der | pem .Op Fl oaep | pkcs | raw | ssl .Op Fl out Ar file .Op Fl pubin .Op Fl sign .Op Fl verify -.Ek .nr nS 0 .Pp The @@ -3620,31 +3585,25 @@ .It Fl hexdump Hex dump the output data. .It Fl in Ar file -This specifies the input -.Ar file -to read data from, or standard input -if this option is not specified. +The input to read from, +or standard input if not specified. .It Fl inkey Ar file -The input key file, by default it should be an RSA private key. -.It Fl keyform Ar DER | PEM -Private ket format. -Default is -.Ar PEM . +The input key file; by default an RSA private key. +.It Fl keyform Cm der | pem +The private ket format. +The default is +.Cm pem . .It Fl oaep | pkcs | raw | ssl The padding to use: -PKCS#1 OAEP, PKCS#1 v1.5 -.Pq the default , -or no padding, respectively. +PKCS#1 OAEP, PKCS#1 v1.5 (the default), or no padding, respectively. For signatures, only .Fl pkcs and .Fl raw can be used. .It Fl out Ar file -Specifies the output -.Ar file -to write to, or standard output by -default. +The output file to write to, +or standard output if not specified. .It Fl pubin The input file is an RSA public key. .It Fl sign @@ -3653,104 +3612,6 @@ .It Fl verify Verify the input data and output the recovered data. .El -.Sh RSAUTL NOTES -.Nm rsautl , -because it uses the RSA algorithm directly, can only be -used to sign or verify small pieces of data. -.Sh RSAUTL EXAMPLES -Sign some data using a private key: -.Pp -.Dl "$ openssl rsautl -sign -in file -inkey key.pem -out sig" -.Pp -Recover the signed data: -.Pp -.Dl $ openssl rsautl -verify -in sig -inkey key.pem -.Pp -Examine the raw signed data: -.Pp -.Li "\ \&$ openssl rsautl -verify -in file -inkey key.pem -raw -hexdump" -.Bd -unfilled -\& 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ -\& 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ -\& 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ -\& 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ -\& 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ -\& 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ -\& 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ -\& 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64 .....hello world -.Ed -.Pp -The PKCS#1 block formatting is evident from this. -If this was done using encrypt and decrypt, the block would have been of type 2 -.Pq the second byte -and random padding data visible instead of the 0xff bytes. -.Pp -It is possible to analyse the signature of certificates using this -utility in conjunction with -.Nm asn1parse . -Consider the self-signed example in -.Pa certs/pca-cert.pem : -running -.Nm asn1parse -as follows yields: -.Pp -.Li "\ \&$ openssl asn1parse -in pca-cert.pem" -.Bd -unfilled -\& 0:d=0 hl=4 l= 742 cons: SEQUENCE -\& 4:d=1 hl=4 l= 591 cons: SEQUENCE -\& 8:d=2 hl=2 l= 3 cons: cont [ 0 ] -\& 10:d=3 hl=2 l= 1 prim: INTEGER :02 -\& 13:d=2 hl=2 l= 1 prim: INTEGER :00 -\& 16:d=2 hl=2 l= 13 cons: SEQUENCE -\& 18:d=3 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption -\& 29:d=3 hl=2 l= 0 prim: NULL -\& 31:d=2 hl=2 l= 92 cons: SEQUENCE -\& 33:d=3 hl=2 l= 11 cons: SET -\& 35:d=4 hl=2 l= 9 cons: SEQUENCE -\& 37:d=5 hl=2 l= 3 prim: OBJECT :countryName -\& 42:d=5 hl=2 l= 2 prim: PRINTABLESTRING :AU -\& .... -\& 599:d=1 hl=2 l= 13 cons: SEQUENCE -\& 601:d=2 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption -\& 612:d=2 hl=2 l= 0 prim: NULL -\& 614:d=1 hl=3 l= 129 prim: BIT STRING -.Ed -.Pp -The final BIT STRING contains the actual signature. -It can be extracted with: -.Pp -.Dl "$ openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614" -.Pp -The certificate public key can be extracted with: -.Pp -.Dl $ openssl x509 -in test/testx509.pem -pubkey -noout \*(Gtpubkey.pem -.Pp -The signature can be analysed with: -.Pp -.Li "\ \&$ openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin" -.Bd -unfilled -\& 0:d=0 hl=2 l= 32 cons: SEQUENCE -\& 2:d=1 hl=2 l= 12 cons: SEQUENCE -\& 4:d=2 hl=2 l= 8 prim: OBJECT :md5 -\& 14:d=2 hl=2 l= 0 prim: NULL -\& 16:d=1 hl=2 l= 16 prim: OCTET STRING -\& 0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5 .F...Js.7...H%.. -.Ed -.Pp -This is the parsed version of an ASN1 -.Em DigestInfo -structure. -It can be seen that the digest used was MD5. -The actual part of the certificate that was signed can be extracted with: -.Pp -.Dl "$ openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4" -.Pp -and its digest computed with: -.Pp -.Dl $ openssl md5 -c tbs -.D1 MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5 -.Pp -which it can be seen agrees with the recovered value above. .\" .\" S_CLIENT .\"