Collections:
Other Resources:
OpenSSL "rsautl -verify" - RSA Signature Verification
What is the purpose of the OpenSSL "rsautl -verify" command? Can I use it to verify a signed document?
✍: FYIcenter.com
Yes, you can use OpenSSL "rsautl -verify" command to verify a signed document. But you need other OpenSSL commands to generate a digest from the document first.
For example, you received 3 files as part of a "signed" document: notepad.exe, sha1_signed.dgt, and my_rsa_pub.key, you can the following OpenSSL commands to verify the signature:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> dgst -sha1 -binary -out sha1.dgt \windows\system32\notepad.exe OpenSSL> rsautl -verify -pubin -inkey my_rsa_pub.key -in sha1_signed.dgt -out sha1_decrypted.dgt OpenSSL> exit C:\Users\fyicenter>comp sha1.dgt sha1_decrypted.dgt Comparing sha1.dgt and sha1_decrypted.dgt... Files compare OK
Commands used in this test are:
Since the two digests are identical, the digital signature is valid.
⇒ OpenSSL "rsautl -encrypt" vs. "rsautl -sign"
⇐ OpenSSL Verify Signed Documents with RSA Keys
2017-03-25, 11904🔥, 0💬
Popular Posts:
Where to find tools to view, inspect or manage security certificates? Here is a collection of tools ...
Can Microsoft "certutil" tool validates an expired certificates and reports the expired status? Yes....
Certificate Summary: Subject: accounts.accesscontrol.w indows.netIssuer: accounts.accesscontrol.w ind...
Certificate summary - Owner: ssl003.insnw.net, "Instart Logic, Inc.", L=Mountain View, ST=California...
Certificate summary - Owner: EMAILADDRESS=info@valice rt.com,http://www.valicert.com/ ,ValiCert Clas...