Collections:
Other Resources:
OpenSSL "rsautl -verify" - RSA Signature Verification
What is the purpose of the OpenSSL "rsautl -verify" command? Can I use it to verify a signed document?
✍: FYIcenter.com
Yes, you can use OpenSSL "rsautl -verify" command to verify a signed document.
But you need other OpenSSL commands to generate a digest from the document first.
For example, you received 3 files as part of a "signed" document: notepad.exe, sha1_signed.dgt, and my_rsa_pub.key, you can the following OpenSSL commands to verify the signature:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> dgst -sha1 -binary -out sha1.dgt \windows\system32\notepad.exe OpenSSL> rsautl -verify -pubin -inkey my_rsa_pub.key -in sha1_signed.dgt -out sha1_decrypted.dgt OpenSSL> exit C:\Users\fyicenter>comp sha1.dgt sha1_decrypted.dgt Comparing sha1.dgt and sha1_decrypted.dgt... Files compare OK
Commands used in this test are:
Since the two digests are identical, the digital signature is valid.
⇒ OpenSSL "rsautl -encrypt" vs. "rsautl -sign"
⇐ OpenSSL Verify Signed Documents with RSA Keys
2017-03-25, ≈12🔥, 0💬
Popular Posts:
How to use the "keytool -list" command? I want to see what in the keystore file. Here is an example ...
How to validate a certificate saved in a certificate file with Microsoft "certutil" tool? If you wan...
Certificate Summary: Subject: *.usps.com Issuer: Cybertrust Public SureServer SV CA Expiration: 2014...
Certificate summary - Owner: www.ezinearticles.com, SparkNET Corporation, L=De Pere, ST=Wisconsin, U...
What can I use OpenSSL "genpkey" command for? What are options supported by the "genpkey" command? O...