OpenSSL "rsautl -verify" - RSA Signature Verification

Q

What is the purpose of the OpenSSL "rsautl -verify" command? Can I use it to verify a signed document?

✍: FYIcenter.com

A

Yes, you can use OpenSSL "rsautl -verify" command to verify a signed document. But you need other OpenSSL commands to generate a digest from the document first.

For example, you received 3 files as part of a "signed" document: notepad.exe, sha1_signed.dgt, and my_rsa_pub.key, you can the following OpenSSL commands to verify the signature:

C:\Users\fyicenter>\local\openssl\openssl.exe

OpenSSL> dgst -sha1 -binary -out sha1.dgt \windows\system32\notepad.exe

OpenSSL> rsautl -verify -pubin -inkey my_rsa_pub.key -in sha1_signed.dgt 
   -out sha1_decrypted.dgt

OpenSSL> exit

C:\Users\fyicenter>comp sha1.dgt sha1_decrypted.dgt
Comparing sha1.dgt and sha1_decrypted.dgt...
Files compare OK

Commands used in this test are:

"dgst -sha1 -binary -out sha1.dgt \windows\system32\notepad.exe" - OpenSSL command to generate a new digest string from the document, notepad.exe, with the SHA-1 algorithm using the "dgst -sha1" command.
"rsautl -verify -pubin -inkey my_rsa_pub.key -in sha1_signed.dgt -out sha1_decrypted.dgt" - OpenSSL command to decrypt the digital signature of the document. The output, sha1_decrypted.dgt, is the old digest generated by the sender from the document.
"comp sha1.dgt sha1_decrypted.dgt" - Windows command to compare the new digest with the old digest.

Since the two digests are identical, the digital signature is valid.

⇒ OpenSSL "rsautl -encrypt" vs. "rsautl -sign"

⇐ OpenSSL Verify Signed Documents with RSA Keys

⇑ OpenSSL "rsautl" Command for RSA Keys

⇑⇑ OpenSSL Tutorials

2017-03-25, ≈12🔥, 0💬

OpenSSL "genrsa" and "rsa" Commands
Where to find tutorials on using OpenSSL "genrsa" and "rsa" commands? Here is a collection of tutorials on using OpenSSL "genrsa" and "rsa" commands compiled by FYIcenter.com team. Note that "genrsa" and "rsa" commands are superseded by "genpkey" and "pKey" commands now. Stop using "genrsa" and "rsa... 2017-02-28, ≈12🔥, 0💬

OpenSSL "rsautl -verify" - RSA Signature Verification
What is the purpose of the OpenSSL "rsautl -verify" command? Can I use it to verify a signed document? Yes, you can use OpenSSL "rsautl -verify" command to verify a signed document. But you need other OpenSSL commands to generate a digest from the document first. For example, you received 3 files as... 2017-03-25, ≈12🔥, 0💬

OpenSSL "rsautl -sign" - RSA Signature Generation
What is the purpose of the OpenSSL "rsautl -sign" command? Can I use it to sign a document? Yes, you can use OpenSSL "rsautl -sign" command to sign a document. But you need other OpenSSL commands to generate a digest from the document first as shown in the following test: C:\Users\fyicenter>d... 2017-04-04, ∼9655🔥, 0💬

OpenSSL "rsautl -encrypt" vs. "rsautl -sign"
What is the difference between "rsautl -encrypt" and "rsautl -sign" commands? There are 2 differences between "rsautl -encrypt" and "rsautl -sign" commands: 1. "rsautl -encrypt" and "rsautl -sign" commands take different RSA keys: "rsautl -encrypt" only accepts an RSA public key and performs RSA enc... 2017-03-25, ∼6258🔥, 0💬

OpenSSL "rsautl" Using OAEP Padding
What is the OAEP padding schema used in OpenSSL "rsautl" command? OAEP (Optimal Asymmetric Encryption Padding), also called PKCS#1 2.0, is a padding standard specified in RFC3447 "PKCS #1: RSA Encryption, Version 1.5" proposed by RSA Laboratories in 1998. OAEP padding can be illustrated by the diagr... 2017-04-22, ∼5910🔥, 0💬

OpenSSL "rsautl -encrypt" vs. "rsautl -verify"
What is the difference between "rsautl -encrypt" and "rsautl -verify" commands? There is only 1 difference between "rsautl -encrypt" and "rsautl -verify" commands: 1. "rsautl -encrypt" and "rsautl -verify" commands apply PKCS#1 v1.5 padding differently: "rsautl -encrypt" adds PKCS#1 v1.5 padding bef... 2017-03-11, ∼4581🔥, 0💬

OpenSSL Signing Documents with RSA Keys
What is the process of signing a document with RSA keys using OpenSSL commands? I was told to deliver a document with digital signature. Here are steps your need to follow to sign a document with your RSA private key using OpenSSL commands: 1. Get the document to be signed ready. 2. Generate a diges... 2017-04-04, ∼3715🔥, 0💬

OpenSSL "rsautl -verify -raw" for RSA Public Key Encryption
2017-03-11, ∼3483🔥, 0💬

OpenSSL Verify Signed Documents with RSA Keys
What is the process of verifying the signed document with RSA keys using OpenSSL commands? I received a signed document and was to verify it with senders RSA public key. Here are steps your need to follow to verify a signed document with sender's RSA public key using OpenSSL commands: 1. Verify that... 2017-03-27, ∼3130🔥, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.