OpenSSL "rsautl -encrypt" vs. "rsautl -sign"
What is the difference between "rsautl -encrypt" and "rsautl -sign" commands?
✍: FYIcenter.com
There are 2 differences between "rsautl -encrypt" and "rsautl -sign" commands:
1. "rsautl -encrypt" and "rsautl -sign" commands take different RSA keys:
- "rsautl -encrypt" only accepts an RSA public key and performs RSA encryption using the given key.
- "rsautl -sign" only accepts an RSA public key and performs RSA encryption using the given key.
2. "rsautl -encrypt" and "rsautl -sign" commands use different flavors of PKCS#1 v1.5 padding:
- "rsautl -encrypt" uses 0x02 as the BT (Block Type) and random bytes as padding string.
- "rsautl -sign" uses 0x01 as the BT (Block Type) and 0xff bytes as padding string.
So if we are using no padding, the only difference between "rsautl -encrypt" and "rsautl -sign" commands is what type of RSA keys they taking. In other words, "rsautl -encrypt -raw" and "rsautl -sign -raw" are identical commands except that the first takes RSA public keys and the second takes RSA private keys.
⇒ OpenSSL "rsautl -encrypt" vs. "rsautl -verify"
⇐ OpenSSL "rsautl -verify" - RSA Signature Verification
2017-03-25, 4404👍, 0💬
Related Topics:
OpenSSL "rsautl -verify -raw" for RSA Public Key Encryption
2017-03-11, 2457👍, 0💬
OpenSSL "rsautl -sign -raw" for RSA Private Key Decryption
2017-02-28, 2198👍, 0💬