OpenSSL "rsautl -encrypt" vs. "rsautl -verify"

Q

What is the difference between "rsautl -encrypt" and "rsautl -verify" commands?

✍: FYIcenter.com

A

There is only 1 difference between "rsautl -encrypt" and "rsautl -verify" commands:

1. "rsautl -encrypt" and "rsautl -verify" commands apply PKCS#1 v1.5 padding differently:

  • "rsautl -encrypt" adds PKCS#1 v1.5 padding before applying RSA encryptin with an RSA public key.
  • "rsautl -verify" removes PKCS#1 v1.5 padding after applying RSA decryptin with an RSA public key.

So if we are using no padding, "rsautl -encrypt" and "rsautl -verify" have no differences, because RSA encryption and RSA decryption are identical algorithms. In other words, "rsautl -encrypt -raw" and "rsautl -sign -raw" are identical commands.

 

OpenSSL "rsautl" Command for RSA Keys

⇒⇒OpenSSL Tutorials

2017-03-11, 504👍, 0💬