OpenSSL "rsautl -encrypt" vs. "rsautl -verify"


What is the difference between "rsautl -encrypt" and "rsautl -verify" commands?



There is only 1 difference between "rsautl -encrypt" and "rsautl -verify" commands:

1. "rsautl -encrypt" and "rsautl -verify" commands apply PKCS#1 v1.5 padding differently:

  • "rsautl -encrypt" adds PKCS#1 v1.5 padding before applying RSA encryptin with an RSA public key.
  • "rsautl -verify" removes PKCS#1 v1.5 padding after applying RSA decryptin with an RSA public key.

So if we are using no padding, "rsautl -encrypt" and "rsautl -verify" have no differences, because RSA encryption and RSA decryption are identical algorithms. In other words, "rsautl -encrypt -raw" and "rsautl -sign -raw" are identical commands.


OpenSSL "rsautl" Command for RSA Keys

⇒⇒OpenSSL Tutorials

2017-03-11, 340👍, 0💬