Collections:
Other Resources:
OpenSSL "rsautl -verify" - RSA Signature Verification
What is the purpose of the OpenSSL "rsautl -verify" command? Can I use it to verify a signed document?
✍: FYIcenter.com
Yes, you can use OpenSSL "rsautl -verify" command to verify a signed document.
But you need other OpenSSL commands to generate a digest from the document first.
For example, you received 3 files as part of a "signed" document: notepad.exe, sha1_signed.dgt, and my_rsa_pub.key, you can the following OpenSSL commands to verify the signature:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> dgst -sha1 -binary -out sha1.dgt \windows\system32\notepad.exe OpenSSL> rsautl -verify -pubin -inkey my_rsa_pub.key -in sha1_signed.dgt -out sha1_decrypted.dgt OpenSSL> exit C:\Users\fyicenter>comp sha1.dgt sha1_decrypted.dgt Comparing sha1.dgt and sha1_decrypted.dgt... Files compare OK
Commands used in this test are:
Since the two digests are identical, the digital signature is valid.
⇒ OpenSSL "rsautl -encrypt" vs. "rsautl -sign"
⇐ OpenSSL Verify Signed Documents with RSA Keys
2017-03-25, ≈13🔥, 0💬
Popular Posts:
How to import a CA (Certificate Authority) reply into a keystore key pair entry with Portecle? To im...
Certificate summary - Owner: *.sourceforge.net, "Dice Holdings, Inc", L=New York, ST=New York, US, S...
Certificate Summary: Subject: UTN-USERFirst-Hardware Issuer: UTN-USERFirst-Hardware Expiration: 2019...
Certificate Summary: Subject: GoGetSSL RSA DV CA Issuer: USERTrust RSA Certification Authority Expir...
How to view Java user-level trusted certificates using Java Control Panel? To view Java user-level t...