decrypt the input data using an RSA private key.
-=item B<-pkcs, -ssl, -raw>
+=item B<-pkcs, -oaep, -ssl, -raw>
-the padding to use, PKCS#1 v1.5 (the default) SSL v2 or no padding
-respectively.
+the padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP,
+special padding used in SSL v2 backwards compatible handshakes,
+or no padding, respectively.
+For signatures, only B<-pkcs> and B<-raw> can be used.
=item B<-hexdump>
=head1 EXAMPLES
-Sign the some data using a private key:
+Sign some data using a private key:
openssl rsautl -sign -in file -inkey key.pem -out sig
Recover the signed data
- openssl rsautl -sign -in sig -inkey key.pem
+ openssl rsautl -verify -in sig -inkey key.pem
Examine the raw signed data:
- openssl rsautl -sign -in file -inkey key.pem -raw -hexdump
+ openssl rsautl -verify -in file -inkey key.pem -raw -hexdump
0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................
The certificate public key can be extracted with:
- openssl x509 -in test/testx509.pem -pubout -noout >pubkey.pem
+ openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem
The signature can be analysed with: