Sample code for 30+ languages & platforms
DataFlex

Duplicate openssl rsautl -verify -inkey pubKey.pem -pubin -in rsautl.sig -out originalFile.dat

See more OpenSSL Examples

Demonstrates how to duplicate this OpenSSL command:
openssl rsautl -verify -inkey pubKey.pem -pubin -in rsautl.sig -out originalFile.dat
The signature file contains the contents of the original data, and the original data is output to "originalFile.dat".

The openssl rsautl command signs the data directly, and therefore the maximum amount of data that can signed is very small. (To sign any amount of data, use openssl dgst -sign.) The maximum amount of data that can be signed (with rsautl) is the key size minus the overhead for the padding. The overhead size depends on the padding. With OAEP padding, the overhead is 42 bytes. With the default PKCSv1.5 padding, the overhead is 11 bytes.

Given a 2048-bit RSA key (256 bytes) and using PKCSv1.5 padding, the max data size that can be signed is 256 - 11 = 245 bytes.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Variant vPubKey
    Handle hoPubKey
    Variant vBd
    Handle hoBd
    Handle hoRsa
    String sTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatPublicKey)) To hoPubKey
    If (Not(IsComObjectCreated(hoPubKey))) Begin
        Send CreateComObject of hoPubKey
    End

    // Load the public key from an PEM file:
    Get ComLoadFromFile Of hoPubKey "pubKey.pem" To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoPubKey To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Load the signature.
    Get Create (RefClass(cComChilkatBinData)) To hoBd
    If (Not(IsComObjectCreated(hoBd))) Begin
        Send CreateComObject of hoBd
    End
    Get ComLoadFile Of hoBd "rsautl.sig" To iSuccess

    Get Create (RefClass(cComChilkatRsa)) To hoRsa
    If (Not(IsComObjectCreated(hoRsa))) Begin
        Send CreateComObject of hoRsa
    End

    // Import the public key into the RSA component:
    Get pvComObject of hoPubKey to vPubKey
    Get ComUsePublicKey Of hoRsa vPubKey To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoRsa To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // OpenSSL uses big-endian.
    Set ComLittleEndian Of hoRsa To False

    // If the signature is verified, then the signature contents of bd
    // are replaced with the extracted original data.
    Get pvComObject of hoBd to vBd
    Get ComVerifyRawBd Of hoRsa vBd To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoRsa To sTemp1
        Showln sTemp1
        Showln "The signature was invalid."
        Procedure_Return
    End

    Showln "The signature was verified."

    // Save the original data that was extracted from the signature:
    Get ComWriteFile Of hoBd "originalFile.dat" To iSuccess
    If (iSuccess <> True) Begin
        Showln "Failed to save extracted data."
        Procedure_Return
    End



End_Procedure