Sample code for 30+ languages & platforms
PureBasic

Duplicate openssl rsautl -verify -inkey pubKey.pem -pubin -in rsautl.sig -out originalFile.dat

See more OpenSSL Examples

Demonstrates how to duplicate this OpenSSL command:
openssl rsautl -verify -inkey pubKey.pem -pubin -in rsautl.sig -out originalFile.dat
The signature file contains the contents of the original data, and the original data is output to "originalFile.dat".

The openssl rsautl command signs the data directly, and therefore the maximum amount of data that can signed is very small. (To sign any amount of data, use openssl dgst -sign.) The maximum amount of data that can be signed (with rsautl) is the key size minus the overhead for the padding. The overhead size depends on the padding. With OAEP padding, the overhead is 42 bytes. With the default PKCSv1.5 padding, the overhead is 11 bytes.

Given a 2048-bit RSA key (256 bytes) and using PKCSv1.5 padding, the max data size that can be signed is 256 - 11 = 245 bytes.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkBinData.pb"
IncludeFile "CkRsa.pb"
IncludeFile "CkPublicKey.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    pubKey.i = CkPublicKey::ckCreate()
    If pubKey.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Load the public key from an PEM file:
    success = CkPublicKey::ckLoadFromFile(pubKey,"pubKey.pem")
    If success = 0
        Debug CkPublicKey::ckLastErrorText(pubKey)
        CkPublicKey::ckDispose(pubKey)
        ProcedureReturn
    EndIf

    ; Load the signature.
    bd.i = CkBinData::ckCreate()
    If bd.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkBinData::ckLoadFile(bd,"rsautl.sig")

    rsa.i = CkRsa::ckCreate()
    If rsa.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Import the public key into the RSA component:
    success = CkRsa::ckUsePublicKey(rsa,pubKey)
    If success = 0
        Debug CkRsa::ckLastErrorText(rsa)
        CkPublicKey::ckDispose(pubKey)
        CkBinData::ckDispose(bd)
        CkRsa::ckDispose(rsa)
        ProcedureReturn
    EndIf

    ; OpenSSL uses big-endian.
    CkRsa::setCkLittleEndian(rsa, 0)

    ; If the signature is verified, then the signature contents of bd
    ; are replaced with the extracted original data.
    success = CkRsa::ckVerifyRawBd(rsa,bd)
    If success <> 1
        Debug CkRsa::ckLastErrorText(rsa)
        Debug "The signature was invalid."
        CkPublicKey::ckDispose(pubKey)
        CkBinData::ckDispose(bd)
        CkRsa::ckDispose(rsa)
        ProcedureReturn
    EndIf

    Debug "The signature was verified."

    ; Save the original data that was extracted from the signature:
    success = CkBinData::ckWriteFile(bd,"originalFile.dat")
    If success <> 1
        Debug "Failed to save extracted data."
        CkPublicKey::ckDispose(pubKey)
        CkBinData::ckDispose(bd)
        CkRsa::ckDispose(rsa)
        ProcedureReturn
    EndIf



    CkPublicKey::ckDispose(pubKey)
    CkBinData::ckDispose(bd)
    CkRsa::ckDispose(rsa)


    ProcedureReturn
EndProcedure