Sample code for 30+ languages & platforms
SQL Server

Duplicate openssl rsautl -verify -inkey pubKey.pem -pubin -in rsautl.sig -out originalFile.dat

See more OpenSSL Examples

Demonstrates how to duplicate this OpenSSL command:
openssl rsautl -verify -inkey pubKey.pem -pubin -in rsautl.sig -out originalFile.dat
The signature file contains the contents of the original data, and the original data is output to "originalFile.dat".

The openssl rsautl command signs the data directly, and therefore the maximum amount of data that can signed is very small. (To sign any amount of data, use openssl dgst -sign.) The maximum amount of data that can be signed (with rsautl) is the key size minus the overhead for the padding. The overhead size depends on the padding. With OAEP padding, the overhead is 42 bytes. With the default PKCSv1.5 padding, the overhead is 11 bytes.

Given a 2048-bit RSA key (256 bytes) and using PKCSv1.5 padding, the max data size that can be signed is 256 - 11 = 245 bytes.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @pubKey int
    EXEC @hr = sp_OACreate 'Chilkat.PublicKey', @pubKey OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    -- Load the public key from an PEM file:
    EXEC sp_OAMethod @pubKey, 'LoadFromFile', @success OUT, 'pubKey.pem'
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @pubKey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @pubKey
        RETURN
      END

    -- Load the signature.
    DECLARE @bd int
    EXEC @hr = sp_OACreate 'Chilkat.BinData', @bd OUT

    EXEC sp_OAMethod @bd, 'LoadFile', @success OUT, 'rsautl.sig'

    DECLARE @rsa int
    EXEC @hr = sp_OACreate 'Chilkat.Rsa', @rsa OUT

    -- Import the public key into the RSA component:
    EXEC sp_OAMethod @rsa, 'UsePublicKey', @success OUT, @pubKey
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @pubKey
        EXEC @hr = sp_OADestroy @bd
        EXEC @hr = sp_OADestroy @rsa
        RETURN
      END

    -- OpenSSL uses big-endian.
    EXEC sp_OASetProperty @rsa, 'LittleEndian', 0

    -- If the signature is verified, then the signature contents of bd
    -- are replaced with the extracted original data.
    EXEC sp_OAMethod @rsa, 'VerifyRawBd', @success OUT, @bd
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0

        PRINT 'The signature was invalid.'
        EXEC @hr = sp_OADestroy @pubKey
        EXEC @hr = sp_OADestroy @bd
        EXEC @hr = sp_OADestroy @rsa
        RETURN
      END


    PRINT 'The signature was verified.'

    -- Save the original data that was extracted from the signature:
    EXEC sp_OAMethod @bd, 'WriteFile', @success OUT, 'originalFile.dat'
    IF @success <> 1
      BEGIN

        PRINT 'Failed to save extracted data.'
        EXEC @hr = sp_OADestroy @pubKey
        EXEC @hr = sp_OADestroy @bd
        EXEC @hr = sp_OADestroy @rsa
        RETURN
      END

    EXEC @hr = sp_OADestroy @pubKey
    EXEC @hr = sp_OADestroy @bd
    EXEC @hr = sp_OADestroy @rsa


END
GO