If you mean the RSA-PSS scheme that was added in PKCS#1 v2.1, that isn't supported by rsautl.
Try pkeyutl with -pkeyopt rsa_padding_mode:pss . Remember that the PKCS#1 v2.1 standard still includes the original (v1_5) and OAEP schemes which rsautl does support. The man page and usage message for rsautl both say the default is -pkcs meaning the v1_5 scheme. From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Ameet Lann Sent: Thursday, November 07, 2013 10:14 To: 'openssl-users@openssl.org' Subject: *** Spam *** How do I sign an input using the V2.1 and not V1.5 version Hi, We are trying to work with the openssl with the v2.1 and not the v1.5 from the command line. But it is not documented anywhere how to tell the openssl to work with one version or the other. For example we run the command: openssl rsautl -sign in sha256.bin -out signature.bin -inkey my_key.pem But we have no idea what version is used in doing this operation. So can you help us. Best regards, Ameet Lann
