How to use -pubin with openssl (from libressl)?

Question

https://www.keycdn.com/blog/openssl-tutorial

The following text from the above page does not make sense to me.

If that file doesn't also include the private key, you must indicate so using -pubin

The text before it should refers to private key instead of public key.

The <key.pem> is the file containing the public key. 

The following commands are what I figured out.

openssl genrsa -out key.pem 1024
echo 'Hello World!' > input.txt
openssl pkeyutl -encrypt -in input.txt -inkey key.pem -out output.txt
openssl pkeyutl -decrypt -in output.txt -inkey key.pem -out output_decypt.txt

Could anybody show me some working examples on how to use -pubin? Thanks.

$ openssl version -a
LibreSSL 3.2.3
built on: date not available
platform: information not available
options:  bn(64,64) rc4(16x,int) des(idx,cisc,16,int) idea(int) blowfish(idx) 
compiler: information not available
OPENSSLDIR: "/usr/local/etc/libressl"

Answer 1

Meta: this isn't a programming question or problem, and although there are past questions on openssl commandline the community has gotten stricter about topicality in the last few years. I don't feel strongly either way, but if the consensus is to close I will delete this.

OpenSSL (and its fork LibreSSL, which should be considered included in all my references from now on) supports both 'private key' files (which actually contain a key pair -- private and public, and must be kept private) and 'public key' files which contain only the public key (and therefore can be made public). pkeyutl (and also legacy rsautl) supports both of these and also (X.509v3) certificate files; a certificate contains a public key but is not the same as a public key, nor in the same format.

There are actually several variants of private key files supported by OpenSSL; the difference between them doesn't matter as long as you use OpenSSL, but may when you want to interface to or interoperate with other software. Certificate files (both PEM and DER) in particular are supported by nearly all software that does X.509-style asymmetric cryptography. (That excludes things doing PGP, SSH, Signal, etc.) Support for separate public-key files is less common, and while many things support some kind of private-key file it isn't always the same as one of OpenSSL's kinds.

All three of these file types can be in PEM format or 'DER' format. (Technically the data is ASN.1-DER encoded in both cases, but a 'DER' file is just DER, while a PEM file is PEM wrapping -- base64 with linebreaks and header/trailer lines -- around DER.) Private key files additionally can be encrypted (with a password) or not; public key and certificate files are never encrypted.

Decryption and signing require the private key and are thus limited to the key 'owner'. Encryption and verifying only need the public key, which is some systems always uses the certificate, but OpenSSL has more options.

openssl genrsa 2048 >private.pem 
# writes a private key, by default in PEM, but you can specify -outform DER
# if you add a cipher option like -aes128 or -des3 it is encrypted, else not
# or
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 >private.pem
# ditto
# PS: 1024-bit RSA, although not actually broken yet, since 2014 
# is not considered to provide adequate safety for most purposes

openssl rsa <private.pem -pubout >public.pem 
# writes a public key file, again by default in PEM
# or
openssl pkey <private.pem -pubout >public.pem 

openssl req -new -x509 -key private.pem -subj "/C=XX/ST=Utopia/O=Chaotic/CN=ReallyME" >cert.pem
# creates a self-signed certificate _containing_ (and signed by) this keypair 
# with specified name, and defaults for other parameters;
# there are lots more options, see the man page or many existing Qs.
# Self-signed cert is mostly useful for test and debug, but not trusted in production; 
# for a real cert you need to apply to a suitable Certificate Authority 
# which is more complicated, and much more variegated, than I can fit here.

openssl pkeyutl -encrypt <data -inkey private.pem >encrypted
openssl pkeyutl -encrypt <data -pubin -inkey public.pem >encrypted
openssl pkeyutl -encrypt <data -certin -inkey cert.pem >encrypted
openssl pkeyutl -decrypt <encrypted -inkey private.pem >decrypted 

openssl sha256 <data -sign private.pem >sig
# this form supports only private key file
openssl sha256 <data -verify public.pem -signature sig
openssl sha256 <data -prverify private.pem -signature sig 
# and this form supports only key files but not cert

openssl sha256 <data -binary | pkeyutl -sign -inkey private.pem -pkeyopt digest:sha256 >sig
openssl sha256 <data -binary | pkeyutl -verify -inkey private.pem -pkeyopt digest:sha256 -sigfile sig 
openssl sha256 <data -binary | pkeyutl -verify -pubin -inkey public.pem -pkeyopt digest:sha256 -sigfile sig 
openssl sha256 <data -binary | pkeyutl -verify -certin -inkey cert.pem -pkeyopt digest:sha256 -sigfile sig 

# end