openssl  rsa      是RSA对称密钥的处理工具

openssl  pkey   是通用非对称密钥处理工具,它们用法基本一致,所以只举例说明openssl rsa。

它们的用法很简单,基本上就是输入和输出私钥或公钥的作用,或从私钥中提取出公钥,将文件中私钥或公钥的某部分内容输出到stdout

openssl   rsa      [-in filename]   [-passin arg]    [-passout arg]   [-out filename]     [-des|-des3|-idea]   [-text] [-noout] [-pubin] [-pubout] [-check]

openssl   pkey    [-in filename]  [-passin arg]    [-passout arg]   [-out filename]      [-cipher]                  [-text] [-noout] [-pubin] [-pubout]

【openssl rsa选项说明:】

-in filename :指定密钥输入文件。默认读取的是私钥若指定"-pubin"选项将表示读取公钥。将从该文件读取密钥,不指定时将从stdin读取。
-pubin       :读取公钥内容,即从"-in filename"的filename中读取公钥,所以filename必须为公钥文件
不指定该选项时,默认是从filename中读取私钥。公钥文件可以通过文件中的公钥标识符

             :"-----BEGIN PUBLIC KEY-----"和"-----END PUBLIC KEY-----"来辨别。

-out filename:默认情况下,使用openssl rsa将文件中公钥或私钥读取出来显示到stdout,使用该选项将读取的内容输出到指定的文件中。
读取的是私钥输出的是私钥或公钥(若使用-putout选项从私钥中提取公钥),读取的是公钥输出的一定是公钥
               若不指定该选项,默认输出到stdout

-pubout      :从私钥中提取公钥,即从"-in filename"指定的私钥中提取公钥并输出,此时-in filename中的filename必须是私钥文件

             :当设置了"-pubin"时,默认也设置了"-pubout"。

             :私钥文件可以通过文件中的私钥标识符"-----BEGIN PRIVATE KEY-----"和"-----END PRIVATE KEY-----"来辨别。

-noout       :控制不输出任何密钥信息

-text        :转换输入和输出的密钥文件格式为纯文本格式

-check       :检查RSA密钥是否完整未被修改过,只能检测私钥,因为公钥来源于私钥。因此选项"-in filename"的filename文件只能是私钥文件。


-des|-des3|-idea:加密输出文件,使得每次读取输出文件时都需要提供密码。

-passin arg  :传递解密密钥文件的密码。密码格式见https://www.cnblogs.com/liliyang/p/9738929.html
-passout arg :指定加密输出文件的密码。

【openssl pkey选项说明:】

-cipher:等价于openssl rsa的"-des|-des3|-idea",例如"-cipher des3"

示例:

(1).创建一个rsa私钥文件genrsa.pri,然后从中提取rsa公钥到rsa.pub文件中

[root@docker121 ssl]# openssl  genrsa -out private.pem 1024              #生成不加密的私钥

Generating RSA private key,  bit long modulus

.........++++++

....++++++

e is  (0x10001)

[root@docker121 ssl]# ll

total

-rw-r--r--  root root  Oct   : private.pem

[root@docker121 ssl]# cat private.pem                       #查看私钥内容

-----BEGIN RSA PRIVATE KEY-----

MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7

uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+

YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB

AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn

+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z

1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ

odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb

tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z

fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P

y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0

tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze

oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp

4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=

-----END RSA PRIVATE KEY-----

[root@docker121 ssl]# openssl  rsa -in private.pem              #读取私钥的内容

writing RSA key

-----BEGIN RSA PRIVATE KEY-----

MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7

uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+

YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB

AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn

+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z

1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ

odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb

tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z

fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P

y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0

tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze

oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp

4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=

-----END RSA PRIVATE KEY-----

[root@docker121 ssl]# openssl rsa -in private.pem -text            #以纯文本格式输出私钥内容
Private-Key: (1024 bit)
modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
publicExponent: 65537 (0x10001)
privateExponent:
75:dd:61:55:18:81:6a:fa:ff:3a:21:d6:25:c3:b1:
59:57:21:be:5a:2b:c8:7f:9c:94:c0:47:0f:ea:0b:
06:fd:53:fa:5d:92:ca:77:1f:4d:f6:84:19:c1:a7:
fb:7d:11:e3:be:3d:7a:37:6d:a2:6c:a2:4f:1d:a1:
21:b3:09:f9:4c:1c:0b:4f:3e:fa:82:13:85:02:42:
18:60:cb:6f:e3:e0:a5:54:2a:c3:26:b5:39:12:cf:
46:7d:b3:d6:f2:2e:1e:aa:f1:76:f5:bc:9b:17:f1:
25:9c:59:15:e0:96:7e:55:59:14:46:15:62:a1:f9:
2a:1d:b9:0a:90:a8:25:7d
prime1:
00:df:a1:2c:95:d1:f6:e5:1c:37:89:a1:d6:14:49:
0e:9b:9d:2c:ec:1d:be:bd:b4:de:bb:0f:57:cc:65:
30:a3:28:89:7e:a7:31:1b:d0:b0:52:30:85:db:01:
a8:97:e2:11:20:71:b3:47:e8:66:8c:ec:d4:9b:b6:
ee:7d:85:26:87
prime2:
00:c2:a5:ac:a9:80:7d:53:97:f4:e8:dc:60:b2:90:
6e:7b:9b:91:87:ab:95:91:61:b9:f2:34:b3:6d:bc:
fa:9e:e7:9b:b0:a6:54:8b:cf:b3:7c:d8:3a:77:ce:
23:10:68:60:33:08:d3:7a:b4:fd:eb:63:20:7d:b0:
d1:47:91:be:83
exponent1:
45:fb:6d:35:71:60:7f:30:46:5d:06:cd:34:c9:ec:
0d:5c:b1:7b:2e:8f:cb:54:37:c3:78:38:b4:99:12:
10:6d:16:22:11:76:37:cb:25:f2:82:86:d1:13:82:
cc:0d:0d:e9:06:4b:e1:7b:e3:e3:c4:15:80:a9:4d:
96:f0:3d:2f
exponent2:
13:77:f4:b4:23:78:e5:92:8e:59:78:29:67:d2:d0:
6a:26:9e:40:be:a5:c0:1b:d1:38:6b:93:02:c7:e3:
1d:5f:b7:0f:cd:23:29:b4:c5:94:18:20:88:f9:22:
42:b2:dd:e4:5c:de:a2:28:56:39:63:f9:cc:f8:91:
86:22:0a:b7
coefficient:
00:95:69:1f:82:34:21:ac:6c:f8:b8:06:b4:46:dd:
79:e4:b0:0a:32:20:cf:21:48:3b:1b:fe:34:60:b2:
f5:d9:a9:e0:8a:23:74:43:2e:cc:09:99:dc:54:d2:
df:3a:5b:c4:0d:b3:4b:88:95:a8:3f:85:d9:4f:f4:
cf:16:55:da:7c
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----
[root@docker121 ssl]# openssl rsa -in private.pem -text -noout           #不输出私钥内容
Private-Key: (1024 bit)
modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
publicExponent: 65537 (0x10001)
privateExponent:
75:dd:61:55:18:81:6a:fa:ff:3a:21:d6:25:c3:b1:
59:57:21:be:5a:2b:c8:7f:9c:94:c0:47:0f:ea:0b:
06:fd:53:fa:5d:92:ca:77:1f:4d:f6:84:19:c1:a7:
fb:7d:11:e3:be:3d:7a:37:6d:a2:6c:a2:4f:1d:a1:
21:b3:09:f9:4c:1c:0b:4f:3e:fa:82:13:85:02:42:
18:60:cb:6f:e3:e0:a5:54:2a:c3:26:b5:39:12:cf:
46:7d:b3:d6:f2:2e:1e:aa:f1:76:f5:bc:9b:17:f1:
25:9c:59:15:e0:96:7e:55:59:14:46:15:62:a1:f9:
2a:1d:b9:0a:90:a8:25:7d
prime1:
00:df:a1:2c:95:d1:f6:e5:1c:37:89:a1:d6:14:49:
0e:9b:9d:2c:ec:1d:be:bd:b4:de:bb:0f:57:cc:65:
30:a3:28:89:7e:a7:31:1b:d0:b0:52:30:85:db:01:
a8:97:e2:11:20:71:b3:47:e8:66:8c:ec:d4:9b:b6:
ee:7d:85:26:87
prime2:
00:c2:a5:ac:a9:80:7d:53:97:f4:e8:dc:60:b2:90:
6e:7b:9b:91:87:ab:95:91:61:b9:f2:34:b3:6d:bc:
fa:9e:e7:9b:b0:a6:54:8b:cf:b3:7c:d8:3a:77:ce:
23:10:68:60:33:08:d3:7a:b4:fd:eb:63:20:7d:b0:
d1:47:91:be:83
exponent1:
45:fb:6d:35:71:60:7f:30:46:5d:06:cd:34:c9:ec:
0d:5c:b1:7b:2e:8f:cb:54:37:c3:78:38:b4:99:12:
10:6d:16:22:11:76:37:cb:25:f2:82:86:d1:13:82:
cc:0d:0d:e9:06:4b:e1:7b:e3:e3:c4:15:80:a9:4d:
96:f0:3d:2f
exponent2:
13:77:f4:b4:23:78:e5:92:8e:59:78:29:67:d2:d0:
6a:26:9e:40:be:a5:c0:1b:d1:38:6b:93:02:c7:e3:
1d:5f:b7:0f:cd:23:29:b4:c5:94:18:20:88:f9:22:
42:b2:dd:e4:5c:de:a2:28:56:39:63:f9:cc:f8:91:
86:22:0a:b7
coefficient:
00:95:69:1f:82:34:21:ac:6c:f8:b8:06:b4:46:dd:
79:e4:b0:0a:32:20:cf:21:48:3b:1b:fe:34:60:b2:
f5:d9:a9:e0:8a:23:74:43:2e:cc:09:99:dc:54:d2:
df:3a:5b:c4:0d:b3:4b:88:95:a8:3f:85:d9:4f:f4:
cf:16:55:da:7c

[root@docker121 ssl]# openssl rsa -in private.pem  -des3 -passout pass:123456  -out private_des.pem     #将生成私钥加密
writing RSA key
[root@docker121 ssl]# cat private_des.pem
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,8DC40333E1A9554A

T1xNHzp7eopY4GdTjH/hUpSP3S8FrW/bpe9gAaKkMedRQ2Y8TuAd2/zbj6w64C8s
qMfYgZ/xFfD3pOE9h65C9GRNRdsc6MUrtCwypqPiZJazEYs7c8CcQgTPMvXKo+rs
UhOoRT8E924G1qfWsfMYA7GTa/MoAs9g1gpfKPJCagsHgh+6Hfy650LdFO5zifG8
baYroQdCZXbFD/ena9pruC4da4UQIyguJdJ/Mz/Zf3T5FWo6spKZP0LflOHq7+jc
iBoVC4UleheFyZUxXvWcrt6mfuZ1RmPrwk1TMWRvXDPfw007QVlBWppihLoejmsc
ObMe5nfP77CsaLvYz0TwyzG9KQ8RjJCaVUxJmsLg4tb01jaCOUfkFLBa2O9K0Y/2
qMe6F0+ee8UBQgYslCIaOgV4jZBb1WKbbE4RispqXmn9NW0Wfxgxfa3Mr6/+0i6t
OboGexkiWPVSw3nT9UAaIFkme1wVYkQmaNTwZC6PHHiAn0q2azaRmDm6aJ/t1HN3
RAsMHEn/YWqMUOXaYZ9a5REE5RUFq1SMgfWFTTz/8LXq9dRaeA3dPdRw3eHE7rXd
gsrBRaX0jUPOfYovPCcLx10/O7bNjPf+Jl2dXIYq1mvIzcCzZssHSOoJiAaKcnVe
WAU5CCzutezlS1JwiKl6j8u05VNQjfKbgJAaX+/XAhJc3rZank0rJPWJgfw/Q8dz
fNM/iC6qTGELg+LR0p0t9ppAyOoyKoPxNXdhabh72FBQ7VTMTpIH2eyzH9DCW1AC
uO9//Z+NK2ETiIHF2qHXlkhVkjMd/6Je8eSb83gwTpt0aNVT4Ahojg==
-----END RSA PRIVATE KEY-----

[root@docker121 ssl]# openssl rsa -in private_des.pem -passin pass:123456      #读取加密的私钥
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

(2).从私钥中提取公钥

[root@docker121 ssl]# openssl rsa -in private.pem   -pubout -out public.pem
writing RSA key
[root@docker121 ssl]# ll
total 12
-rw-r--r-- 1 root root 963 Oct 3 22:47 private_des.pem
-rw-r--r-- 1 root root 887 Oct 3 22:41 private.pem
-rw-r--r-- 1 root root 272 Oct 3 22:50 public.pem
[root@docker121 ssl]# cat public.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

[root@docker121 ssl]# openssl rsa  -pubin -in public.pem         #读取公钥内容
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

[root@docker121 ssl]# openssl rsa -pubin -in public.pem   -text        #以文本格式输出公钥内容
Public-Key: (1024 bit)
Modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
Exponent: 65537 (0x10001)
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----
[root@docker121 ssl]# openssl rsa -pubin -in public.pem -text -noout    #不输出公钥内容
Public-Key: (1024 bit)
Modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
Exponent: 65537 (0x10001)

[root@docker121 ssl]# openssl rsa -pubin -in public.pem -des3 -passout pass:123456 -out public_des.pem   #重新将公钥加密,貌似不生效(公钥不能加密???)
writing RSA key
[root@docker121 ssl]# cat public_des.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

[root@docker121 ssl]# openssl rsa -pubin -in public_des.pem
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

(3).移除私钥文件或公钥文件的密码。只需直接输出到新文件即可

[root@docker121 ssl]# openssl rsa -in private_des.pem -passin pass:123456
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

(4).check检测私钥文件的一致性,查看私钥文件被修改过。

[root@docker121 ssl]# openssl rsa -in private.pem -check
RSA key ok
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

现在随便修改下私钥文件(必须更改-----BEGIN RSA PRIVATE KEY-----和-----END RSA PRIVATE KEY-----包围的内部的内容),再检测。

[root@docker121 ssl]# openssl rsa -in private.pem -check
unable to load Private Key
140606152894352:error:0906D064:PEM routines:PEM_read_bio:bad base64 decode:pem_lib.c:824:

一般来说,openssl rsa的常用选项就只有"-in filename"、"-out filename"、"-pubout"

(4) openssl rsa/pkey(查看私钥、从私钥中提取公钥、查看公钥)的更多相关文章

  1. 2.openssl rsa/pkey

    分别是RSA密钥的处理工具和通用非对称密钥处理工具.它们用法基本一致,所以只介绍openssl rsa. [root@xuexi tmp]# man rsa NAME rsa - RSA key pr ...

  2. openssl rsa/pkey

    openssl系列文章:http://www.cnblogs.com/f-ck-need-u/p/7048359.html openssl rsa和openssl pkey分别是RSA密钥的处理工具和 ...

  3. PHP使用OPENSSL RSA加密解密数据

    加密数据有很多种方法,今天我们来看一下OPENSSL RSA的加密办法. 1.首先得安装php的openssl扩展 php -m | grep openssl 执行以上命令,确保已经安装了openss ...

  4. (11) openssl req(生成请求证书、私钥和自建CA)

    伪命令req大致有3个功能:生成证书请求文件.验证证书请求文件和创建根CA. 由于openssl req命令选项较多,所以先各举几个例子,再集中给出openssl req的选项说明.若已熟悉opens ...

  5. java验证openssl生成的ssl证书和私钥是否匹配

    最近有一个需求上传ssl证书和私钥,但是上传之前需要验证ssl证书和私钥是否正确,其中的业务逻辑涉及到以下几点: 一.读取ssl证书,读取ssl证书公钥       要实现该功能比较简单,java里面 ...

  6. 通过OpenSSL来生成PEM格式的私钥、PKCS8格式的私钥、公钥|pfx格式的私钥、cer格式的公钥

    1.生成PEM格式RSA私钥 不对输出的文件内容进行加密 openssl genrsa -out private-rsa.key 对输出的文件内容进行加密(DES/AES128/AES256等) op ...

  7. 【RSA】在 ASP.NET Core中结合web前端JsEncrypt.JS使用公钥加密,.NET Core使用私钥解密;

    有一个需求,前端web使用的是JsEncrypt把后端给的公钥对密码进行加密,然后后端对其进行解密: 使用的类库如下: 后端使用第三方开源类库Bouncy Castle进行RSA的加解密和生成PEM格 ...

  8. RSA公钥加密-私钥解密/私钥加密-公钥解密

    package com.tebon.ams.util;import org.apache.commons.codec.binary.Base64;import org.apache.log4j.Log ...

  9. openssl数字证书私钥删除私钥密码

    解密 openssl rsa -in server.key.org -out server.key

随机推荐

  1. 推荐一个比较专业的EasyUI中文网

    jQuery EasyUI中文网:http://www.jeasyui.cn,对EasyUI官网的完全整理翻译! 一个基于EasyUI构建的强大前端框架:TopJUI前端框架 致力于打造既美观实用又能 ...

  2. Swift dynamic关键字

    使用dynamic关键字标记属性,使属性启用Objc的动态转发功能: dynamic只用于类,不能用于结构体和枚举,因为它们没有继承机制,而Objc的动态转发就是根据继承关系来实现转发. 参考资料: ...

  3. _bzoj1911 [Apio2010]特别行动队【斜率优化dp】

    传送门:http://www.lydsy.com/JudgeOnline/problem.php?id=1911 裸的斜率优化dp. #include <cstdio> const int ...

  4. 求n的因子个数与其因子数之和

    方法一:朴素算法:O(n). #include<bits/stdc++.h> using namespace std; int get_num(int n){ ; ;i<=n;++i ...

  5. web简单的整体测试

    网站性能压力测试是性能调优过程中必不可少的一环.只有让服务器处在高压情况下才能真正体现出各种设置所暴露的问题 ab测试 ab命令会创建很多的并发访问线程,模拟多个访问者同时对某一URL地址进行访问.它 ...

  6. RHEL 6.5----SCSI存储

    主机名 IP master 192.168.30.130 node-1 192.168.30.131 node-2 192.168.30.132 安装并启动 [root@master ~]# ll / ...

  7. LN : leetcode 746 Min Cost Climbing Stairs

    lc 746 Min Cost Climbing Stairs 746 Min Cost Climbing Stairs On a staircase, the i-th step has some ...

  8. re匹配语法-match、search和findall

    1.re.match() 匹配第一个值 列表里的值可以有多个范围,有一个符合就可以. match只匹配第一个值,所以列表里的范围是第一个值得取值范围.如果第一个值被设定好且存在,那么列表的取值范围变为 ...

  9. CF782B The Meeting Place Cannot Be Changed

    题意: The main road in Bytecity is a straight line from south to north. Conveniently, there are coordi ...

  10. canvas基础绘制-一个小球的坠落、反弹

    效果如图: html: <!DOCTYPE html> <html lang="en"> <head> <meta charset=&qu ...