zoukankan      html  css  js  c++  java

  • (4) openssl rsa/pkey(查看私钥、从私钥中提取公钥、查看公钥)

    openssl  rsa      是RSA对称密钥的处理工具

    openssl  pkey   是通用非对称密钥处理工具,它们用法基本一致,所以只举例说明openssl rsa。

    它们的用法很简单,基本上就是输入和输出私钥或公钥的作用,或从私钥中提取出公钥,将文件中私钥或公钥的某部分内容输出到stdout

    openssl   rsa      [-in filename]   [-passin arg]    [-passout arg]   [-out filename]     [-des|-des3|-idea]   [-text] [-noout] [-pubin] [-pubout] [-check]

    openssl   pkey    [-in filename]  [-passin arg]    [-passout arg]   [-out filename]      [-cipher]                  [-text] [-noout] [-pubin] [-pubout]

     

    【openssl rsa选项说明:】

    -in filename :指定密钥输入文件。默认读取的是私钥指定"-pubin"选项将表示读取公钥。将从该文件读取密钥,不指定时将从stdin读取。
    -pubin       :读取公钥内容,即从"-in filename"的filename中读取公钥,所以filename必须为公钥文件
    不指定该选项时,默认是从filename中读取私钥。公钥文件可以通过文件中的公钥标识符
             :"-----BEGIN PUBLIC KEY-----"和"-----END PUBLIC KEY-----"来辨别。

    -out filename:默认情况下,使用openssl rsa将文件中公钥或私钥读取出来显示到stdout,使用该选项将读取的内容输出到指定的文件中
    读取的是私钥输出的是私钥或公钥(若使用-putout选项从私钥中提取公钥),读取的是公钥输出的一定是公钥
                   若不指定该选项,默认输出到stdout
    
-pubout      :从私钥中提取公钥,即从"-in filename"指定的私钥中提取公钥并输出,此时-in filename中的filename必须是私钥文件。
             :当设置了"-pubin"时,默认也设置了"-pubout"。
             :私钥文件可以通过文件中的私钥标识符"-----BEGIN PRIVATE KEY-----"和"-----END PRIVATE KEY-----"来辨别。
    
-noout       :控制不输出任何密钥信息。
-text        :转换输入和输出的密钥文件格式为纯文本格式。
-check       :检查RSA密钥是否完整未被修改过,只能检测私钥,因为公钥来源于私钥。因此选项"-in filename"的filename文件只能是私钥文件。

    -des|-des3|-idea:加密输出文件,使得每次读取输出文件时都需要提供密码。
-passin arg  :传递解密密钥文件的密码。密码格式见https://www.cnblogs.com/liliyang/p/9738929.html
    -passout arg :指定加密输出文件的密码。
    
【openssl pkey选项说明:】
-cipher:等价于openssl rsa的"-des|-des3|-idea",例如"-cipher des3"

     示例:

    (1).创建一个rsa私钥文件genrsa.pri,然后从中提取rsa公钥到rsa.pub文件中

     

    [root@docker121 ssl]# openssl  genrsa -out private.pem 1024              #生成不加密的私钥
Generating RSA private key, 1024 bit long modulus
.........++++++
....++++++
e is 65537 (0x10001)
[root@docker121 ssl]# ll
total 4
-rw-r--r-- 1 root root 887 Oct  3 22:41 private.pem
[root@docker121 ssl]# cat private.pem                       #查看私钥内容
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----
[root@docker121 ssl]# openssl  rsa -in private.pem              #读取私钥的内容
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

    [root@docker121 ssl]# openssl rsa -in private.pem -text            #以纯文本格式输出私钥内容
    Private-Key: (1024 bit)
    modulus:
    00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
    a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
    3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
    4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
    35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
    ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
    09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
    59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
    f4:d3:74:e7:84:51:31:e9:15
    publicExponent: 65537 (0x10001)
    privateExponent:
    75:dd:61:55:18:81:6a:fa:ff:3a:21:d6:25:c3:b1:
    59:57:21:be:5a:2b:c8:7f:9c:94:c0:47:0f:ea:0b:
    06:fd:53:fa:5d:92:ca:77:1f:4d:f6:84:19:c1:a7:
    fb:7d:11:e3:be:3d:7a:37:6d:a2:6c:a2:4f:1d:a1:
    21:b3:09:f9:4c:1c:0b:4f:3e:fa:82:13:85:02:42:
    18:60:cb:6f:e3:e0:a5:54:2a:c3:26:b5:39:12:cf:
    46:7d:b3:d6:f2:2e:1e:aa:f1:76:f5:bc:9b:17:f1:
    25:9c:59:15:e0:96:7e:55:59:14:46:15:62:a1:f9:
    2a:1d:b9:0a:90:a8:25:7d
    prime1:
    00:df:a1:2c:95:d1:f6:e5:1c:37:89:a1:d6:14:49:
    0e:9b:9d:2c:ec:1d:be:bd:b4:de:bb:0f:57:cc:65:
    30:a3:28:89:7e:a7:31:1b:d0:b0:52:30:85:db:01:
    a8:97:e2:11:20:71:b3:47:e8:66:8c:ec:d4:9b:b6:
    ee:7d:85:26:87
    prime2:
    00:c2:a5:ac:a9:80:7d:53:97:f4:e8:dc:60:b2:90:
    6e:7b:9b:91:87:ab:95:91:61:b9:f2:34:b3:6d:bc:
    fa:9e:e7:9b:b0:a6:54:8b:cf:b3:7c:d8:3a:77:ce:
    23:10:68:60:33:08:d3:7a:b4:fd:eb:63:20:7d:b0:
    d1:47:91:be:83
    exponent1:
    45:fb:6d:35:71:60:7f:30:46:5d:06:cd:34:c9:ec:
    0d:5c:b1:7b:2e:8f:cb:54:37:c3:78:38:b4:99:12:
    10:6d:16:22:11:76:37:cb:25:f2:82:86:d1:13:82:
    cc:0d:0d:e9:06:4b:e1:7b:e3:e3:c4:15:80:a9:4d:
    96:f0:3d:2f
    exponent2:
    13:77:f4:b4:23:78:e5:92:8e:59:78:29:67:d2:d0:
    6a:26:9e:40:be:a5:c0:1b:d1:38:6b:93:02:c7:e3:
    1d:5f:b7:0f:cd:23:29:b4:c5:94:18:20:88:f9:22:
    42:b2:dd:e4:5c:de:a2:28:56:39:63:f9:cc:f8:91:
    86:22:0a:b7
    coefficient:
    00:95:69:1f:82:34:21:ac:6c:f8:b8:06:b4:46:dd:
    79:e4:b0:0a:32:20:cf:21:48:3b:1b:fe:34:60:b2:
    f5:d9:a9:e0:8a:23:74:43:2e:cc:09:99:dc:54:d2:
    df:3a:5b:c4:0d:b3:4b:88:95:a8:3f:85:d9:4f:f4:
    cf:16:55:da:7c
    writing RSA key
    -----BEGIN RSA PRIVATE KEY-----
    MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
    uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
    YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
    AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
    +30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
    1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
    odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
    tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
    fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
    y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
    tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
    oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
    4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
    -----END RSA PRIVATE KEY-----
    [root@docker121 ssl]# openssl rsa -in private.pem -text -noout           #不输出私钥内容
    Private-Key: (1024 bit)
    modulus:
    00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
    a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
    3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
    4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
    35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
    ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
    09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
    59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
    f4:d3:74:e7:84:51:31:e9:15
    publicExponent: 65537 (0x10001)
    privateExponent:
    75:dd:61:55:18:81:6a:fa:ff:3a:21:d6:25:c3:b1:
    59:57:21:be:5a:2b:c8:7f:9c:94:c0:47:0f:ea:0b:
    06:fd:53:fa:5d:92:ca:77:1f:4d:f6:84:19:c1:a7:
    fb:7d:11:e3:be:3d:7a:37:6d:a2:6c:a2:4f:1d:a1:
    21:b3:09:f9:4c:1c:0b:4f:3e:fa:82:13:85:02:42:
    18:60:cb:6f:e3:e0:a5:54:2a:c3:26:b5:39:12:cf:
    46:7d:b3:d6:f2:2e:1e:aa:f1:76:f5:bc:9b:17:f1:
    25:9c:59:15:e0:96:7e:55:59:14:46:15:62:a1:f9:
    2a:1d:b9:0a:90:a8:25:7d
    prime1:
    00:df:a1:2c:95:d1:f6:e5:1c:37:89:a1:d6:14:49:
    0e:9b:9d:2c:ec:1d:be:bd:b4:de:bb:0f:57:cc:65:
    30:a3:28:89:7e:a7:31:1b:d0:b0:52:30:85:db:01:
    a8:97:e2:11:20:71:b3:47:e8:66:8c:ec:d4:9b:b6:
    ee:7d:85:26:87
    prime2:
    00:c2:a5:ac:a9:80:7d:53:97:f4:e8:dc:60:b2:90:
    6e:7b:9b:91:87:ab:95:91:61:b9:f2:34:b3:6d:bc:
    fa:9e:e7:9b:b0:a6:54:8b:cf:b3:7c:d8:3a:77:ce:
    23:10:68:60:33:08:d3:7a:b4:fd:eb:63:20:7d:b0:
    d1:47:91:be:83
    exponent1:
    45:fb:6d:35:71:60:7f:30:46:5d:06:cd:34:c9:ec:
    0d:5c:b1:7b:2e:8f:cb:54:37:c3:78:38:b4:99:12:
    10:6d:16:22:11:76:37:cb:25:f2:82:86:d1:13:82:
    cc:0d:0d:e9:06:4b:e1:7b:e3:e3:c4:15:80:a9:4d:
    96:f0:3d:2f
    exponent2:
    13:77:f4:b4:23:78:e5:92:8e:59:78:29:67:d2:d0:
    6a:26:9e:40:be:a5:c0:1b:d1:38:6b:93:02:c7:e3:
    1d:5f:b7:0f:cd:23:29:b4:c5:94:18:20:88:f9:22:
    42:b2:dd:e4:5c:de:a2:28:56:39:63:f9:cc:f8:91:
    86:22:0a:b7
    coefficient:
    00:95:69:1f:82:34:21:ac:6c:f8:b8:06:b4:46:dd:
    79:e4:b0:0a:32:20:cf:21:48:3b:1b:fe:34:60:b2:
    f5:d9:a9:e0:8a:23:74:43:2e:cc:09:99:dc:54:d2:
    df:3a:5b:c4:0d:b3:4b:88:95:a8:3f:85:d9:4f:f4:
    cf:16:55:da:7c

    [root@docker121 ssl]# openssl rsa -in private.pem  -des3 -passout pass:123456  -out private_des.pem     #将生成私钥加密
    writing RSA key
    [root@docker121 ssl]# cat private_des.pem
    -----BEGIN RSA PRIVATE KEY-----
    Proc-Type: 4,ENCRYPTED
    DEK-Info: DES-EDE3-CBC,8DC40333E1A9554A

    T1xNHzp7eopY4GdTjH/hUpSP3S8FrW/bpe9gAaKkMedRQ2Y8TuAd2/zbj6w64C8s
    qMfYgZ/xFfD3pOE9h65C9GRNRdsc6MUrtCwypqPiZJazEYs7c8CcQgTPMvXKo+rs
    UhOoRT8E924G1qfWsfMYA7GTa/MoAs9g1gpfKPJCagsHgh+6Hfy650LdFO5zifG8
    baYroQdCZXbFD/ena9pruC4da4UQIyguJdJ/Mz/Zf3T5FWo6spKZP0LflOHq7+jc
    iBoVC4UleheFyZUxXvWcrt6mfuZ1RmPrwk1TMWRvXDPfw007QVlBWppihLoejmsc
    ObMe5nfP77CsaLvYz0TwyzG9KQ8RjJCaVUxJmsLg4tb01jaCOUfkFLBa2O9K0Y/2
    qMe6F0+ee8UBQgYslCIaOgV4jZBb1WKbbE4RispqXmn9NW0Wfxgxfa3Mr6/+0i6t
    OboGexkiWPVSw3nT9UAaIFkme1wVYkQmaNTwZC6PHHiAn0q2azaRmDm6aJ/t1HN3
    RAsMHEn/YWqMUOXaYZ9a5REE5RUFq1SMgfWFTTz/8LXq9dRaeA3dPdRw3eHE7rXd
    gsrBRaX0jUPOfYovPCcLx10/O7bNjPf+Jl2dXIYq1mvIzcCzZssHSOoJiAaKcnVe
    WAU5CCzutezlS1JwiKl6j8u05VNQjfKbgJAaX+/XAhJc3rZank0rJPWJgfw/Q8dz
    fNM/iC6qTGELg+LR0p0t9ppAyOoyKoPxNXdhabh72FBQ7VTMTpIH2eyzH9DCW1AC
    uO9//Z+NK2ETiIHF2qHXlkhVkjMd/6Je8eSb83gwTpt0aNVT4Ahojg==
    -----END RSA PRIVATE KEY-----

    [root@docker121 ssl]# openssl rsa -in private_des.pem -passin pass:123456      #读取加密的私钥
    writing RSA key
    -----BEGIN RSA PRIVATE KEY-----
    MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
    uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
    YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
    AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
    +30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
    1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
    odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
    tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
    fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
    y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
    tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
    oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
    4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
    -----END RSA PRIVATE KEY-----

     

    (2).从私钥中提取公钥

    [root@docker121 ssl]# openssl rsa -in private.pem   -pubout -out public.pem
    writing RSA key
    [root@docker121 ssl]# ll
    total 12
    -rw-r--r-- 1 root root 963 Oct 3 22:47 private_des.pem
    -rw-r--r-- 1 root root 887 Oct 3 22:41 private.pem
    -rw-r--r-- 1 root root 272 Oct 3 22:50 public.pem
    [root@docker121 ssl]# cat public.pem
    -----BEGIN PUBLIC KEY-----
    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
    hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
    5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
    VhF8j/TTdOeEUTHpFQIDAQAB
    -----END PUBLIC KEY-----

    [root@docker121 ssl]# openssl rsa  -pubin -in public.pem         #读取公钥内容
    writing RSA key
    -----BEGIN PUBLIC KEY-----
    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
    hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
    5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
    VhF8j/TTdOeEUTHpFQIDAQAB
    -----END PUBLIC KEY-----

    [root@docker121 ssl]# openssl rsa -pubin -in public.pem   -text        #以文本格式输出公钥内容
    Public-Key: (1024 bit)
    Modulus:
    00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
    a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
    3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
    4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
    35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
    ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
    09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
    59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
    f4:d3:74:e7:84:51:31:e9:15
    Exponent: 65537 (0x10001)
    writing RSA key
    -----BEGIN PUBLIC KEY-----
    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
    hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
    5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
    VhF8j/TTdOeEUTHpFQIDAQAB
    -----END PUBLIC KEY-----
    [root@docker121 ssl]# openssl rsa -pubin -in public.pem -text -noout    #不输出公钥内容
    Public-Key: (1024 bit)
    Modulus:
    00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
    a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
    3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
    4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
    35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
    ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
    09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
    59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
    f4:d3:74:e7:84:51:31:e9:15
    Exponent: 65537 (0x10001)

    [root@docker121 ssl]# openssl rsa -pubin -in public.pem -des3 -passout pass:123456 -out public_des.pem   #重新将公钥加密,貌似不生效(公钥不能加密???)
    writing RSA key
    [root@docker121 ssl]# cat public_des.pem
    -----BEGIN PUBLIC KEY-----
    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
    hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
    5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
    VhF8j/TTdOeEUTHpFQIDAQAB
    -----END PUBLIC KEY-----

    [root@docker121 ssl]# openssl rsa -pubin -in public_des.pem
    writing RSA key
    -----BEGIN PUBLIC KEY-----
    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
    hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
    5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
    VhF8j/TTdOeEUTHpFQIDAQAB
    -----END PUBLIC KEY-----

     

    (3).移除私钥文件或公钥文件的密码。只需直接输出到新文件即可

    [root@docker121 ssl]# openssl rsa -in private_des.pem -passin pass:123456
    writing RSA key
    -----BEGIN RSA PRIVATE KEY-----
    MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
    uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
    YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
    AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
    +30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
    1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
    odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
    tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
    fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
    y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
    tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
    oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
    4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
    -----END RSA PRIVATE KEY-----

    (4).check检测私钥文件的一致性,查看私钥文件被修改过。

    [root@docker121 ssl]# openssl rsa -in private.pem -check
    RSA key ok
    writing RSA key
    -----BEGIN RSA PRIVATE KEY-----
    MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
    uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
    YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
    AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
    +30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
    1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
    odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
    tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
    fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
    y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
    tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
    oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
    4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
    -----END RSA PRIVATE KEY-----

    现在随便修改下私钥文件(必须更改-----BEGIN RSA PRIVATE KEY-----和-----END RSA PRIVATE KEY-----包围的内部的内容),再检测。

    [root@docker121 ssl]# openssl rsa -in private.pem -check
    unable to load Private Key
    140606152894352:error:0906D064:PEM routines:PEM_read_bio:bad base64 decode:pem_lib.c:824:

    一般来说,openssl rsa的常用选项就只有"-in filename"、"-out filename"、"-pubout"

     

     
  • 相关阅读:
    streamsets 集成 cratedb 测试
    streamsets k8s 部署试用
    streamsets rest api 转换 graphql
    StreamSets sdc rpc 测试
    StreamSets 相关文章
    StreamSets 多线程 Pipelines
    StreamSets SDC RPC Pipelines说明
    StreamSets 管理 SDC Edge上的pipeline
    StreamSets 部署 Pipelines 到 SDC Edge
    StreamSets 设计Edge pipeline
  • 原文地址:https://www.cnblogs.com/wyzhou/p/9738964.html
Copyright © 2011-2022 走看看