openssl  rsa      是RSA对称密钥的处理工具

openssl  pkey   是通用非对称密钥处理工具,它们用法基本一致,所以只举例说明openssl rsa。

它们的用法很简单,基本上就是输入和输出私钥或公钥的作用,或从私钥中提取出公钥,将文件中私钥或公钥的某部分内容输出到stdout

openssl   rsa      [-in filename]   [-passin arg]    [-passout arg]   [-out filename]     [-des|-des3|-idea]   [-text] [-noout] [-pubin] [-pubout] [-check]

openssl   pkey    [-in filename]  [-passin arg]    [-passout arg]   [-out filename]      [-cipher]                  [-text] [-noout] [-pubin] [-pubout]

【openssl rsa选项说明:】

-in filename :指定密钥输入文件。默认读取的是私钥若指定"-pubin"选项将表示读取公钥。将从该文件读取密钥,不指定时将从stdin读取。
-pubin       :读取公钥内容,即从"-in filename"的filename中读取公钥,所以filename必须为公钥文件
不指定该选项时,默认是从filename中读取私钥。公钥文件可以通过文件中的公钥标识符

             :"-----BEGIN PUBLIC KEY-----"和"-----END PUBLIC KEY-----"来辨别。

-out filename:默认情况下,使用openssl rsa将文件中公钥或私钥读取出来显示到stdout,使用该选项将读取的内容输出到指定的文件中。
读取的是私钥输出的是私钥或公钥(若使用-putout选项从私钥中提取公钥),读取的是公钥输出的一定是公钥
               若不指定该选项,默认输出到stdout

-pubout      :从私钥中提取公钥,即从"-in filename"指定的私钥中提取公钥并输出,此时-in filename中的filename必须是私钥文件

             :当设置了"-pubin"时,默认也设置了"-pubout"。

             :私钥文件可以通过文件中的私钥标识符"-----BEGIN PRIVATE KEY-----"和"-----END PRIVATE KEY-----"来辨别。

-noout       :控制不输出任何密钥信息

-text        :转换输入和输出的密钥文件格式为纯文本格式

-check       :检查RSA密钥是否完整未被修改过,只能检测私钥,因为公钥来源于私钥。因此选项"-in filename"的filename文件只能是私钥文件。


-des|-des3|-idea:加密输出文件,使得每次读取输出文件时都需要提供密码。

-passin arg  :传递解密密钥文件的密码。密码格式见https://www.cnblogs.com/liliyang/p/9738929.html
-passout arg :指定加密输出文件的密码。

【openssl pkey选项说明:】

-cipher:等价于openssl rsa的"-des|-des3|-idea",例如"-cipher des3"

示例:

(1).创建一个rsa私钥文件genrsa.pri,然后从中提取rsa公钥到rsa.pub文件中

[root@docker121 ssl]# openssl  genrsa -out private.pem 1024              #生成不加密的私钥

Generating RSA private key,  bit long modulus

.........++++++

....++++++

e is  (0x10001)

[root@docker121 ssl]# ll

total

-rw-r--r--  root root  Oct   : private.pem

[root@docker121 ssl]# cat private.pem                       #查看私钥内容

-----BEGIN RSA PRIVATE KEY-----

MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7

uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+

YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB

AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn

+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z

1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ

odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb

tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z

fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P

y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0

tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze

oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp

4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=

-----END RSA PRIVATE KEY-----

[root@docker121 ssl]# openssl  rsa -in private.pem              #读取私钥的内容

writing RSA key

-----BEGIN RSA PRIVATE KEY-----

MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7

uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+

YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB

AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn

+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z

1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ

odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb

tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z

fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P

y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0

tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze

oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp

4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=

-----END RSA PRIVATE KEY-----

[root@docker121 ssl]# openssl rsa -in private.pem -text            #以纯文本格式输出私钥内容
Private-Key: (1024 bit)
modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
publicExponent: 65537 (0x10001)
privateExponent:
75:dd:61:55:18:81:6a:fa:ff:3a:21:d6:25:c3:b1:
59:57:21:be:5a:2b:c8:7f:9c:94:c0:47:0f:ea:0b:
06:fd:53:fa:5d:92:ca:77:1f:4d:f6:84:19:c1:a7:
fb:7d:11:e3:be:3d:7a:37:6d:a2:6c:a2:4f:1d:a1:
21:b3:09:f9:4c:1c:0b:4f:3e:fa:82:13:85:02:42:
18:60:cb:6f:e3:e0:a5:54:2a:c3:26:b5:39:12:cf:
46:7d:b3:d6:f2:2e:1e:aa:f1:76:f5:bc:9b:17:f1:
25:9c:59:15:e0:96:7e:55:59:14:46:15:62:a1:f9:
2a:1d:b9:0a:90:a8:25:7d
prime1:
00:df:a1:2c:95:d1:f6:e5:1c:37:89:a1:d6:14:49:
0e:9b:9d:2c:ec:1d:be:bd:b4:de:bb:0f:57:cc:65:
30:a3:28:89:7e:a7:31:1b:d0:b0:52:30:85:db:01:
a8:97:e2:11:20:71:b3:47:e8:66:8c:ec:d4:9b:b6:
ee:7d:85:26:87
prime2:
00:c2:a5:ac:a9:80:7d:53:97:f4:e8:dc:60:b2:90:
6e:7b:9b:91:87:ab:95:91:61:b9:f2:34:b3:6d:bc:
fa:9e:e7:9b:b0:a6:54:8b:cf:b3:7c:d8:3a:77:ce:
23:10:68:60:33:08:d3:7a:b4:fd:eb:63:20:7d:b0:
d1:47:91:be:83
exponent1:
45:fb:6d:35:71:60:7f:30:46:5d:06:cd:34:c9:ec:
0d:5c:b1:7b:2e:8f:cb:54:37:c3:78:38:b4:99:12:
10:6d:16:22:11:76:37:cb:25:f2:82:86:d1:13:82:
cc:0d:0d:e9:06:4b:e1:7b:e3:e3:c4:15:80:a9:4d:
96:f0:3d:2f
exponent2:
13:77:f4:b4:23:78:e5:92:8e:59:78:29:67:d2:d0:
6a:26:9e:40:be:a5:c0:1b:d1:38:6b:93:02:c7:e3:
1d:5f:b7:0f:cd:23:29:b4:c5:94:18:20:88:f9:22:
42:b2:dd:e4:5c:de:a2:28:56:39:63:f9:cc:f8:91:
86:22:0a:b7
coefficient:
00:95:69:1f:82:34:21:ac:6c:f8:b8:06:b4:46:dd:
79:e4:b0:0a:32:20:cf:21:48:3b:1b:fe:34:60:b2:
f5:d9:a9:e0:8a:23:74:43:2e:cc:09:99:dc:54:d2:
df:3a:5b:c4:0d:b3:4b:88:95:a8:3f:85:d9:4f:f4:
cf:16:55:da:7c
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----
[root@docker121 ssl]# openssl rsa -in private.pem -text -noout           #不输出私钥内容
Private-Key: (1024 bit)
modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
publicExponent: 65537 (0x10001)
privateExponent:
75:dd:61:55:18:81:6a:fa:ff:3a:21:d6:25:c3:b1:
59:57:21:be:5a:2b:c8:7f:9c:94:c0:47:0f:ea:0b:
06:fd:53:fa:5d:92:ca:77:1f:4d:f6:84:19:c1:a7:
fb:7d:11:e3:be:3d:7a:37:6d:a2:6c:a2:4f:1d:a1:
21:b3:09:f9:4c:1c:0b:4f:3e:fa:82:13:85:02:42:
18:60:cb:6f:e3:e0:a5:54:2a:c3:26:b5:39:12:cf:
46:7d:b3:d6:f2:2e:1e:aa:f1:76:f5:bc:9b:17:f1:
25:9c:59:15:e0:96:7e:55:59:14:46:15:62:a1:f9:
2a:1d:b9:0a:90:a8:25:7d
prime1:
00:df:a1:2c:95:d1:f6:e5:1c:37:89:a1:d6:14:49:
0e:9b:9d:2c:ec:1d:be:bd:b4:de:bb:0f:57:cc:65:
30:a3:28:89:7e:a7:31:1b:d0:b0:52:30:85:db:01:
a8:97:e2:11:20:71:b3:47:e8:66:8c:ec:d4:9b:b6:
ee:7d:85:26:87
prime2:
00:c2:a5:ac:a9:80:7d:53:97:f4:e8:dc:60:b2:90:
6e:7b:9b:91:87:ab:95:91:61:b9:f2:34:b3:6d:bc:
fa:9e:e7:9b:b0:a6:54:8b:cf:b3:7c:d8:3a:77:ce:
23:10:68:60:33:08:d3:7a:b4:fd:eb:63:20:7d:b0:
d1:47:91:be:83
exponent1:
45:fb:6d:35:71:60:7f:30:46:5d:06:cd:34:c9:ec:
0d:5c:b1:7b:2e:8f:cb:54:37:c3:78:38:b4:99:12:
10:6d:16:22:11:76:37:cb:25:f2:82:86:d1:13:82:
cc:0d:0d:e9:06:4b:e1:7b:e3:e3:c4:15:80:a9:4d:
96:f0:3d:2f
exponent2:
13:77:f4:b4:23:78:e5:92:8e:59:78:29:67:d2:d0:
6a:26:9e:40:be:a5:c0:1b:d1:38:6b:93:02:c7:e3:
1d:5f:b7:0f:cd:23:29:b4:c5:94:18:20:88:f9:22:
42:b2:dd:e4:5c:de:a2:28:56:39:63:f9:cc:f8:91:
86:22:0a:b7
coefficient:
00:95:69:1f:82:34:21:ac:6c:f8:b8:06:b4:46:dd:
79:e4:b0:0a:32:20:cf:21:48:3b:1b:fe:34:60:b2:
f5:d9:a9:e0:8a:23:74:43:2e:cc:09:99:dc:54:d2:
df:3a:5b:c4:0d:b3:4b:88:95:a8:3f:85:d9:4f:f4:
cf:16:55:da:7c

[root@docker121 ssl]# openssl rsa -in private.pem  -des3 -passout pass:123456  -out private_des.pem     #将生成私钥加密
writing RSA key
[root@docker121 ssl]# cat private_des.pem
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,8DC40333E1A9554A

T1xNHzp7eopY4GdTjH/hUpSP3S8FrW/bpe9gAaKkMedRQ2Y8TuAd2/zbj6w64C8s
qMfYgZ/xFfD3pOE9h65C9GRNRdsc6MUrtCwypqPiZJazEYs7c8CcQgTPMvXKo+rs
UhOoRT8E924G1qfWsfMYA7GTa/MoAs9g1gpfKPJCagsHgh+6Hfy650LdFO5zifG8
baYroQdCZXbFD/ena9pruC4da4UQIyguJdJ/Mz/Zf3T5FWo6spKZP0LflOHq7+jc
iBoVC4UleheFyZUxXvWcrt6mfuZ1RmPrwk1TMWRvXDPfw007QVlBWppihLoejmsc
ObMe5nfP77CsaLvYz0TwyzG9KQ8RjJCaVUxJmsLg4tb01jaCOUfkFLBa2O9K0Y/2
qMe6F0+ee8UBQgYslCIaOgV4jZBb1WKbbE4RispqXmn9NW0Wfxgxfa3Mr6/+0i6t
OboGexkiWPVSw3nT9UAaIFkme1wVYkQmaNTwZC6PHHiAn0q2azaRmDm6aJ/t1HN3
RAsMHEn/YWqMUOXaYZ9a5REE5RUFq1SMgfWFTTz/8LXq9dRaeA3dPdRw3eHE7rXd
gsrBRaX0jUPOfYovPCcLx10/O7bNjPf+Jl2dXIYq1mvIzcCzZssHSOoJiAaKcnVe
WAU5CCzutezlS1JwiKl6j8u05VNQjfKbgJAaX+/XAhJc3rZank0rJPWJgfw/Q8dz
fNM/iC6qTGELg+LR0p0t9ppAyOoyKoPxNXdhabh72FBQ7VTMTpIH2eyzH9DCW1AC
uO9//Z+NK2ETiIHF2qHXlkhVkjMd/6Je8eSb83gwTpt0aNVT4Ahojg==
-----END RSA PRIVATE KEY-----

[root@docker121 ssl]# openssl rsa -in private_des.pem -passin pass:123456      #读取加密的私钥
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

(2).从私钥中提取公钥

[root@docker121 ssl]# openssl rsa -in private.pem   -pubout -out public.pem
writing RSA key
[root@docker121 ssl]# ll
total 12
-rw-r--r-- 1 root root 963 Oct 3 22:47 private_des.pem
-rw-r--r-- 1 root root 887 Oct 3 22:41 private.pem
-rw-r--r-- 1 root root 272 Oct 3 22:50 public.pem
[root@docker121 ssl]# cat public.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

[root@docker121 ssl]# openssl rsa  -pubin -in public.pem         #读取公钥内容
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

[root@docker121 ssl]# openssl rsa -pubin -in public.pem   -text        #以文本格式输出公钥内容
Public-Key: (1024 bit)
Modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
Exponent: 65537 (0x10001)
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----
[root@docker121 ssl]# openssl rsa -pubin -in public.pem -text -noout    #不输出公钥内容
Public-Key: (1024 bit)
Modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
Exponent: 65537 (0x10001)

[root@docker121 ssl]# openssl rsa -pubin -in public.pem -des3 -passout pass:123456 -out public_des.pem   #重新将公钥加密,貌似不生效(公钥不能加密???)
writing RSA key
[root@docker121 ssl]# cat public_des.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

[root@docker121 ssl]# openssl rsa -pubin -in public_des.pem
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

(3).移除私钥文件或公钥文件的密码。只需直接输出到新文件即可

[root@docker121 ssl]# openssl rsa -in private_des.pem -passin pass:123456
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

(4).check检测私钥文件的一致性,查看私钥文件被修改过。

[root@docker121 ssl]# openssl rsa -in private.pem -check
RSA key ok
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

现在随便修改下私钥文件(必须更改-----BEGIN RSA PRIVATE KEY-----和-----END RSA PRIVATE KEY-----包围的内部的内容),再检测。

[root@docker121 ssl]# openssl rsa -in private.pem -check
unable to load Private Key
140606152894352:error:0906D064:PEM routines:PEM_read_bio:bad base64 decode:pem_lib.c:824:

一般来说,openssl rsa的常用选项就只有"-in filename"、"-out filename"、"-pubout"

(4) openssl rsa/pkey(查看私钥、从私钥中提取公钥、查看公钥)的更多相关文章

  1. 2.openssl rsa/pkey

    分别是RSA密钥的处理工具和通用非对称密钥处理工具.它们用法基本一致,所以只介绍openssl rsa. [root@xuexi tmp]# man rsa NAME rsa - RSA key pr ...

  2. openssl rsa/pkey

    openssl系列文章:http://www.cnblogs.com/f-ck-need-u/p/7048359.html openssl rsa和openssl pkey分别是RSA密钥的处理工具和 ...

  3. PHP使用OPENSSL RSA加密解密数据

    加密数据有很多种方法,今天我们来看一下OPENSSL RSA的加密办法. 1.首先得安装php的openssl扩展 php -m | grep openssl 执行以上命令,确保已经安装了openss ...

  4. (11) openssl req(生成请求证书、私钥和自建CA)

    伪命令req大致有3个功能:生成证书请求文件.验证证书请求文件和创建根CA. 由于openssl req命令选项较多,所以先各举几个例子,再集中给出openssl req的选项说明.若已熟悉opens ...

  5. java验证openssl生成的ssl证书和私钥是否匹配

    最近有一个需求上传ssl证书和私钥,但是上传之前需要验证ssl证书和私钥是否正确,其中的业务逻辑涉及到以下几点: 一.读取ssl证书,读取ssl证书公钥       要实现该功能比较简单,java里面 ...

  6. 通过OpenSSL来生成PEM格式的私钥、PKCS8格式的私钥、公钥|pfx格式的私钥、cer格式的公钥

    1.生成PEM格式RSA私钥 不对输出的文件内容进行加密 openssl genrsa -out private-rsa.key 对输出的文件内容进行加密(DES/AES128/AES256等) op ...

  7. 【RSA】在 ASP.NET Core中结合web前端JsEncrypt.JS使用公钥加密,.NET Core使用私钥解密;

    有一个需求,前端web使用的是JsEncrypt把后端给的公钥对密码进行加密,然后后端对其进行解密: 使用的类库如下: 后端使用第三方开源类库Bouncy Castle进行RSA的加解密和生成PEM格 ...

  8. RSA公钥加密-私钥解密/私钥加密-公钥解密

    package com.tebon.ams.util;import org.apache.commons.codec.binary.Base64;import org.apache.log4j.Log ...

  9. openssl数字证书私钥删除私钥密码

    解密 openssl rsa -in server.key.org -out server.key

随机推荐

  1. python中用代码实现99乘法表

    第一种:使用for遍历循环嵌套 ,): ,x+): print("%s*%s=%s" % (y,x,x*y),end=" ") print("&quo ...

  2. boost 编译 asio 程序,简单socket 编程

    自己第一次玩boost,对C++也非常不熟悉,记录一下自己的学习过程. 安装编译 boost 包解压到/opt下 tar -zxvf /media/C06EDE596EDE47B4/mnt/boost ...

  3. git 保存文件目录

    Ubuntu中git clone就保存在你命令行现在所在的目录里 所以最好推荐 先用cd这个命令去自己想保存的目录 之后再git clone

  4. oj判题WA/RE怎么办

    [转]POJ WA/RE指南   “POJ上头的题都是数学题”,也不知道是那个家伙胡诌的……但是POJ的要求就是算法通过了也不让你AC.下面本人就这560题的经验,浅谈一下WA/RE了怎么办. 以下内 ...

  5. [POI2005]Sza-Template

    Description Byteasar 想在墙上涂一段很长的字符,他为了做这件事从字符的前面一段中截取了一段作为模版. 然后将模版重复喷涂到相应的位置后就得到了他想要的字符序列.一个字符可以被喷涂很 ...

  6. archive log full ora-00257

    ############# sample 0 asmcmd show free 37G in archive_log ASMCMD> lsdgState Type Rebal Unbal Sec ...

  7. 外文翻译 《How we decide》被情感愚弄 第一节

    本节为第三章的起始. 书的导言 本节阅读感言:情感系统脱离控制的后果是毁灭性的. Ann Klinestiver 在一所高中做英文老师,她被诊断为患帕金森综合症.在课堂上,当她正准备和学生们谈及一些莎 ...

  8. AJPFX总结方法的特点

    它可以实现独立的功能; 必须定义在类里面; 它只有被调用才会执行; 它可以被重复使用; 方法结束后方法里的对象失去引用;   如何定义一个功能,并通过方法体现出来: ① 明确该功能运算后的结果.明确返 ...

  9. Map集合的实现类

    Map的继承关系: Map接口的常用实现类: 1.HashMap.Hashtable(t是小写) HashMap不是线程安全的,key.value的值都可以是null. Hashtable是线程安全的 ...

  10. Java开发笔记(九十四)文件通道的性能优势

    前面介绍了字节缓存的一堆概念,可能有的朋友还来不及消化,虽然文件通道的用法比起传统I/O有所简化,可是平白多了个操控繁琐的字节缓存,分明比较传统I/O更加复杂了.尽管字节缓存享有缓存方面的性能优势,但 ...