rsa私钥和公钥
RSA is an algorithm used for Cryptography. It was patented until 2000 in the USA (not the whole world) where now it can be used freely. RSA has a lot of usage examples but it is mainly used for encryption of small pieces of data like key and Digital signatures. RSA is based integer factorization problem. As it is known that asymmetric ciphers are very slow against symmetric ciphers. So it is used with symmetric cipher like AES to secure bulk data. Using with AES and RSA together named hybrid usage. Here are some practical RSA tools to manage.
RSA是用于密码术的算法。 它直到2000年在美国(不是整个世界)都获得了专利,现在可以免费使用了。 RSA有很多用法示例,但它主要用于加密小数据,例如密钥和数字签名。 RSA是基于整数分解的问题。 众所周知,非对称密码相对于对称密码非常慢。 因此,它与AES等对称密码一起使用来保护批量数据。 与AES和RSA一起使用时称为混合用法。 这里是一些实用的RSA工具进行管理。
建立金钥 (Create Key)
In order to manage the RSA key, we need to create it first. we specify the output type where it is a file named t1.key and the size of the key with 2048. We used the verb genrsa with OpenSSL. By default, keys are created in PEM format as it showed with file command.
为了管理RSA密钥,我们需要首先创建它。 我们在文件名为t1.key的文件中指定输出类型,并使用2048作为密钥的大小。我们将genrsa动词与OpenSSL一起使用。 默认情况下,密钥以PEM格式创建,如文件命令所示。
$ openssl genrsa -out t1.key 2048
将Pem格式转换为Der格式(Convert Pem Format into Der Format)
Formats are used to encode created RSA key and save into a file. Pem is common format but sometimes you need to use DER format. Here is how it can be done. We specify input form and output form with -inform and -outform parameters and then show the existing file within and created file with -out. Then we check file as we see that data as file type because of the binary type. Der is not encoded base64 like pem format.
格式用于对创建的RSA密钥进行编码并保存到文件中。 Pem是常见格式,但有时您需要使用DER格式。 这是可以完成的。 我们使用-inform和-outform参数指定输入表单和输出表单,然后使用-out显示其中的现有文件以及创建的文件。 然后我们检查文件,因为二进制类型将数据视为文件类型。 Der不是像pem格式那样编码为base64。
$ openssl rsa -inform pem -outform der -in t1.key -out t1.der
使用AES加密RSA密钥 (Encrypting RSA Key with AES)
Private keys are very sensitive if we transmit it over insecure places we should encrypt it with symmetric keys. Here we use AES with 128-bit key and we set encrypted RSA key file without parameter. Or while generating the RSA key pair it can be encrypted too.
如果我们在不安全的地方传输私钥,则私钥非常敏感,我们应该使用对称密钥对其进行加密。 在这里,我们将AES与128位密钥一起使用,并且设置不带参数的加密RSA密钥文件。 或者在生成RSA密钥对时也可以对其进行加密。
$ openssl rsa -aes128 -in t1.key -out t1out.pem
列出/显示公钥(List/Show Public Key)
We can display or view a given public key in the terminal. We will use -in parameter to provide the certificate file name which is t1.key in this example and -pubout and -text options in order to print to the screen.
我们可以在终端中显示或查看给定的公钥。 我们将使用-in参数使其能够提供证书文件名t1.key在这个例子和-pubout和-text选项,以打印到屏幕上。
$ openssl rsa -in rsa1.pem -pubout -text
We can see from the screenshot that RSA key is 2048 bit with modulus.
从屏幕截图中我们可以看到RSA密钥为2048位模数。
如何创建RSA公钥和私钥? 信息图 (How To Create RSA Public and Private Key? Infographic)
rsa私钥和公钥
577
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
