2014-11-19 wcdj
OpenSSL中crypto的简单应用
author:gerry
目录
The OpenSSL crypto library implements awide range of cryptographic algorithms used in various Internet standards. Theservices provided by this library are used by the OpenSSL implementations ofSSL, TLS and S/MIME, and they have also been used to implement SSH, OpenPGP,and other cryptographic standards.
libcrypto consists of a number of sub-libraries that implement the individual algorithms.
The functionality includes symmetric encryption, public key cryptography and key agreement, certificate handling, cryptographic hash functions and a cryptographic pseudo-random number generator.
https://www.openssl.org/docs/crypto/crypto.html
https://www.openssl.org/docs/crypto/rsa.html#
一些命令
生成RSA私钥
./openssl genrsa -out privatekey.pem 1024
从RSA私钥导出公钥
./openssl rsa -in privatekey.pem -outpublic.pem -outform PEM -pubout
使用RSA公钥加密对数据进行加密
./openssl rsautl -encrypt -inkey public.pem-pubin -in file.txt -out file.ssl
使用RSA私钥对公钥加密的数据解密
./openssl rsautl -decrypt -inkeyprivatekey.pem -in file.ssl -out decrypted.txt
在终端打印输出RSA私钥的结构信息
./openssl rsa -in privatekey.pem -text-noout
产生一个随机对称加密算法密钥
dd if=/dev/random of=secretkey bs=16count=1
使用对称加密算法对数据进行加密
./openssl enc -blowfish -pass file:secretkey-in file.txt -out file.bf
使用对称加密算法对数据进行解密
./openssl enc -d -blowfish -passfile:secretkey -in file.bf -out decrypt.bf
官方关于rsa命令的帮助页面也提供了一些EXAMPLES。
https://www.openssl.org/docs/apps/rsa.html#
备注:
更多关于命令的帮助可以参考:manopenssl or http://www.openssl.org/docs/apps/rsa.html
更多关于RSA算法可以参考:RFC 2437 - PKCS #1: RSACryptography Specifications Version 2.0 - rfc2http://tools.ietf.org/pdf/rfc2437.pdf
SYNOPSIS(命令的语法)
openssl command [ command_opts ] [command_args ]
COMMAND(常用的命令)
genrsa Generation of RSA Private Key. Superceded by genpkey.
rsa RSA key management.
rsautl RSA utility for signing, verification, encryption, and decryption.Superseded by pkeyutl
enc Encoding with Ciphers.
COMMAND OPTIONS(常用的命令选项)
-pubin
by default a private key is read from the input file: with this option a publickey is read instead.
-pubout
by default a private key is output: with this option a public key will beoutput instead. This option is automatically set if the input is a public key.
-inform DER|NET|PEM
This specifies the input format. The DER option uses an ASN1 DER encoded formcompatible with the PKCS#1 RSAPrivateKey or SubjectPublicKeyInfo format. ThePEM