openssl
目录
hhhh第一次用markdown,见谅见谅
简介
openssl 是目前最流行的 SSL 密码库工具,其提供了一个通用、健壮、功能完备的工具套件,用以支持SSL/TLS 协议的实现。
- 官网 :https://www.openssl.org/source/;
- 相关书籍:英文版的,读了一下,还是便于阅读的可以参考
https://www.feistyduck.com/library/openssl-cookbook/online/index.html;
生成ras私钥与公钥
-
直接生成私钥与公钥
openssl genrsa -out fa.key
结果
Generating RSA private key, 2048 bit long modulus ....................................+++ ...........................................................................................+++ e is 65537 (0x10001)
生成成功,e默认选的65537,现在大家公认安全的
生成对应公钥 ,关于为什么可以从私钥中生成公钥后面解释openssl rsa -in fd.key -pubout -out fd-public.key
出现writing RSA key,生成成功
-
生成加密的私钥与公钥
直接生成没加密的显然不安全,用这个命令可以对私钥文件加密,查看详细信息的时候要用密码解密openssl genrsa -aes128 -out fd.key 2048(密码) openssl rsa -in fd.key -pubout -out fd-public.key 204(密码)
vim fd.ke//打开私钥文件
-
关于生成的私钥文件
直接打开私钥,公钥文件如下,没有太多的有效信息
-----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAn55ZpC4TUt22yysV9W44P1ttD9wAyHzIJUETakXfsVGlN1w3 HRUJu9fu54aR6bcvgueVaYIG3XczWfNlmkeiQ/uNUo6jrXcRrNaItrHN4amLsBND bBMTrPmMcWf4Pm1V9MfnW6zEC/LeRZFWplBFXtt+m9Z+wqhshd/YcuBmseQjfskY iWfBKHNsX2+XvlS9xZ34UA7xdRtloiTHWOj/0fRh8l1XHhkFsK3HY1IO87mDjx9E dA7lHA0OQYgn1BRyrXLZkemhKK0jBFvRBQU4d4VXmxJ6syQYZyPv2ldmtUo11HI6 jSDhTcEAUOm+lpGtNjNbKxhCwAWO1/Ol/9CXBQIDAQABAoIBACXYkuKVtik4vqWv gpZd2uJS2CohfOIMjBwhMOxKwv41IJpeuAaiPVuXmGK3CpPCxnYgWNHabaxHHhre 1iFdiMDbvSdtAKwZhkxX1bSTtgAihidqedr/LvQde0pMX5TVscLHPzkCXr2CiWcv Tb9DWx9hpcRneEjJTGn1qEmcoVzeHhl3YioIuD11bRPoBaUigDYR87gx+SS5I4fb 8bWK+BS9otW3eIWl/IpEKowGfcGVzvtlnvaExUVTi59FGySfXKWuUReUDM58GXE2 qLpdDamRLoAk7wh9DYCcECOfinIEdcnZn4c2w38CBUZ5/IsMcDpqVHKBY56DjKor WZE9r4UCgYEAzUwGSoQUUt0Gxb72p0RJBpYGogiRwvtKIba+DvD5xwOy0w6jIrae fl+9t1BTv4GHJdwsv0HTn15WFja9xRPfV2UhS34ruVX3b3xd0H64zYcFxInYcKKt nrbE8GBkGkZUXtKf1nkCj937k/d8l6FgkoJ+NXWWkwL2Z0qXkK9YBtMCgYEAxwpK i7QO6Hv/TLPciUKjlwSW7bqA9xOWYXEzZHFppsMwlGtTTMjmx9OrTPHpX+cskvVQ WqgDbT7pg5ooXfHWWzQa0DmEErbefmllpSwR/4OrUEpBQJaqAh8OHIbBqMPKPA7D n5Z6TQ7gBnH8XcCBj+OGPwROwt4BekJ7Z+zT88cCgYBejjqDjavysnyRDbB7P/dG gkkRzlKcdLMjLhEBvrm8kRaHIUHAFk6PtDckPGomVVlS9cLiYEZBK+kImDP1ln6S uTCJndYzqcWqYqSvB/7EIwFkEX1P+41uAY5ZjHvuoh/wAKC/3sJwUvSxpRaMnDZn pJTOuJcepQmqb2+5oxkvIwKBgDeQ7+7Afcj5lPRc4hyPtgvbBCeqAYb4uOrLJ4XL A6vCojVNIRw2mfb/aLs6beSQLSl5ws0MSqic/6P1zX8snKMpkLLA29Y9py+zTOUn wH6My67GjCDz7tJYyR+9nyL2RecuV/6di9cnZ/NkrwedTo5U/o1pLnPIdrEjDkCd JS7RAoGBAKTml25Ox0KtYuYwiPhv47aBIWT3gal/396ubqVC2QIzBYyl3ePA7bM8 9vYJMKZn+4KGogJeWKrR6cCGEKWkKvEtOvyHEecv2Ud2Vv+rNntw0YdvC6s/50eQ /ObYMY9DhUS/BCggD9ibFuVufLMGAIlAuE4eWbq1G+Ge2wXh+gjF -----END RSA PRIVATE KEY-----
如果想获得更多信息,用下面的指令
openssl rsa -text -in fd.key
结果如下
一个prime1,一个prime2就是生成大数n的两个素数,私钥中包含所有信息,所以可以用来生成公钥,Private-Key: (2048 bit) modulus: 00:9f:9e:59:a4:2e:13:52:dd:b6:cb:2b:15:f5:6e: 38:3f:5b:6d:0f:dc:00:c8:7c:c8:25:41:13:6a:45: df:b1:51:a5:37:5c:37:1d:15:09:bb:d7:ee:e7:86: 91:e9:b7:2f:82:e7:95:69:82:06:dd:77:33:59:f3: 65:9a:47:a2:43:fb:8d:52:8e:a3:ad:77:11:ac:d6: 88:b6:b1:cd:e1:a9:8b:b0:13:43:6c:13:13:ac:f9: 8c:71:67:f8:3e:6d:55:f4:c7:e7:5b:ac:c4:0b:f2: de:45:91:56:a6:50:45:5e:db:7e:9b:d6:7e:c2:a8: 6c:85:df:d8:72:e0:66:b1:e4:23:7e:c9:18:89:67: c1:28:73:6c:5f:6f:97:be:54:bd:c5:9d:f8:50:0e: f1:75:1b:65:a2:24:c7:58:e8:ff:d1:f4:61:f2:5d: 57:1e:19:05:b0:ad:c7:63:52:0e:f3:b9:83:8f:1f: 44:74:0e:e5:1c:0d:0e:41:88:27:d4:14:72:ad:72: d9:91:e9:a1:28:ad:23:04:5b:d1:05:05:38:77:85: 57:9b:12:7a:b3:24:18:67:23:ef:da:57:66:b5:4a: 35:d4:72:3a:8d:20:e1:4d:c1:00:50:e9:be:96:91: a