posts - 212,  comments - 2,  trackbacks - 0

openssl  rsa      是RSA对称密钥的处理工具

openssl  pkey   是通用非对称密钥处理工具,它们用法基本一致,所以只举例说明openssl rsa。

它们的用法很简单,基本上就是输入和输出私钥或公钥的作用,或从私钥中提取出公钥,将文件中私钥或公钥的某部分内容输出到stdout

openssl   rsa      [-in filename]   [-passin arg]    [-passout arg]   [-out filename]     [-des|-des3|-idea]   [-text] [-noout] [-pubin] [-pubout] [-check]

openssl   pkey    [-in filename]  [-passin arg]    [-passout arg]   [-out filename]      [-cipher]                  [-text] [-noout] [-pubin] [-pubout]

 

【openssl rsa选项说明:】

-in filename :指定密钥输入文件。默认读取的是私钥指定"-pubin"选项将表示读取公钥。将从该文件读取密钥,不指定时将从stdin读取。
-pubin :读取公钥内容,即从"-in filename"的filename中读取公钥,所以filename必须为公钥文件
不指定该选项时,默认是从filename中读取私钥。公钥文件可以通过文件中的公钥标识符
             :"-----BEGIN PUBLIC KEY-----"和"-----END PUBLIC KEY-----"来辨别。

-out filename:默认情况下,使用openssl rsa将文件中公钥或私钥读取出来显示到stdout,使用该选项将读取的内容输出到指定的文件中
读取的是私钥输出的是私钥或公钥(若使用-putout选项从私钥中提取公钥),读取的是公钥输出的一定是公钥
若不指定该选项,默认输出到stdout
-pubout :从私钥中提取公钥,即从"-in filename"指定的私钥中提取公钥并输出,此时-in filename中的filename必须是私钥文件。 :当设置了"-pubin"时,默认也设置了"-pubout"。 :私钥文件可以通过文件中的私钥标识符"-----BEGIN PRIVATE KEY-----"和"-----END PRIVATE KEY-----"来辨别。
-noout :控制不输出任何密钥信息。 -text :转换输入和输出的密钥文件格式为纯文本格式。 -check :检查RSA密钥是否完整未被修改过,只能检测私钥,因为公钥来源于私钥。因此选项"-in filename"的filename文件只能是私钥文件。
-des|-des3|-idea:加密输出文件,使得每次读取输出文件时都需要提供密码。 -passin arg :传递解密密钥文件的密码。密码格式见https://www.cnblogs.com/liliyang/p/9738929.html

-passout arg :指定加密输出文件的密码。
【openssl pkey选项说明:】 -cipher:等价于openssl rsa的"-des|-des3|-idea",例如"-cipher des3"

 示例:

(1).创建一个rsa私钥文件genrsa.pri,然后从中提取rsa公钥到rsa.pub文件中

 

[root@docker121 ssl]# openssl  genrsa -out private.pem 1024              #生成不加密的私钥
Generating RSA private key, 1024 bit long modulus
.........++++++
....++++++
e is 65537 (0x10001)
[root@docker121 ssl]# ll
total 4
-rw-r--r-- 1 root root 887 Oct  3 22:41 private.pem
[root@docker121 ssl]# cat private.pem                       #查看私钥内容
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----
[root@docker121 ssl]# openssl  rsa -in private.pem              #读取私钥的内容
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

[root@docker121 ssl]# openssl rsa -in private.pem -text            #以纯文本格式输出私钥内容
Private-Key: (1024 bit)
modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
publicExponent: 65537 (0x10001)
privateExponent:
75:dd:61:55:18:81:6a:fa:ff:3a:21:d6:25:c3:b1:
59:57:21:be:5a:2b:c8:7f:9c:94:c0:47:0f:ea:0b:
06:fd:53:fa:5d:92:ca:77:1f:4d:f6:84:19:c1:a7:
fb:7d:11:e3:be:3d:7a:37:6d:a2:6c:a2:4f:1d:a1:
21:b3:09:f9:4c:1c:0b:4f:3e:fa:82:13:85:02:42:
18:60:cb:6f:e3:e0:a5:54:2a:c3:26:b5:39:12:cf:
46:7d:b3:d6:f2:2e:1e:aa:f1:76:f5:bc:9b:17:f1:
25:9c:59:15:e0:96:7e:55:59:14:46:15:62:a1:f9:
2a:1d:b9:0a:90:a8:25:7d
prime1:
00:df:a1:2c:95:d1:f6:e5:1c:37:89:a1:d6:14:49:
0e:9b:9d:2c:ec:1d:be:bd:b4:de:bb:0f:57:cc:65:
30:a3:28:89:7e:a7:31:1b:d0:b0:52:30:85:db:01:
a8:97:e2:11:20:71:b3:47:e8:66:8c:ec:d4:9b:b6:
ee:7d:85:26:87
prime2:
00:c2:a5:ac:a9:80:7d:53:97:f4:e8:dc:60:b2:90:
6e:7b:9b:91:87:ab:95:91:61:b9:f2:34:b3:6d:bc:
fa:9e:e7:9b:b0:a6:54:8b:cf:b3:7c:d8:3a:77:ce:
23:10:68:60:33:08:d3:7a:b4:fd:eb:63:20:7d:b0:
d1:47:91:be:83
exponent1:
45:fb:6d:35:71:60:7f:30:46:5d:06:cd:34:c9:ec:
0d:5c:b1:7b:2e:8f:cb:54:37:c3:78:38:b4:99:12:
10:6d:16:22:11:76:37:cb:25:f2:82:86:d1:13:82:
cc:0d:0d:e9:06:4b:e1:7b:e3:e3:c4:15:80:a9:4d:
96:f0:3d:2f
exponent2:
13:77:f4:b4:23:78:e5:92:8e:59:78:29:67:d2:d0:
6a:26:9e:40:be:a5:c0:1b:d1:38:6b:93:02:c7:e3:
1d:5f:b7:0f:cd:23:29:b4:c5:94:18:20:88:f9:22:
42:b2:dd:e4:5c:de:a2:28:56:39:63:f9:cc:f8:91:
86:22:0a:b7
coefficient:
00:95:69:1f:82:34:21:ac:6c:f8:b8:06:b4:46:dd:
79:e4:b0:0a:32:20:cf:21:48:3b:1b:fe:34:60:b2:
f5:d9:a9:e0:8a:23:74:43:2e:cc:09:99:dc:54:d2:
df:3a:5b:c4:0d:b3:4b:88:95:a8:3f:85:d9:4f:f4:
cf:16:55:da:7c
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----
[root@docker121 ssl]# openssl rsa -in private.pem -text -noout           #不输出私钥内容
Private-Key: (1024 bit)
modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
publicExponent: 65537 (0x10001)
privateExponent:
75:dd:61:55:18:81:6a:fa:ff:3a:21:d6:25:c3:b1:
59:57:21:be:5a:2b:c8:7f:9c:94:c0:47:0f:ea:0b:
06:fd:53:fa:5d:92:ca:77:1f:4d:f6:84:19:c1:a7:
fb:7d:11:e3:be:3d:7a:37:6d:a2:6c:a2:4f:1d:a1:
21:b3:09:f9:4c:1c:0b:4f:3e:fa:82:13:85:02:42:
18:60:cb:6f:e3:e0:a5:54:2a:c3:26:b5:39:12:cf:
46:7d:b3:d6:f2:2e:1e:aa:f1:76:f5:bc:9b:17:f1:
25:9c:59:15:e0:96:7e:55:59:14:46:15:62:a1:f9:
2a:1d:b9:0a:90:a8:25:7d
prime1:
00:df:a1:2c:95:d1:f6:e5:1c:37:89:a1:d6:14:49:
0e:9b:9d:2c:ec:1d:be:bd:b4:de:bb:0f:57:cc:65:
30:a3:28:89:7e:a7:31:1b:d0:b0:52:30:85:db:01:
a8:97:e2:11:20:71:b3:47:e8:66:8c:ec:d4:9b:b6:
ee:7d:85:26:87
prime2:
00:c2:a5:ac:a9:80:7d:53:97:f4:e8:dc:60:b2:90:
6e:7b:9b:91:87:ab:95:91:61:b9:f2:34:b3:6d:bc:
fa:9e:e7:9b:b0:a6:54:8b:cf:b3:7c:d8:3a:77:ce:
23:10:68:60:33:08:d3:7a:b4:fd:eb:63:20:7d:b0:
d1:47:91:be:83
exponent1:
45:fb:6d:35:71:60:7f:30:46:5d:06:cd:34:c9:ec:
0d:5c:b1:7b:2e:8f:cb:54:37:c3:78:38:b4:99:12:
10:6d:16:22:11:76:37:cb:25:f2:82:86:d1:13:82:
cc:0d:0d:e9:06:4b:e1:7b:e3:e3:c4:15:80:a9:4d:
96:f0:3d:2f
exponent2:
13:77:f4:b4:23:78:e5:92:8e:59:78:29:67:d2:d0:
6a:26:9e:40:be:a5:c0:1b:d1:38:6b:93:02:c7:e3:
1d:5f:b7:0f:cd:23:29:b4:c5:94:18:20:88:f9:22:
42:b2:dd:e4:5c:de:a2:28:56:39:63:f9:cc:f8:91:
86:22:0a:b7
coefficient:
00:95:69:1f:82:34:21:ac:6c:f8:b8:06:b4:46:dd:
79:e4:b0:0a:32:20:cf:21:48:3b:1b:fe:34:60:b2:
f5:d9:a9:e0:8a:23:74:43:2e:cc:09:99:dc:54:d2:
df:3a:5b:c4:0d:b3:4b:88:95:a8:3f:85:d9:4f:f4:
cf:16:55:da:7c

[root@docker121 ssl]# openssl rsa -in private.pem  -des3 -passout pass:123456  -out private_des.pem     #将生成私钥加密
writing RSA key
[root@docker121 ssl]# cat private_des.pem
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,8DC40333E1A9554A

T1xNHzp7eopY4GdTjH/hUpSP3S8FrW/bpe9gAaKkMedRQ2Y8TuAd2/zbj6w64C8s
qMfYgZ/xFfD3pOE9h65C9GRNRdsc6MUrtCwypqPiZJazEYs7c8CcQgTPMvXKo+rs
UhOoRT8E924G1qfWsfMYA7GTa/MoAs9g1gpfKPJCagsHgh+6Hfy650LdFO5zifG8
baYroQdCZXbFD/ena9pruC4da4UQIyguJdJ/Mz/Zf3T5FWo6spKZP0LflOHq7+jc
iBoVC4UleheFyZUxXvWcrt6mfuZ1RmPrwk1TMWRvXDPfw007QVlBWppihLoejmsc
ObMe5nfP77CsaLvYz0TwyzG9KQ8RjJCaVUxJmsLg4tb01jaCOUfkFLBa2O9K0Y/2
qMe6F0+ee8UBQgYslCIaOgV4jZBb1WKbbE4RispqXmn9NW0Wfxgxfa3Mr6/+0i6t
OboGexkiWPVSw3nT9UAaIFkme1wVYkQmaNTwZC6PHHiAn0q2azaRmDm6aJ/t1HN3
RAsMHEn/YWqMUOXaYZ9a5REE5RUFq1SMgfWFTTz/8LXq9dRaeA3dPdRw3eHE7rXd
gsrBRaX0jUPOfYovPCcLx10/O7bNjPf+Jl2dXIYq1mvIzcCzZssHSOoJiAaKcnVe
WAU5CCzutezlS1JwiKl6j8u05VNQjfKbgJAaX+/XAhJc3rZank0rJPWJgfw/Q8dz
fNM/iC6qTGELg+LR0p0t9ppAyOoyKoPxNXdhabh72FBQ7VTMTpIH2eyzH9DCW1AC
uO9//Z+NK2ETiIHF2qHXlkhVkjMd/6Je8eSb83gwTpt0aNVT4Ahojg==
-----END RSA PRIVATE KEY-----

[root@docker121 ssl]# openssl rsa -in private_des.pem -passin pass:123456      #读取加密的私钥
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

 

 

(2).从私钥中提取公钥

[root@docker121 ssl]# openssl rsa -in private.pem   -pubout -out public.pem
writing RSA key
[root@docker121 ssl]# ll
total 12
-rw-r--r-- 1 root root 963 Oct 3 22:47 private_des.pem
-rw-r--r-- 1 root root 887 Oct 3 22:41 private.pem
-rw-r--r-- 1 root root 272 Oct 3 22:50 public.pem
[root@docker121 ssl]# cat public.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

[root@docker121 ssl]# openssl rsa  -pubin -in public.pem         #读取公钥内容
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

 

[root@docker121 ssl]# openssl rsa -pubin -in public.pem   -text        #以文本格式输出公钥内容
Public-Key: (1024 bit)
Modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
Exponent: 65537 (0x10001)
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----
[root@docker121 ssl]# openssl rsa -pubin -in public.pem -text -noout    #不输出公钥内容
Public-Key: (1024 bit)
Modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
Exponent: 65537 (0x10001)

 

[root@docker121 ssl]# openssl rsa -pubin -in public.pem -des3 -passout pass:123456 -out public_des.pem   #重新将公钥加密,貌似不生效(公钥不能加密???)
writing RSA key
[root@docker121 ssl]# cat public_des.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

[root@docker121 ssl]# openssl rsa -pubin -in public_des.pem
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

 

(3).移除私钥文件或公钥文件的密码。只需直接输出到新文件即可

[root@docker121 ssl]# openssl rsa -in private_des.pem -passin pass:123456
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

(4).check检测私钥文件的一致性,查看私钥文件被修改过。

[root@docker121 ssl]# openssl rsa -in private.pem -check
RSA key ok
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

现在随便修改下私钥文件(必须更改-----BEGIN RSA PRIVATE KEY-----和-----END RSA PRIVATE KEY-----包围的内部的内容),再检测。

[root@docker121 ssl]# openssl rsa -in private.pem -check
unable to load Private Key
140606152894352:error:0906D064:PEM routines:PEM_read_bio:bad base64 decode:pem_lib.c:824:

一般来说,openssl rsa的常用选项就只有"-in filename"、"-out filename"、"-pubout"

 

 

posted on 2018-10-03 00:36  苦咖啡~~  阅读(...)  评论(...编辑  收藏