当前位置：首页 > news >正文

小说网站建设商标注册网官网查询

news 2026/4/20 9:19:29

小说网站建设,商标注册网官网查询,模具编程入门先学什么,南山做棋牌网站建设文章目录一、openssl genrsa 命令介绍二、openssl genrsa 命令的语法及选项三、实例1、生成512位的 RSA 秘钥#xff0c;输出到屏幕。2、生成512位 RSA 私钥#xff0c;输出到指定的文件 genrsa.txt3、生成 1024 位 RSA 秘钥#xff0c;采用 des 算法加密#xff0c;加密密… 文章目录一、openssl genrsa 命令介绍二、openssl genrsa 命令的语法及选项三、实例1、生成512位的 RSA 秘钥输出到屏幕。2、生成512位 RSA 私钥输出到指定的文件 genrsa.txt3、生成 1024 位 RSA 秘钥采用 des 算法加密加密密码为 1234564、生成 2048 位 RAS 秘钥采用 des3 算法加密参考一、openssl genrsa 命令介绍 openssl genrsa 命令是会用来生成 RSA 私有秘钥不会生成公钥因为公钥提取自私钥。生成时是可以指定私钥长度和密码保护。如果需要查看公钥或生成公钥可以使用 openssl rsa 命令。通过 man openssl 命令可以看到 genrsa 命令的介绍 genrsa Generation of RSA Private Key. Superceded by genpkey.二、openssl genrsa 命令的语法及选项语法 openssl genrsa [-out filename] [-passout arg] [-f4] [-3] [-rand file(s)] [-engine id] [numbits] [-des] [-des3] [-idea]查看 openssl genrsa 命令的选项 [roottvweb01 ~]# openssl genrsa ? usage: genrsa [args] [numbits]-des encrypt the generated key with DES in cbc mode-des3 encrypt the generated key with DES in ede cbc mode (168 bit key)-idea encrypt the generated key with IDEA in cbc mode-seedencrypt PEM output with cbc seed-aes128, -aes192, -aes256encrypt PEM output with cbc aes-camellia128, -camellia192, -camellia256encrypt PEM output with cbc camellia-out file output the key to file-passout arg output file pass phrase source-f4 use F4 (0x10001) for the E value-3 use 3 for the E value-engine e use engine e, possibly a hardware device.-rand file:file:...load the file (or the files in the directory) intothe random number generator 使用 man genrsa 查看详细用法 [rootnginx ~]# man genrsa GENRSA(1) OpenSSL GENRSA(1)NAMEgenrsa - generate an RSA private keySYNOPSISopenssl genrsa [-out filename] [-passout arg] [-des] [-des3] [-idea] [-f4] [-3] [-rand file(s)] [-engine id] [numbits]DESCRIPTIONThe genrsa command generates an RSA private key.OPTIONS-out filenamethe output filename. If this argument is not specified then standard output is used.-passout argthe output file password source. For more information about the format of arg see the PASS PHRASE ARGUMENTS section in openssl(1).-des|-des3|-ideaThese options encrypt the private key with the DES, triple DES, or the IDEA ciphers respectively before outputting it. If none ofthese options is specified no encryption is used. If encryption is used a pass phrase is prompted for if it is not supplied via the-passout argument.-F4|-3the public exponent to use, either 65537 or 3. The default is 65537.-rand file(s)a file or files containing random data used to seed the random number generator, or an EGD socket (see RAND_egd(3)). Multiple filescan be specified separated by a OS-dependent character. The separator is ; for MS-Windows, , for OpenVMS, and : for all others.-engine idspecifying an engine (by its unique id string) will cause genrsa to attempt to obtain a functional reference to the specified engine,thus initialising it if needed. The engine will then be set as the default for all available algorithms.numbitsthe size of the private key to generate in bits. This must be the last option specified. The default is 512.NOTESRSA private key generation essentially involves the generation of two prime numbers. When generating a private key various symbols willbe output to indicate the progress of the generation. A . represents each number which has passed an initial sieve test, means a numberhas passed a single round of the Miller-Rabin primality test. A newline means that the number has passed all the prime tests (the actualnumber depends on the key size).Because key generation is a random process the time taken to generate a key may vary somewhat.BUGSA quirk of the prime generation algorithm is that it cannot generate small primes. Therefore the number of bits should not be less that64. For typical private keys this will not matter because for security reasons they will be much larger (typically 1024 bits).SEE ALSOgendsa(1)1.0.1e 2013-02-11 GENRSA(1)-out filename 将生成的私钥保存至filename文件若未指定输出文件则为标准输出。 -numbits 指定要生成的私钥的长度单位 bit默认为1024。该项必须为命令行的最后一项参数。 -des|-des3|-idea指定加密私钥文件用的算法这样每次使用私钥文件都将输入密码太麻烦所以很少使用。 -passout args 加密私钥文件时传递密码的格式如果要加密私钥文件时单未指定该项则提示输入密码。传递密码的args的格式见openssl密码格式。例如使用idea算法对私钥文件进行密码保护。 [rootnginx ~]# openssl genrsa -idea -passout pass:123 -out rsa_pri.pem Generating RSA private key, 1024 bit long modulus .............. ..... e is 65537 (0x10001)-F4 / -3 指数默认是 65537例如上例输出的最后一句话e is 655370x10001 [rootnginx ~]# openssl genrsa -3 -out rsa_pri.pem 2000 Generating RSA private key, 2000 bit long modulus .. ................... e is 3 (0x3)三、实例 1、生成512位的 RSA 秘钥输出到屏幕。 [rootnginx ~]# openssl genrsa 512 Generating RSA private key, 512 bit long modulus . ............ e is 65537 (0x10001) -----BEGIN RSA PRIVATE KEY----- MIIBOgIBAAJBANTZudAiqSAV7yJBo/7XMVF7cktFi6bcEAk79EObzboR7k4sCOYu tl3Fn6/BLUzAnTaYTozpIxfILYnz/9Dx/rMCAwEAAQJAPDUiNFe5k1PhAsWih/GD B9NtbxFLAXX6K0KEQ6OMu/bWZ7Q40xwPQWLcerIeNE1xjI1qKnxTRpWC6uigSo sQIhAO1pyZCkP0XY/PH4Jmjetd8d2beUUUWhA9pFRGkMahwnAiEA5YOniZV4bKjg 4AaVcs7kIsARIsgr2pyPL6npBJUCIEjrQgaT/8XC3HCVwHEzbWOtI0nFM7 9jP3LHDbaEfnAiA/rYpjMtRJmYViwpw2Y3wORxo46jz0csUjmr6MdcsDQIhAM30 zGSj4rrTHVWz73v8af2ITHYufLKYClNN2、生成512位 RSA 私钥输出到指定的文件 genrsa.txt [rootnginx ~]# openssl genrsa -out genrsa.txt 512 Generating RSA private key, 512 bit long modulus .............. ................. e is 65537 (0x10001) [rootnginx ~]# cat genrsa.txt -----BEGIN RSA PRIVATE KEY----- MIIBOgIBAAJBAKUwGTXGWqvOx2Vp2gMczQCyscerZTqrPYxKcxm418aw2JwCNwj CPwtM6la8c97KPxCS0EefMu89PXTKyM9i7sCAwEAAQJAB3idVV2wjvVw13FvsRs 7e4usdCu/LXPSnIKvY0vJAcBTRDvNo/RTpF3/UcexlInhhmhwFceyje3wqYA1sre mQIhANc8XRtuFfvOm65mrko89VS60GpWEO1WG01bxIOum0VdAiEAxHktqkSScOCS l1pUMLLiQrj0mhngHVPbI2WWOkZzK/cCIBSK51wJ2sFIyUOWc4uGUA4AFJV2pG8 aSit/IiQ7rLlAiBTPJdpHFYCNlJEhwNGAnMzG1KderrlEeK0M1Sa6b/fbwIhAMjp Q6lcPnCkz5/nIlTlpv14NRqa/YLBPD8uuFLyWtF -----END RSA PRIVATE KEY-----3、生成 1024 位 RSA 秘钥采用 des 算法加密加密密码为 123456 如果指定des算法没有在命令中携带密码则会提示用户输入密码 [rootnginx ~]# openssl genrsa -des -passout pass:123456 -out prikey.pem 1024 Generating RSA private key, 1024 bit long modulus .... .......... e is 65537 (0x10001) # 从输出可以看出秘钥长度是 1024 bit。从 OpenSSL 1.0.1e 开始默认秘钥长度为 1024 bit。 # 我们也可以设定自己所需的秘钥长度秘钥长度越长越安全 # 但使用秘钥进行加密解密时所耗费的时间也会越长。 # 非对称秘钥提高安全性的同时也带来了算法所耗费的大量时间非对称秘钥不对大块数据进行加密 # 应用领域是数字签名秘钥分发等小数据加密。[rootnginx ~]# ll prikey.pem -rw-r--r--. 1 root root 958 May 26 14:26 prikey.pem[rootnginx ~]# cat prikey.pem -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-CBC,C632EA92B103B8F8i9OuC7U5YCK8PTlnNOs4G5ShvpEkGLv7sEkZXb5UYWQhmG5eJHv8MjGP6sNvDbH 1c36LmWhTlosaney9zgw3SLUOYwhcj/ocCULtVYHBCoqmQzlLn0pj3JHunTxdF8 OAjJlwL16OKzArfCXDXWfqs4kmpZnPb0B7RgVPRwTAOnJ54BS0B1t4ytua8xfxtS fCE/PBSPywzC9EZdd9TEQ3GwRjim37RSwPHqW28Tb6Inq9IXGcwVqkvTk2F5N3NT By7Z/hIh2bBOjYj44X5G1qw0fZXP/6muD/w8KHjNlrancPiNs6oTUHAzDS0xK90y gJ9XTdxEQLwwd3MLQZ3AVuIr/Iazk6juj7vMJ6bfzblSJDuqubopM/QiLS2LI5Uz yLvFSwdezTjq0RylqYNlWCnCYjHtZ8oeuusqN7gAnFr/rDCvSPvqveS7QuW4JAG P6su1rAL0Uamv8fjq01W9865wctx/a60zMGM8go1H8l1g7nvaRgalQPDZLNQhUog A4mqh8jiXEBLnA81cL7f0yDBlPkYM7SvuPYtUAtA9RXxw66IHSYu6VrnhOplZw h7V08d78KZG8Bghx0YXqPL57qvTFRu9sJJmvN5NWPhsMxTsTLsFll8psB4mZ4EU iMU3TiGn3pHaunmHzYibKSqNfOtAKpbIVhSqLKkkV6DlHBKjw1iQ2GqKRm0ilBo 7yRxVG1LdycVEkKTE3hHVLP2BCdoXV8dmUimjH8FB/voi9rYfDwqXNqnXum6kN WmN86LJr75jTiHSs8OswunvBfedsVhsuRppBqCgsBlG5lEcLuSylg -----END RSA PRIVATE KEY-----一般情况下能用的选项是 -out 或 numbits。根据私钥生成公钥还有一种形式会先生成证书证书中含有公钥参见 TLS/SSL双向认证 [rootnginx ~]# openssl rsa -in prikey.pem -out pubkey.pem -pubout Enter pass phrase for prikey.pem: 123456 writing RSA key[rootnginx ~]# ll pubkey.pem -rw-r--r--. 1 root root 272 May 26 14:36 pubkey.pem[rootnginx ~]# cat pubkey.pem -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCHNF9c7EE35RmZRdze2G55i3R 6Kvxvh/NC2IlEXfOrCttwlxfrJkaPvKr98Jn0KAFTpem6X3nDzX1oOH/tkSS4ql h4oTHNzT0aS3sLRnqBnALgge0M7ePIxfyhyC4npdPIpj6jsII5OCCVn1CVD3GZy QfDwhh2IlKh5BDopQIDAQAB -----END PUBLIC KEY-----4、生成 2048 位 RAS 秘钥采用 des3 算法加密也是需要密码的步骤中存在提示输入密码环节 [rootnginx ~]# openssl genrsa -des3 -out private_server.key 2048 Generating RSA private key, 2048 bit long modulus ....................................................................................................................... ....................................... e is 65537 (0x10001) Enter pass phrase for private_server.key:123456 Verifying - Enter pass phrase for private_server.key:123456[rootnginx ~]# ll private_server.key -rw-r--r--. 1 root root 1743 May 26 14:29 private_server.key[rootnginx ~]# cat private_server.key -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,75141B9977BB10C1zsI6SDzNbsfnn8C8VYNxRXNuW3It4aZmhc1b/gslTIq1JifMlG8456k6EN2nBFIH AqZeIdf8qgK3F65yPqTxxXX7T1SKYyN6EP15VAFnXQqDlFJrSXYNSUhYiILr8lH qLJZwnnciTDOK5ERz17RPMRZHVDkW4ER2MrmfOENDgbsL8l4GbCB5L4IXYvGIs v0d3kcnWpPOIqhYWWQqfMtkXsbbSZAKx3IAmmgIHUFWt/V8TVb5hBs2HrJz2zJkl TdL8K9LHsztI5pBWsh8MyVMBgwl5Uh/th9lfSJON4D1IobHup9K8c8mueFZzj7c fiW4ZEbsKt2891ihIpTRsDIDPvSs35BMXD6X11fipMhQj7KFbLZo//Kno7yuCvZw aIEP6t6flYdsw8MiH0wd3IkGxFuN9SNesRJkQJLahjOkvaG9so08AC49skWAjnF HrhRMT537nVwp4UHaRAKgyJv4fC2lUVqTQ04bPx8ddxPB/I7KvOkTAVW9Foddd 1EyEI56ZAmLtiZcZ0ZKPUL/BSEndGF4jdUgMcX1mW1qN8iQtKVBlcddUWLjPyb6 B3kKo2R1XHn4FsywPTXu8jk5MyQePrsjHW/bPASHPXU4TRVPwqgDnz4jUiKuYcnG 9EZ0zwTYsKFA1cU2pQNbF8y26/ud4WQSdY8dXi8yl2x/LsVyDwhY3gihk6R2NiA1 GBMs1yDqjj6ir0mnmdGVMn4oqjPDzvOHouGeYPj6vHcltqJXhEsNpzhr2nJru88 UiUNLuemkxaJ5OA2ek0nKv1qnY/KB0d/X1DX/xFTZo9vS8Wtz8WDhF61rKCTfm/s ehpa9vCDr33n8OApJteQRnXcs25mO5tfuLGyq/59y2AT17Nu9EAEK3FUpcZKro3 oImv57MKU5eQMvb2JYyVUOv/sMtAtNwU7mjKM7lG8Zr240zFaiNnILRYsbLq4ae8 d8c4AExXhOPj1HMyLBnh9Gh605BOd6nZt7H45s2HqXc7k8POpo3xS80/4Tc4uMOA UoXabgvR46XUsVeFgz37aTdzZdmpm9VUxMbUkP9N9Ut6M5erqvv83UURgpoF6X8 pK/JoAVgerQz92fsy0K6giHqYqchO24PijwcMdc5WZi0ghBbbe3iuOpyjj/I/af qIi/Edbru0LW3AlPsU9kzUvpg/PHnO4GcwtLP5Kfropxh6OW08/ArMBP9jtKlQ kZbMKxS/FoyvQrDhqa8/AgI/kWnj6v7cq/uBFRsbP5L1Ps5dEqhlCDgM6CS5C/O NgsS56sfCwLDtXD9CjQSiJ0758VdTFkpg1P64vU1SZEgUdgw1KRnWh8G9PlgLux tZnnv09kFTlcmx/Y5b7FIXeicOStWIqQrWy8ux4rwm3MgSlq1MxSblMmu9o6Um5c HJEoWNCtnSNU7OmSbGq9czZZeolFDieMQBf9MUtyXqPIn07Jb3rUmcrj5/Uh2 uT4IFox4xzzNeS1T/vxMvPwRxgo3CLRhatEYTu1GtwyuHCFNJmYlKnqU/19wGIQ HXV/X2jcCi78EKC/aEicQQ7PDpzydzn9vS3bhyVhnLl3IIrb1F89ng -----END RSA PRIVATE KEY-----参考 openssl genrsa 命令详解

查看全文

http://www.hkea.cn/news/14339373/