Openssl命令行:修订间差异
跳转到导航
跳转到搜索
无编辑摘要 |
无编辑摘要 标签:2017年版源代码编辑 |
||
| (未显示同一用户的3个中间版本) | |||
| 第1行: | 第1行: | ||
__TOC__ | |||
== 1. 连接国密网站 == | == 1. 连接国密网站 == | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
openssl s_client -gmvpn -connect 219.141.191.183:443 | openssl s_client -gmvpn -connect 219.141.191.183:443 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== 2. Openssl验证cert和key是否匹配 == | == 2. Openssl验证cert和key是否匹配 == | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
| 第12行: | 第15行: | ||
[[分类:OpenSSL]] | [[分类:OpenSSL]] | ||
= 3. Openssl修改key密码 = | == 3. Openssl修改key密码 == | ||
1. 去掉密码<syntaxhighlight lang="bash"> | 1. 去掉密码<syntaxhighlight lang="bash"> | ||
openssl rsa -in site.key -out nopassword.key | openssl rsa -in site.key -out nopassword.key | ||
</syntaxhighlight>2. 添加密码<syntaxhighlight lang="bash"> | </syntaxhighlight> | ||
2. 添加密码<syntaxhighlight lang="bash"> | |||
openssl rsa -des -in nopassword.key -out encrypt.key | openssl rsa -des -in nopassword.key -out encrypt.key | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== 4. Openssl加解密 == | |||
1. 加密 | |||
<syntaxhighlight lang="bash"> | |||
openssl enc -aes-128-cbc -in data.txt -out encode.txt -K E05A84ED2068B3DEE402304AD12F4A40 -iv E27DCFC8DF33FA58E335BEBB5978B7B4 | |||
</syntaxhighlight> | |||
2. 解密 | |||
<syntaxhighlight lang="bash"> | |||
openssl enc -aes-128-cbc -in encode.txt -out decode.txt -K E05A84ED2068B3DEE402304AD12F4A40 -iv E27DCFC8DF33FA58E335BEBB5978B7B4 -d | |||
</syntaxhighlight> | |||
== 5. 获取证书的十六进制公钥和私钥 == | |||
1. 从PEM 格式 SM2 私钥文件提取十六进制公钥和私钥 | |||
<syntaxhighlight lang="bash"> | |||
openssl ec -in sm2user.key -text -noout | |||
read EC key | |||
Private-Key: (256 bit) | |||
priv: | |||
fb:8c:f6:72:64:73:c0:10:92:bc:97:a2:5a:45:79: | |||
bf:0f:cf:93:25:46:32:cd:74:d6:9e:9d:31:75:66: | |||
39:c3 | |||
pub: | |||
04:eb:93:0f:6b:89:5a:fe:f2:4a:05:a7:dd:af:fb: | |||
dc:b7:0e:e3:41:fb:7b:ba:e6:3f:92:7f:bd:72:9f: | |||
42:85:4c:3c:85:b0:c4:14:7d:ad:91:b5:fe:39:dc: | |||
7b:81:76:c6:82:a8:1a:76:56:4c:a6:9b:c8:ed:db: | |||
50:ee:5e:0f:04 | |||
ASN1 OID: SM2 | |||
</syntaxhighlight> | |||
[[分类:OpenSSL]] | [[分类:OpenSSL]] | ||
2025年6月19日 (四) 03:00的最新版本
1. 连接国密网站[编辑 | 编辑源代码]
openssl s_client -gmvpn -connect 219.141.191.183:443
2. Openssl验证cert和key是否匹配[编辑 | 编辑源代码]
openssl x509 -noout -modulus -in server.crt | openssl md5
openssl rsa -noout -modulus -in server.key | openssl md5
其中,server.crt是SSL证书文件,server.key是私钥文件。如果命令输出的MD5哈希值相同,则证书和私钥匹配。否则,它们不匹配。
3. Openssl修改key密码[编辑 | 编辑源代码]
1. 去掉密码
openssl rsa -in site.key -out nopassword.key
2. 添加密码
openssl rsa -des -in nopassword.key -out encrypt.key
4. Openssl加解密[编辑 | 编辑源代码]
1. 加密
openssl enc -aes-128-cbc -in data.txt -out encode.txt -K E05A84ED2068B3DEE402304AD12F4A40 -iv E27DCFC8DF33FA58E335BEBB5978B7B4
2. 解密
openssl enc -aes-128-cbc -in encode.txt -out decode.txt -K E05A84ED2068B3DEE402304AD12F4A40 -iv E27DCFC8DF33FA58E335BEBB5978B7B4 -d
5. 获取证书的十六进制公钥和私钥[编辑 | 编辑源代码]
1. 从PEM 格式 SM2 私钥文件提取十六进制公钥和私钥
openssl ec -in sm2user.key -text -noout
read EC key
Private-Key: (256 bit)
priv:
fb:8c:f6:72:64:73:c0:10:92:bc:97:a2:5a:45:79:
bf:0f:cf:93:25:46:32:cd:74:d6:9e:9d:31:75:66:
39:c3
pub:
04:eb:93:0f:6b:89:5a:fe:f2:4a:05:a7:dd:af:fb:
dc:b7:0e:e3:41:fb:7b:ba:e6:3f:92:7f:bd:72:9f:
42:85:4c:3c:85:b0:c4:14:7d:ad:91:b5:fe:39:dc:
7b:81:76:c6:82:a8:1a:76:56:4c:a6:9b:c8:ed:db:
50:ee:5e:0f:04
ASN1 OID: SM2