一、簡介
橢圓曲線密鑰處理工具
二、語法
openssl ec [-inform PEM|DER] [-outform PEM|DER] [-in filename] [-out filename] [-passin arg] [-passout arg] [-text] [-noout] [-param_out] [-conv_form arg] [-pubin] [-pubout] [-param_enc arg] [-engine id] [-des] [-des3] [-idea]
選項
-inform arg input format - DER or PEM -outform arg output format - DER or PEM -in arg input file -passin arg input file pass phrase source -out arg output file -passout arg output file pass phrase source -engine e use engine e, possibly a hardware device. -des encrypt PEM output, instead of 'des' every other cipher supported by OpenSSL can be used -text print the key -noout don't print key out -param_out print the elliptic curve parameters -conv_form arg specifies the point conversion form possible values: compressed uncompressed (default) hybrid -param_enc arg specifies the way the ec parameters are encoded in the asn1 der encoding possible values: named_curve (default) explicit
三、實例
1、生成EC私鑰
openssl ecparam -genkey -name prime256v1 -param_enc explicit -outform pem -out ec_prikey.pem
2、對私鑰進行口令保護
openssl ec -in ec_prikey.pem -des -out ec_prikey.pem
openssl ec -in ec_prikey.pem -des -passout pass:"123456" -out ec_prikey.pem
3、從私鑰提取公鑰
openssl ec -in ec_prikey.pem -pubout -out ec_pubkey.pem
4、查看私鑰信息
openssl ec -in ec_prikey.pem -passin pass:"123456" -text
5、查看公鑰信息
openssl ec -in ec_pubkey.pem -pubin -text
6、pem為der
openssl ec -in ec_prikey.pem -outform der -out ec_prikey.der
