(4) openssl rsa/pkey(查看私鑰、從私鑰中提取公鑰、查看公鑰)

openssl  rsa      是RSA對稱密鑰的處理工具

openssl  pkey   是通用非對稱密鑰處理工具，它們用法基本一致，所以只舉例說明openssl rsa。

它們的用法很簡單，基本上就是輸入和輸出私鑰或公鑰的作用，或從私鑰中提取出公鑰，將文件中私鑰或公鑰的某部分內容輸出到stdout

openssl   rsa      [-in filename]   [-passin arg]    [-passout arg]   [-out filename]     [-des|-des3|-idea]   [-text] [-noout] [-pubin] [-pubout] [-check]

openssl   pkey    [-in filename]  [-passin arg]    [-passout arg]   [-out filename]      [-cipher]                  [-text] [-noout] [-pubin] [-pubout]

 

【openssl rsa選項說明：】

-in filename ：指定密鑰輸入文件。默認讀取的是私鑰，若指定"-pubin"選項將表示讀取公鑰。將從該文件讀取密鑰，不指定時將從stdin讀取。
-pubin       ：讀取公鑰內容，即從"-in filename"的filename中讀取公鑰，所以filename必須為公鑰文件。

             ：不指定該選項時，默認是從filename中讀取私鑰。公鑰文件可以通過文件中的公鑰標識符
             ："-----BEGIN PUBLIC KEY-----"和"-----END PUBLIC KEY-----"來辨別。

-out filename：默認情況下，使用openssl rsa將文件中公鑰或私鑰讀取出來顯示到stdout，使用該選項將讀取的內容輸出到指定的文件中。
 ：讀取的是私鑰輸出的是私鑰或公鑰（若使用-putout選項從私鑰中提取公鑰），讀取的是公鑰輸出的一定是公鑰
               若不指定該選項，默認輸出到stdout

-pubout      ：從私鑰中提取公鑰，即從"-in filename"指定的私鑰中提取公鑰並輸出，此時-in filename中的filename必須是私鑰文件。
             ：當設置了"-pubin"時，默認也設置了"-pubout"。
             ：私鑰文件可以通過文件中的私鑰標識符"-----BEGIN PRIVATE KEY-----"和"-----END PRIVATE KEY-----"來辨別。

-noout       ：控制不輸出任何密鑰信息。
-text        ：轉換輸入和輸出的密鑰文件格式為純文本格式。
-check       ：檢查RSA密鑰是否完整未被修改過，只能檢測私鑰，因為公鑰來源於私鑰。因此選項"-in filename"的filename文件只能是私鑰文件。

-des|-des3|-idea：加密輸出文件，使得每次讀取輸出文件時都需要提供密碼。
-passin arg  ：傳遞解密密鑰文件的密碼。密碼格式見https://www.cnblogs.com/liliyang/p/9738929.html
-passout arg ：指定加密輸出文件的密碼。

【openssl pkey選項說明：】
-cipher：等價於openssl rsa的"-des|-des3|-idea"，例如"-cipher des3"

 示例：

(1).創建一個rsa私鑰文件genrsa.pri，然后從中提取rsa公鑰到rsa.pub文件中

 

[root@docker121 ssl]# openssl  genrsa -out private.pem 1024              #生成不加密的私鑰
Generating RSA private key, 1024 bit long modulus
.........++++++
....++++++
e is 65537 (0x10001)
[root@docker121 ssl]# ll
total 4
-rw-r--r-- 1 root root 887 Oct  3 22:41 private.pem
[root@docker121 ssl]# cat private.pem 　　　　　　　　　　　　　　　　　　　　　　#查看私鑰內容
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----
[root@docker121 ssl]# openssl  rsa -in private.pem  　　　　　　　　　　　　#讀取私鑰的內容
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

[root@docker121 ssl]# openssl rsa -in private.pem -text 　　　　　　　　　　　#以純文本格式輸出私鑰內容
Private-Key: (1024 bit)
modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
publicExponent: 65537 (0x10001)
privateExponent:
75:dd:61:55:18:81:6a:fa:ff:3a:21:d6:25:c3:b1:
59:57:21:be:5a:2b:c8:7f:9c:94:c0:47:0f:ea:0b:
06:fd:53:fa:5d:92:ca:77:1f:4d:f6:84:19:c1:a7:
fb:7d:11:e3:be:3d:7a:37:6d:a2:6c:a2:4f:1d:a1:
21:b3:09:f9:4c:1c:0b:4f:3e:fa:82:13:85:02:42:
18:60:cb:6f:e3:e0:a5:54:2a:c3:26:b5:39:12:cf:
46:7d:b3:d6:f2:2e:1e:aa:f1:76:f5:bc:9b:17:f1:
25:9c:59:15:e0:96:7e:55:59:14:46:15:62:a1:f9:
2a:1d:b9:0a:90:a8:25:7d
prime1:
00:df:a1:2c:95:d1:f6:e5:1c:37:89:a1:d6:14:49:
0e:9b:9d:2c:ec:1d:be:bd:b4:de:bb:0f:57:cc:65:
30:a3:28:89:7e:a7:31:1b:d0:b0:52:30:85:db:01:
a8:97:e2:11:20:71:b3:47:e8:66:8c:ec:d4:9b:b6:
ee:7d:85:26:87
prime2:
00:c2:a5:ac:a9:80:7d:53:97:f4:e8:dc:60:b2:90:
6e:7b:9b:91:87:ab:95:91:61:b9:f2:34:b3:6d:bc:
fa:9e:e7:9b:b0:a6:54:8b:cf:b3:7c:d8:3a:77:ce:
23:10:68:60:33:08:d3:7a:b4:fd:eb:63:20:7d:b0:
d1:47:91:be:83
exponent1:
45:fb:6d:35:71:60:7f:30:46:5d:06:cd:34:c9:ec:
0d:5c:b1:7b:2e:8f:cb:54:37:c3:78:38:b4:99:12:
10:6d:16:22:11:76:37:cb:25:f2:82:86:d1:13:82:
cc:0d:0d:e9:06:4b:e1:7b:e3:e3:c4:15:80:a9:4d:
96:f0:3d:2f
exponent2:
13:77:f4:b4:23:78:e5:92:8e:59:78:29:67:d2:d0:
6a:26:9e:40:be:a5:c0:1b:d1:38:6b:93:02:c7:e3:
1d:5f:b7:0f:cd:23:29:b4:c5:94:18:20:88:f9:22:
42:b2:dd:e4:5c:de:a2:28:56:39:63:f9:cc:f8:91:
86:22:0a:b7
coefficient:
00:95:69:1f:82:34:21:ac:6c:f8:b8:06:b4:46:dd:
79:e4:b0:0a:32:20:cf:21:48:3b:1b:fe:34:60:b2:
f5:d9:a9:e0:8a:23:74:43:2e:cc:09:99:dc:54:d2:
df:3a:5b:c4:0d:b3:4b:88:95:a8:3f:85:d9:4f:f4:
cf:16:55:da:7c
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----
[root@docker121 ssl]# openssl rsa -in private.pem -text -noout           #不輸出私鑰內容
Private-Key: (1024 bit)
modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
publicExponent: 65537 (0x10001)
privateExponent:
75:dd:61:55:18:81:6a:fa:ff:3a:21:d6:25:c3:b1:
59:57:21:be:5a:2b:c8:7f:9c:94:c0:47:0f:ea:0b:
06:fd:53:fa:5d:92:ca:77:1f:4d:f6:84:19:c1:a7:
fb:7d:11:e3:be:3d:7a:37:6d:a2:6c:a2:4f:1d:a1:
21:b3:09:f9:4c:1c:0b:4f:3e:fa:82:13:85:02:42:
18:60:cb:6f:e3:e0:a5:54:2a:c3:26:b5:39:12:cf:
46:7d:b3:d6:f2:2e:1e:aa:f1:76:f5:bc:9b:17:f1:
25:9c:59:15:e0:96:7e:55:59:14:46:15:62:a1:f9:
2a:1d:b9:0a:90:a8:25:7d
prime1:
00:df:a1:2c:95:d1:f6:e5:1c:37:89:a1:d6:14:49:
0e:9b:9d:2c:ec:1d:be:bd:b4:de:bb:0f:57:cc:65:
30:a3:28:89:7e:a7:31:1b:d0:b0:52:30:85:db:01:
a8:97:e2:11:20:71:b3:47:e8:66:8c:ec:d4:9b:b6:
ee:7d:85:26:87
prime2:
00:c2:a5:ac:a9:80:7d:53:97:f4:e8:dc:60:b2:90:
6e:7b:9b:91:87:ab:95:91:61:b9:f2:34:b3:6d:bc:
fa:9e:e7:9b:b0:a6:54:8b:cf:b3:7c:d8:3a:77:ce:
23:10:68:60:33:08:d3:7a:b4:fd:eb:63:20:7d:b0:
d1:47:91:be:83
exponent1:
45:fb:6d:35:71:60:7f:30:46:5d:06:cd:34:c9:ec:
0d:5c:b1:7b:2e:8f:cb:54:37:c3:78:38:b4:99:12:
10:6d:16:22:11:76:37:cb:25:f2:82:86:d1:13:82:
cc:0d:0d:e9:06:4b:e1:7b:e3:e3:c4:15:80:a9:4d:
96:f0:3d:2f
exponent2:
13:77:f4:b4:23:78:e5:92:8e:59:78:29:67:d2:d0:
6a:26:9e:40:be:a5:c0:1b:d1:38:6b:93:02:c7:e3:
1d:5f:b7:0f:cd:23:29:b4:c5:94:18:20:88:f9:22:
42:b2:dd:e4:5c:de:a2:28:56:39:63:f9:cc:f8:91:
86:22:0a:b7
coefficient:
00:95:69:1f:82:34:21:ac:6c:f8:b8:06:b4:46:dd:
79:e4:b0:0a:32:20:cf:21:48:3b:1b:fe:34:60:b2:
f5:d9:a9:e0:8a:23:74:43:2e:cc:09:99:dc:54:d2:
df:3a:5b:c4:0d:b3:4b:88:95:a8:3f:85:d9:4f:f4:
cf:16:55:da:7c

[root@docker121 ssl]# openssl rsa -in private.pem  -des3 -passout pass:123456  -out private_des.pem　　　　　#將生成私鑰加密
writing RSA key
[root@docker121 ssl]# cat private_des.pem
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,8DC40333E1A9554A

T1xNHzp7eopY4GdTjH/hUpSP3S8FrW/bpe9gAaKkMedRQ2Y8TuAd2/zbj6w64C8s
qMfYgZ/xFfD3pOE9h65C9GRNRdsc6MUrtCwypqPiZJazEYs7c8CcQgTPMvXKo+rs
UhOoRT8E924G1qfWsfMYA7GTa/MoAs9g1gpfKPJCagsHgh+6Hfy650LdFO5zifG8
baYroQdCZXbFD/ena9pruC4da4UQIyguJdJ/Mz/Zf3T5FWo6spKZP0LflOHq7+jc
iBoVC4UleheFyZUxXvWcrt6mfuZ1RmPrwk1TMWRvXDPfw007QVlBWppihLoejmsc
ObMe5nfP77CsaLvYz0TwyzG9KQ8RjJCaVUxJmsLg4tb01jaCOUfkFLBa2O9K0Y/2
qMe6F0+ee8UBQgYslCIaOgV4jZBb1WKbbE4RispqXmn9NW0Wfxgxfa3Mr6/+0i6t
OboGexkiWPVSw3nT9UAaIFkme1wVYkQmaNTwZC6PHHiAn0q2azaRmDm6aJ/t1HN3
RAsMHEn/YWqMUOXaYZ9a5REE5RUFq1SMgfWFTTz/8LXq9dRaeA3dPdRw3eHE7rXd
gsrBRaX0jUPOfYovPCcLx10/O7bNjPf+Jl2dXIYq1mvIzcCzZssHSOoJiAaKcnVe
WAU5CCzutezlS1JwiKl6j8u05VNQjfKbgJAaX+/XAhJc3rZank0rJPWJgfw/Q8dz
fNM/iC6qTGELg+LR0p0t9ppAyOoyKoPxNXdhabh72FBQ7VTMTpIH2eyzH9DCW1AC
uO9//Z+NK2ETiIHF2qHXlkhVkjMd/6Je8eSb83gwTpt0aNVT4Ahojg==
-----END RSA PRIVATE KEY-----

[root@docker121 ssl]# openssl rsa -in private_des.pem -passin pass:123456　　　　　　#讀取加密的私鑰
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

 

 

(2).從私鑰中提取公鑰

[root@docker121 ssl]# openssl rsa -in private.pem   -pubout -out public.pem
writing RSA key
[root@docker121 ssl]# ll
total 12
-rw-r--r-- 1 root root 963 Oct 3 22:47 private_des.pem
-rw-r--r-- 1 root root 887 Oct 3 22:41 private.pem
-rw-r--r-- 1 root root 272 Oct 3 22:50 public.pem
[root@docker121 ssl]# cat public.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

[root@docker121 ssl]# openssl rsa  -pubin -in public.pem 　　　　　　　　#讀取公鑰內容
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

 

[root@docker121 ssl]# openssl rsa -pubin -in public.pem   -text        #以文本格式輸出公鑰內容
Public-Key: (1024 bit)
Modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
Exponent: 65537 (0x10001)
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----
[root@docker121 ssl]# openssl rsa -pubin -in public.pem -text -noout　　　　#不輸出公鑰內容
Public-Key: (1024 bit)
Modulus:
00:aa:08:dd:7f:a1:46:96:be:38:cc:2d:ea:bb:0a:
a3:cc:2e:84:ce:84:61:d1:aa:0c:18:59:48:54:15:
3a:33:3f:8a:bd:e1:4b:7b:b8:37:cb:55:2d:08:3b:
4a:b0:77:2e:26:a5:8e:8b:4b:8f:a5:2c:84:2d:54:
35:2b:6e:62:ae:17:cf:b4:e6:f3:f9:30:6f:ea:52:
ab:fc:83:9e:f8:a6:2e:e7:f7:2b:be:61:e0:c6:10:
09:0b:9c:32:d1:a4:61:54:8b:06:f5:3e:56:2c:7c:
59:c9:bf:8e:b4:7a:64:fa:6d:c6:4e:56:11:7c:8f:
f4:d3:74:e7:84:51:31:e9:15
Exponent: 65537 (0x10001)

 

[root@docker121 ssl]# openssl rsa -pubin -in public.pem -des3 -passout pass:123456 -out public_des.pem   #重新將公鑰加密，貌似不生效（公鑰不能加密？？？）
writing RSA key
[root@docker121 ssl]# cat public_des.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

[root@docker121 ssl]# openssl rsa -pubin -in public_des.pem
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqCN1/oUaWvjjMLeq7CqPMLoTO
hGHRqgwYWUhUFTozP4q94Ut7uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+0
5vP5MG/qUqv8g574pi7n9yu+YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZO
VhF8j/TTdOeEUTHpFQIDAQAB
-----END PUBLIC KEY-----

 

(3).移除私鑰文件或公鑰文件的密碼。只需直接輸出到新文件即可

[root@docker121 ssl]# openssl rsa -in private_des.pem -passin pass:123456
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

(4).check檢測私鑰文件的一致性，查看私鑰文件被修改過。

[root@docker121 ssl]# openssl rsa -in private.pem -check
RSA key ok
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqCN1/oUaWvjjMLeq7CqPMLoTOhGHRqgwYWUhUFTozP4q94Ut7
uDfLVS0IO0qwdy4mpY6LS4+lLIQtVDUrbmKuF8+05vP5MG/qUqv8g574pi7n9yu+
YeDGEAkLnDLRpGFUiwb1PlYsfFnJv460emT6bcZOVhF8j/TTdOeEUTHpFQIDAQAB
AoGAdd1hVRiBavr/OiHWJcOxWVchvloryH+clMBHD+oLBv1T+l2SyncfTfaEGcGn
+30R4749ejdtomyiTx2hIbMJ+UwcC08++oIThQJCGGDLb+PgpVQqwya1ORLPRn2z
1vIuHqrxdvW8mxfxJZxZFeCWflVZFEYVYqH5Kh25CpCoJX0CQQDfoSyV0fblHDeJ
odYUSQ6bnSzsHb69tN67D1fMZTCjKIl+pzEb0LBSMIXbAaiX4hEgcbNH6GaM7NSb
tu59hSaHAkEAwqWsqYB9U5f06NxgspBue5uRh6uVkWG58jSzbbz6nuebsKZUi8+z
fNg6d84jEGhgMwjTerT962MgfbDRR5G+gwJARfttNXFgfzBGXQbNNMnsDVyxey6P
y1Q3w3g4tJkSEG0WIhF2N8sl8oKG0ROCzA0N6QZL4Xvj48QVgKlNlvA9LwJAE3f0
tCN45ZKOWXgpZ9LQaiaeQL6lwBvROGuTAsfjHV+3D80jKbTFlBggiPkiQrLd5Fze
oihWOWP5zPiRhiIKtwJBAJVpH4I0Iaxs+LgGtEbdeeSwCjIgzyFIOxv+NGCy9dmp
4IojdEMuzAmZ3FTS3zpbxA2zS4iVqD+F2U/0zxZV2nw=
-----END RSA PRIVATE KEY-----

現在隨便修改下私鑰文件(必須更改-----BEGIN RSA PRIVATE KEY-----和-----END RSA PRIVATE KEY-----包圍的內部的內容)，再檢測。

[root@docker121 ssl]# openssl rsa -in private.pem -check
unable to load Private Key
140606152894352:error:0906D064:PEM routines:PEM_read_bio:bad base64 decode:pem_lib.c:824:

一般來說，openssl rsa的常用選項就只有"-in filename"、"-out filename"、"-pubout"