从openssl密钥文件中提取公钥和私钥

时间:2017-07-13 17:45:20

标签: openssl dsa

我使用以下命令生成一对dsa键:

openssl gendsa -out myDSAkey.pem sharedDSA.pem

然后,我可以"提取"我的私钥和公钥以及命令:

openssl dsa -in myDSAkey.pem -aes128 -out myDSApriv.pem
openssl dsa -in myDSAkey.pem -out myDSApub.pem -outform PEM -pubout

执行以下任一操作时:

openssl dsa -text -inform PEM -in myDSAkey.pem
openssl dsa -text -inform PEM -in myDSApriv.pem

我从系统中获取了所需的所有信息:

Private-Key: (1024 bit)
priv:
    49:b1:e2:c6:00:48:e0:1f:f7:ad:ca:06:77:52:48:
    52:89:f3:f7:d8
pub: 
    02:5d:c9:ba:83:1a:cc:31:63:49:4a:79:5c:a3:a5:
    73:ab:70:b0:48:df:c8:26:53:16:71:9c:4c:3f:28:
    1b:53:4d:6b:e2:06:fc:b8:5e:93:f9:e1:9e:71:4d:
    17:c2:86:90:58:01:d2:f1:24:fa:ff:af:2d:00:6f:
    d0:8c:f9:1e:27:f6:8c:bc:50:bd:32:91:d9:51:c0:
    25:16:9f:df:e9:54:0c:07:53:62:61:1d:c4:93:da:
    65:87:59:4a:43:fd:79:28:6e:9a:fa:fa:00:f5:19:
    ce:5b:5d:0c:4d:c1:45:86:c6:17:47:e2:a7:a5:e3:
    99:65:36:0a:02:eb:2c:91
P:   
    00:9e:3e:54:31:cd:be:c8:ba:d0:0d:37:5a:ed:1c:
    2f:0f:47:13:48:9f:e6:f7:d7:bc:2d:01:12:d6:10:
    94:a5:24:49:d3:6e:64:b1:55:06:8a:f6:df:c7:f8:
    59:f0:e1:9e:16:9b:69:ac:db:1a:71:21:d2:f7:a7:
    94:f9:14:ae:17:5c:74:bf:59:c8:7e:cc:2b:39:be:
    e1:10:1f:bb:8e:7d:6f:f3:a5:61:1c:09:7d:56:be:
    15:4c:da:27:42:56:90:61:02:05:72:cf:e1:6b:56:
    89:81:87:ca:e5:bb:16:33:02:5c:fb:66:51:4f:22:
    70:2d:59:54:0f:6c:b0:95:ed
Q:   
    00:a7:37:61:7f:3b:36:8b:89:cc:f1:e8:82:af:98:
    44:09:a7:e2:0f:b9
G:   
    6f:bd:e3:25:06:ad:40:03:1c:f8:5d:4c:3e:85:17:
    fa:db:14:e3:c1:99:1e:f3:d8:36:a9:70:18:a9:30:
    81:7e:2e:ad:ca:87:39:a6:99:65:64:1a:2c:33:f4:
    e0:ee:57:c9:92:e0:7f:e0:2d:42:00:be:81:3b:c7:
    b9:39:5b:23:b8:0d:0b:c2:3a:8c:a1:33:d6:e5:0b:
    a5:c2:d8:cd:ea:ec:c0:76:13:35:79:b1:c4:cd:9c:
    ea:ec:e8:ed:84:2b:89:2c:7a:70:be:62:f0:f6:5b:
    0b:0e:c0:e7:aa:99:75:5b:68:31:20:bb:2d:d3:fc:
    c8:12:f5:44:a2:7f:d4:3d
writing DSA key
-----BEGIN DSA PRIVATE KEY-----
MIIBugIBAAKBgQCePlQxzb7IutANN1rtHC8PRxNIn+b317wtARLWEJSlJEnTbmSx
VQaK9t/H+Fnw4Z4Wm2ms2xpxIdL3p5T5FK4XXHS/Wch+zCs5vuEQH7uOfW/zpWEc
CX1WvhVM2idCVpBhAgVyz+FrVomBh8rluxYzAlz7ZlFPInAtWVQPbLCV7QIVAKc3
YX87NouJzPHogq+YRAmn4g+5AoGAb73jJQatQAMc+F1MPoUX+tsU48GZHvPYNqlw
GKkwgX4urcqHOaaZZWQaLDP04O5XyZLgf+AtQgC+gTvHuTlbI7gNC8I6jKEz1uUL
pcLYzerswHYTNXmxxM2c6uzo7YQriSx6cL5i8PZbCw7A56qZdVtoMSC7LdP8yBL1
RKJ/1D0CgYACXcm6gxrMMWNJSnlco6Vzq3CwSN/IJlMWcZxMPygbU01r4gb8uF6T
+eGecU0XwoaQWAHS8ST6/68tAG/QjPkeJ/aMvFC9MpHZUcAlFp/f6VQMB1NiYR3E
k9plh1lKQ/15KG6a+voA9RnOW10MTcFFhsYXR+KnpeOZZTYKAusskQIUSbHixgBI
4B/3rcoGd1JIUonz99g=
-----END DSA PRIVATE KEY----- 

这很奇怪,因为我认为在myDSApriv.pem文件中我提取了与私钥相关的myDSAkey.pem的内容。更令人惊讶的是,我没有myDSApub.pem的这些信息。执行命令:

openssl dsa -inform PEM -pubin -in nombreDSApub.pem

仅提供

read DSA key
writing DSA key
-----BEGIN PUBLIC KEY-----
MIIBtjCCASsGByqGSM44BAEwggEeAoGBAJ4+VDHNvsi60A03Wu0cLw9HE0if5vfX
vC0BEtYQlKUkSdNuZLFVBor238f4WfDhnhabaazbGnEh0venlPkUrhdcdL9ZyH7M
Kzm+4RAfu459b/OlYRwJfVa+FUzaJ0JWkGECBXLP4WtWiYGHyuW7FjMCXPtmUU8i
cC1ZVA9ssJXtAhUApzdhfzs2i4nM8eiCr5hECafiD7kCgYBvveMlBq1AAxz4XUw+
hRf62xTjwZke89g2qXAYqTCBfi6tyoc5ppllZBosM/Tg7lfJkuB/4C1CAL6BO8e5
OVsjuA0LwjqMoTPW5QulwtjN6uzAdhM1ebHEzZzq7OjthCuJLHpwvmLw9lsLDsDn
qpl1W2gxILst0/zIEvVEon/UPQOBhAACgYACXcm6gxrMMWNJSnlco6Vzq3CwSN/I
JlMWcZxMPygbU01r4gb8uF6T+eGecU0XwoaQWAHS8ST6/68tAG/QjPkeJ/aMvFC9
MpHZUcAlFp/f6VQMB1NiYR3Ek9plh1lKQ/15KG6a+voA9RnOW10MTcFFhsYXR+Kn
peOZZTYKAusskQ==
-----END PUBLIC KEY-----

虽然我希望它能给出之前给出的十六进制格式。

有没有办法在myDSApriv.pem和myDSApub.pem上显示十六进制信息而没有别的?为什么myDSApriv.pem包含有关所有参数的信息?

1 个答案:

答案 0 :(得分:1)

打印公钥时没有使用-text标志,因此它不会以人类可读的形式打印出来。您可以进一步添加-noout以避免在最后打印PEM编码的密钥。

另外,请注意您已将此私钥发布到Internet,因此请确保在执行任何您关心的操作之前生成新的密钥对:)。