Openssl ec命令

一、简介

椭圆曲线密钥处理工具

二、语法

openssl ec [-inform PEM|DER] [-outform PEM|DER] [-in filename] [-out filename] [-passin arg] [-passout arg] [-text] [-noout] [-param_out] [-conv_form arg] [-pubin] [-pubout] [-param_enc arg] [-engine id] [-des] [-des3] [-idea]

选项

-inform arg     input format - DER or PEM
 -outform arg    output format - DER or PEM
 -in arg         input file
 -passin arg     input file pass phrase source
 -out arg        output file
 -passout arg    output file pass phrase source
 -engine e       use engine e, possibly a hardware device.
 -des            encrypt PEM output, instead of ‘des‘ every other
                 cipher supported by OpenSSL can be used
 -text           print the key
 -noout          don‘t print key out
 -param_out      print the elliptic curve parameters
 -conv_form arg  specifies the point conversion form
                 possible values: compressed
                                  uncompressed (default)
                                   hybrid
 -param_enc arg  specifies the way the ec parameters are encoded
                 in the asn1 der encoding
                 possible values: named_curve (default)
                                  explicit

三、实例

1、生成EC私钥

openssl ecparam -genkey -name prime256v1 -param_enc explicit -outform pem -out ec_prikey.pem

2、对私钥进行口令保护

openssl ec -in ec_prikey.pem -des -out ec_prikey.pem

3、从私钥提取公钥

openssl ec -in ec_prikey.pem -pubout -out ec_pubkey.pem

4、查看私钥信息

openssl ec -in ec_prikey.pem -passin pass:"123456" -text

5、查看公钥信息

openssl ec -in ec_pubkey.pem -pubin -text

6、pem为der

openssl ec -in ec_prikey.pem -outform der -out ec_prikey.der

参考:http://blog.csdn.net/as3luyuan123/article/details/14138983
时间: 2024-10-16 13:52:33

Openssl ec命令的相关文章

OpenSSL之命令总结

OpenSSL从基础到应用系列: 1) OpenSSL之安全通讯基础 2) OpenSSL之PKI 3) OpenSSL之SSL协议的Web安全实现 4) OpenSSL之编译安装 透过上面几个方面的学习,我们应该对OpenSSL有了一个基本的了解.OpenSSL功能之强大,命令组合用法之多,往往让我们的学习不知所措.在此,我们来对openssl命令的使用做一个总结. 语法格式:  openssl command [ command_opts ] [ command_args ] 常用comma

熟练掌握 openssl 证书命令说明

熟练掌握 openssl 证书命令说明2.在我电脑建立好一个目录,并启动 terminal ,进入该目录cd /Users/dhbm/Desktop/ssl/sign2018072913.生成Self Signed证书1).生成一个key(我的私钥)openssl genrsa -des3 -out selfsign.key 4096 结果 (过程中 密码: 123456)Generating RSA private key, 4096 bit long modulus...........++

Openssl pkcs7命令

一.简介 pkcs7命令用于处理DER或者PEM格式的pkcs#7文件.   二.语法 openssl pkcs7 [-inform PEM|DER] [-outform PEM|DER] [-in filename] [-out filename] [-print] [-print_certs] [-text] [-noout] [-engine id] 选项 -inform arg input format - DER or PEM -outform arg output format -

Openssl ca命令

一.简介 ca命令能够签发证书请求文件以及生成CRL列表 二.语法 openssl ca [-verbose] [-config filename] [-name section] [-gencrl] [-revoke file][-crl_reason reason] [-crl_hold instruction] [-crl_compromise time] [-crl_CA_compromise time ] [ -subj subj] [-crldays days] [-crlhours

Openssl crl2pkcs7命令

一.简介 crl2pkcs7命令根据CRL或证书来生成pkcs#7消息 二.语法 openssl crl2pkcs7 [-inform PEM|DER ] [-outform PEM|DER ] [-in filename ] [-out filename ] [-certfile filename ] [-nocrl ] 选项 -inform arg input format - DER or PEM -outform arg output format - DER or PEM -in ar

Openssl crl命令

一.简介 crl命令用于处里PME或DER格式的CRL文件 二.语法 openssl crl [-inform PEM|DER] [-outform PEM|DER] [-text] [-in filename] [-out filename] [-hash] [-fingerprint] [-issuer ] [-lastupdate ] [-nextupdate ] [-crlnumber] [-noout ] [-CAfile file ] [-CApath dir ] [-nameopt

Openssl req命令

一.简介 req指令用来创建和处理PKCS#10格式的证书 二.语法 openssl req [-inform PEM|DER] [-outform PEM|DER] [-in filename] [-out filename] [-text] [-pubkey] [-noout] [-verify] [-modulus] [-nodes] [-subject] [-passin arg] [-passout arg] [-key filename] [-keyform PEM|DER] [-k

Openssl asn1parse命令

一.简介 asn1parse命令是一种用来诊断ASN.1结构的工具,也能用于从ASN1.1数据中提取数据 二.语法 openssl asn1parse [-inform PEM|DER] [-in filename] [-out filename] [-noout] [-offset number] [-length number] [-i] [- structure filename] [-strparse offset] 选项 -inform arg input format - one o

Openssl rsa命令

一.简介 Rsa命令用于处理RSA密钥.格式转换和打印信息 二.语法 openssl rsa [-inform PEM|NET|DER] [-outform PEM|NET|DER] [-in filename] [-passin arg] [-out filename] [-passout arg] [-sgckey] [-text] [-noout] [-modulus] [-check] [-pubin] [-pubout] [-engine id] [-des] [-des3] [-id