1.1. Manage RSA Keys
该文章根据 CC-BY-4.0 协议发表,转载请遵循该协议。
本文地址:https://fenying.net/en/book/pki-tutorials/1.1.manage-rsa-keys/
Overview
This chapter introduces how to generate, convert, encode, encrypt, decrypt RSA keys using OpenSSL command-line tools.
Generate RSA Private Key
Usually, the genrsa subcommand of OpenSSL is used to generate RSA private keys.
For example, to generate an RSA private key file named rsa-p1-raw.pem, the configuration is as follows:
| Property | Value |
|---|---|
| Bits | 2048 |
| Cipher | AES-256-CFG |
| Standard | PKCS#1 |
| Encoding | PEM |
1openssl genrsa -aes-256-cfb -out ./rsa-p1.pem 2048
If no encryption algorithm flag is passed (such as
-aes-256-cfb), a raw private key without encryption protection will be generated.
Common Parameters
-outform
Specifies the output file format, which can be either PEM or DER.
-rand
Specifies the path to the random seed file used to generate random numbers.
RSA-PSS
RSA-PSS is a probabilistic signature padding scheme. Compared with the RSA PKCS#1 v1.5 padding scheme commonly used in RSA, it provides better security (at the cost of higher computational complexity, i.e., performance loss).
If you need to generate an RSA private key with RSA-PSS signature padding scheme parameters, you can use the following command:
1openssl genpkey \
2 -algorithm rsa-pss \
3 -pkeyopt rsa_keygen_bits:2048 \
4 -pkeyopt rsa_pss_keygen_md:sha256 \
5 -pkeyopt rsa_pss_keygen_mgf1_md:sha256 \
6 -pkeyopt rsa_pss_keygen_saltlen:32 \
7 -out rsa-pss.pem
Standard Conversion
PKCS#1 -> PKCS#8
1openssl pkcs8 \
2 -topk8 \
3 -inform PEM \
4 -outform PEM \
5 -in rsa-p1.pem \
6 -out rsa-p8.pem
By default, the
-v2 aes256parameter is used for encryption. If the converted key does not need encryption protection, add-nocrypt, for example:1openssl pkcs8 \ 2 -topk8 \ 3 -inform PEM \ 4 -outform PEM \ 5 -nocrypt \ 6 -in rsa-p1.pem \ 7 -out rsa-p8-raw.pem
PKCS#8 -> PKCS#1
1openssl rsa \
2 -aes-256-cfb \
3 -in rsa-p8.pem \
4 -out rsa-p1.pem
If the converted key does not need encryption protection, remove the encryption algorithm flag
-aes-256-cfb, such as:1openssl rsa \ 2 -in rsa-p8.pem \ 3 -out rsa-p1-raw.pem
By default, both input and output encodings are
PEM. If the input is DER, please specify-inform DER. If you need to output DER, please specify-outform DER.
Encoding Conversion
PKCS#1: PEM <=> DER
e.g. PEM -> DER, vice versa
1openssl rsa \
2 -inform PEM \
3 -outform DER \
4 -in rsa-p1-raw.pem \
5 -out rsa-p1-raw.der
PKCS#8: PEM <=> DER
The support for PKCS#8 DER encoding in OpenSSL is incomplete. Please do not use it.
Encryption and Decryption
Encrypt PKCS#1 Private Key
1openssl rsa \
2 -inform PEM \
3 -aes-256-cfb \
4 -in rsa-p1-raw.pem \
5 -out rsa-p1.pem
Decrypt PKCS#1 Private Key
1openssl rsa \
2 -inform PEM \
3 -in rsa-p1.pem \
4 -out rsa-p1-raw.pem
Encrypt PKCS#8 Private Key
1openssl pkcs8 \
2 -topk8 \
3 -inform PEM \
4 -v2 aes256 \
5 -in rsa-p8-raw.pem \
6 -out rsa-p8.pem
Decrypt PKCS#8 Private Key
1openssl pkcs8 \
2 -inform PEM \
3 -in rsa-p8.pem \
4 -out rsa-p8-raw.pem
Extract Public Key
1openssl rsa \
2 -inform PEM \
3 -in rsa-p1-raw.pem \
4 -pubout \
5 -out rsa-p1.pub
The
-inparameter can pass eitherPKCS#1orPKCS#8keys.
View Public Key Information
1openssl rsa \
2 -inform PEM \
3 -pubin \
4 -text \
5 -noout \
6 -in rsa-p1.pub
View Private Key Information
1openssl rsa \
2 -inform PEM \
3 -noout \
4 -text \
5 -in rsa-p1.pem
Test Key
1# Generate a random file for testing
2openssl rand -out tmp.dat 4096
3
4# Sign the random file with the private key using RSA-SHA-256
5openssl dgst -sha256 -sign rsa-p1.pem -out tmp.dat.sig tmp.dat
6
7# Verify the signature
8openssl dgst -sha256 -verify rsa-p1.pub -signature tmp.dat.sig tmp.dat
Ok, all above are the common operations of RSA keys.