Benutzer:RokerHRO/OpenSSL
aus Wikipedia, der freien Enzyklopädie
(scratchbook: OpenSSL)
RSA
RSA-Key erzeugen
$ openssl genrsa -out /tmp/test.rsa Generating RSA private key, 2048 bit long modulus ..+++ .................................................................................+++ e is 65537 (0x10001)
Eigentlich wären Public Key und Private Key gleich aufgebaut: Aus Modulus und Exponent. Es lässt sich aber leichter verschlüsseln, wenn man die Zwischenwerte, die bei der Schlüsselerzeugung anfielen und weitere Werte zusammen mit dem Private Key abspeichert. Darum sind in OpenSSL Private Keys deutlich(!) größer als Public Keys:
$ ls -l /tmp/test.rsa* -rw-rw-r-- 1 lr deb 1679 Aug 26 17:40 /tmp/test.rsa -rw-rw-r-- 1 lr deb 451 Aug 26 17:43 /tmp/test.rsa.pub
Macht man die Base64-Kodierung rückgängig, so enthält der Private Key 1192 Bytes, der Public Key 294 Bytes. Das ist der ASN.1 DER-Kodierung geschuldet.
Private-Key anschauen
$ openssl rsa -text < /tmp/test.rsa
Private-Key: (2048 bit)
modulus:
00:c8:af:25:38:09:3d:dc:54:90:54:62:ec:e5:ee:
ad:c0:39:a1:d9:ab:f8:a3:0e:c2:ca:f9:8e:24:a9:
9d:4d:25:78:f6:96:8c:05:04:9c:ea:e3:35:7e:e8:
3b:a8:51:c2:28:54:e0:67:d7:60:5e:41:14:e6:77:
2e:10:5e:d3:ce:5d:c9:e9:8e:fb:a8:4f:fa:f9:f3:
12:5e:3a:92:6c:1d:cc:ff:0d:bd:0c:b5:5b:a7:99:
19:0e:a4:32:d8:0b:0e:eb:76:2f:45:6e:fe:54:6f:
c2:5c:c4:de:5b:50:df:2f:f1:23:87:dd:fe:64:c1:
99:ee:f8:17:bd:15:ff:77:02:1a:79:67:12:ed:df:
8e:17:ce:43:1c:f6:fd:1a:f3:83:81:23:2d:ea:33:
52:27:c9:e0:32:34:30:4a:57:fe:79:c4:fb:e2:60:
2c:40:d6:4f:0b:a7:95:25:ea:50:fe:8b:52:a7:40:
8a:2b:2d:08:e7:67:68:2b:24:48:05:26:37:c7:a3:
cf:50:3e:69:d4:37:9c:6f:90:98:d7:aa:f6:6b:a1:
e2:c9:67:c1:27:dd:da:e6:84:10:4e:81:a6:38:32:
ce:19:2a:e9:f2:4c:7c:0f:2b:8f:97:64:6a:03:87:
6c:4c:ee:23:8b:58:6d:d7:30:89:49:dd:f5:01:87:
1e:6d
publicExponent: 65537 (0x10001)
privateExponent:
46:80:c1:a2:9e:1c:8d:7b:67:f9:3d:87:dc:7f:ad:
ab:0a:94:41:d4:98:d5:30:2a:5f:04:ad:5b:53:fb:
5f:4e:fa:e0:26:a3:aa:5f:a4:81:20:b1:7a:94:3b:
e1:36:57:ef:b3:61:e3:19:57:51:c5:ab:82:0b:fc:
b2:e3:9d:a5:b2:6d:6d:10:3e:79:33:20:09:0f:cc:
34:2e:7f:a2:5c:15:d8:c5:0a:d5:9c:21:47:10:12:
2d:82:a2:1a:24:48:69:90:6b:ab:09:03:70:c6:92:
91:e4:d7:f9:5c:c0:0c:27:bb:43:d0:49:bf:3c:04:
c8:5f:80:77:7d:72:f2:6b:bb:4d:1e:f3:61:90:30:
ac:e7:b1:0a:eb:a9:3e:6e:05:2b:ec:3c:15:26:d5:
4a:72:46:8e:d3:c5:34:c7:60:d2:22:dd:e3:77:05:
1b:c8:65:c9:31:c2:a5:41:34:92:63:97:26:df:21:
e6:8c:45:f3:df:4f:e9:41:f7:d9:d1:c1:b3:e7:b9:
db:a7:8c:e6:d8:cf:87:ab:34:51:0c:fa:86:28:c2:
7a:bc:94:94:5b:d4:a7:f8:78:f8:f7:5b:ce:96:1a:
ea:b0:03:bd:0d:1c:e3:f4:39:bb:7c:d5:30:8f:cf:
0c:a4:06:34:6d:52:a6:45:ad:de:23:8b:26:7d:5c:
01
prime1:
00:ee:1d:5b:1a:57:20:ed:1c:fb:fa:93:19:92:43:
de:59:75:f0:f0:3f:85:45:1e:61:b9:70:e3:91:e0:
a2:d5:a9:f0:75:54:53:76:12:99:f5:16:05:07:f6:
8c:a2:93:6c:04:6a:8e:17:52:92:dd:b0:80:c2:7a:
89:0d:09:1e:3d:7e:72:a9:1d:33:7d:7c:1e:25:7b:
ee:ae:29:cc:04:3c:2f:a0:bb:50:ca:4c:b9:0e:53:
6a:20:8f:9d:db:e0:a4:bb:aa:91:84:d2:99:e1:68:
3d:8e:22:2e:76:89:da:c6:e3:ca:25:2c:c4:a9:86:
4c:9a:00:28:03:6e:7d:23:bd
prime2:
00:d7:c2:0c:52:3e:d2:59:d9:fe:9a:85:a1:c6:2b:
53:be:d6:2a:80:8a:cd:99:eb:9c:fa:16:f2:d1:e8:
c4:65:8c:5d:54:d9:9a:67:56:d3:31:bc:71:da:50:
f2:4c:2d:4c:be:05:4c:c4:f9:2d:b0:1a:e9:73:9a:
b4:1f:cf:fb:93:0a:49:b9:76:ce:b2:8b:45:83:66:
42:6d:a7:fc:59:55:4d:83:a9:68:73:60:63:24:6a:
64:d2:8d:c9:0d:58:3e:cc:dd:21:dc:e2:4f:ef:ad:
52:5e:25:cb:33:e7:8f:d4:98:12:87:14:e3:08:3b:
fb:ba:3b:1b:6c:09:6d:38:71
exponent1:
00:b5:5f:a7:05:69:58:ab:44:68:ab:75:61:05:08:
ad:55:77:81:0f:7f:53:04:53:20:1d:20:e0:37:3d:
e4:ca:db:a7:4d:b7:ed:db:02:50:43:5f:82:75:8e:
57:91:7e:b9:c8:a3:61:98:62:4d:7c:8f:f5:84:2d:
d2:37:1b:ba:ed:1c:64:3a:6d:03:cb:91:bf:64:ce:
02:00:a7:d5:bf:64:18:e3:55:cb:34:4d:3c:a8:ac:
e1:29:ec:3b:52:40:cb:3a:27:b2:b0:79:ba:bc:f7:
a9:eb:9a:1d:ca:2d:37:78:48:0a:b2:46:67:86:b9:
c5:9f:88:7e:f2:1e:37:34:01
exponent2:
00:9e:26:e0:6f:3d:1b:65:bf:74:70:81:f9:d6:50:
16:1f:f1:ce:cf:d0:6e:eb:1f:99:3e:7c:a9:db:12:
1b:3c:30:8a:8d:52:c0:6a:75:6b:73:ae:a5:6a:19:
21:b2:93:16:08:c7:cb:c1:2a:c1:c1:af:c8:65:f4:
05:8a:b8:22:b9:62:b6:2d:db:97:a1:aa:92:f6:c1:
73:79:fb:c3:ef:1b:a7:29:16:79:b8:f0:f3:5b:53:
1d:ba:75:31:e5:b5:44:bb:58:70:a4:ff:c3:06:75:
ee:c5:92:40:84:38:7d:e6:a0:de:1b:e4:44:92:d9:
9d:28:a2:80:f4:4d:68:a1:11
coefficient:
3e:f9:ec:8e:83:cd:89:69:56:20:cd:89:4c:09:8d:
92:4b:33:bd:36:2a:57:b9:7d:7f:19:11:bc:d9:19:
bd:69:24:90:57:3e:e4:f3:f8:d8:c0:23:f1:f9:5a:
97:ea:96:97:d6:de:64:12:dd:e7:d2:19:9e:d9:0f:
b1:08:83:fe:d0:43:c2:20:1e:f9:31:be:df:1f:1a:
37:6a:65:1e:90:4e:85:ef:3a:32:43:48:e4:6c:99:
d2:13:1f:ee:ad:ca:1a:7c:09:ff:f6:92:42:81:ce:
06:20:e6:2a:f9:b3:d7:86:b2:35:3f:44:8f:c5:02:
2a:26:3a:12:a1:4c:fe:e5
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAyK8lOAk93FSQVGLs5e6twDmh2av4ow7CyvmOJKmdTSV49paM
BQSc6uM1fug7qFHCKFTgZ9dgXkEU5ncuEF7Tzl3J6Y77qE/6+fMSXjqSbB3M/w29
DLVbp5kZDqQy2AsO63YvRW7+VG/CXMTeW1DfL/Ejh93+ZMGZ7vgXvRX/dwIaeWcS
7d+OF85DHPb9GvODgSMt6jNSJ8ngMjQwSlf+ecT74mAsQNZPC6eVJepQ/otSp0CK
Ky0I52doKyRIBSY3x6PPUD5p1Decb5CY16r2a6HiyWfBJ93a5oQQToGmODLOGSrp
8kx8DyuPl2RqA4dsTO4ji1ht1zCJSd31AYcebQIDAQABAoIBAEaAwaKeHI17Z/k9
h9x/rasKlEHUmNUwKl8ErVtT+19O+uAmo6pfpIEgsXqUO+E2V++zYeMZV1HFq4IL
/LLjnaWybW0QPnkzIAkPzDQuf6JcFdjFCtWcIUcQEi2CohokSGmQa6sJA3DGkpHk
1/lcwAwnu0PQSb88BMhfgHd9cvJru00e82GQMKznsQrrqT5uBSvsPBUm1UpyRo7T
xTTHYNIi3eN3BRvIZckxwqVBNJJjlybfIeaMRfPfT+lB99nRwbPnudunjObYz4er
NFEM+oYownq8lJRb1Kf4ePj3W86WGuqwA70NHOP0Obt81TCPzwykBjRtUqZFrd4j
iyZ9XAECgYEA7h1bGlcg7Rz7+pMZkkPeWXXw8D+FRR5huXDjkeCi1anwdVRTdhKZ
9RYFB/aMopNsBGqOF1KS3bCAwnqJDQkePX5yqR0zfXweJXvurinMBDwvoLtQyky5
DlNqII+d2+Cku6qRhNKZ4Wg9jiIudonaxuPKJSzEqYZMmgAoA259I70CgYEA18IM
Uj7SWdn+moWhxitTvtYqgIrNmeuc+hby0ejEZYxdVNmaZ1bTMbxx2lDyTC1MvgVM
xPktsBrpc5q0H8/7kwpJuXbOsotFg2ZCbaf8WVVNg6loc2BjJGpk0o3JDVg+zN0h
3OJP761SXiXLM+eP1JgShxTjCDv7ujsbbAltOHECgYEAtV+nBWlYq0Roq3VhBQit
VXeBD39TBFMgHSDgNz3kytunTbft2wJQQ1+CdY5XkX65yKNhmGJNfI/1hC3SNxu6
7RxkOm0Dy5G/ZM4CAKfVv2QY41XLNE08qKzhKew7UkDLOieysHm6vPep65odyi03
eEgKskZnhrnFn4h+8h43NAECgYEAnibgbz0bZb90cIH51lAWH/HOz9Bu6x+ZPnyp
2xIbPDCKjVLAanVrc66lahkhspMWCMfLwSrBwa/IZfQFirgiuWK2LduXoaqS9sFz
efvD7xunKRZ5uPDzW1MdunUx5bVEu1hwpP/DBnXuxZJAhDh95qDeG+REktmdKKKA
9E1ooRECgYA++eyOg82JaVYgzYlMCY2SSzO9NipXuX1/GRG82Rm9aSSQVz7k8/jY
wCPx+VqX6paX1t5kEt3n0hme2Q+xCIP+0EPCIB75Mb7fHxo3amUekE6F7zoyQ0jk
bJnSEx/urcoafAn/9pJCgc4GIOYq+bPXhrI1P0SPxQIqJjoSoUz+5Q==
-----END RSA PRIVATE KEY-----
Public-Key abtrennen
$ openssl rsa -pubout < /tmp/test.rsa > /tmp/test.rsa.pub
Public-Key anschauen
$ openssl rsa -pubin -text < /tmp/test.rsa.pub | less
writing RSA key
Public-Key: (2048 bit)
Modulus:
00:c8:af:25:38:09:3d:dc:54:90:54:62:ec:e5:ee:
ad:c0:39:a1:d9:ab:f8:a3:0e:c2:ca:f9:8e:24:a9:
9d:4d:25:78:f6:96:8c:05:04:9c:ea:e3:35:7e:e8:
3b:a8:51:c2:28:54:e0:67:d7:60:5e:41:14:e6:77:
2e:10:5e:d3:ce:5d:c9:e9:8e:fb:a8:4f:fa:f9:f3:
12:5e:3a:92:6c:1d:cc:ff:0d:bd:0c:b5:5b:a7:99:
19:0e:a4:32:d8:0b:0e:eb:76:2f:45:6e:fe:54:6f:
c2:5c:c4:de:5b:50:df:2f:f1:23:87:dd:fe:64:c1:
99:ee:f8:17:bd:15:ff:77:02:1a:79:67:12:ed:df:
8e:17:ce:43:1c:f6:fd:1a:f3:83:81:23:2d:ea:33:
52:27:c9:e0:32:34:30:4a:57:fe:79:c4:fb:e2:60:
2c:40:d6:4f:0b:a7:95:25:ea:50:fe:8b:52:a7:40:
8a:2b:2d:08:e7:67:68:2b:24:48:05:26:37:c7:a3:
cf:50:3e:69:d4:37:9c:6f:90:98:d7:aa:f6:6b:a1:
e2:c9:67:c1:27:dd:da:e6:84:10:4e:81:a6:38:32:
ce:19:2a:e9:f2:4c:7c:0f:2b:8f:97:64:6a:03:87:
6c:4c:ee:23:8b:58:6d:d7:30:89:49:dd:f5:01:87:
1e:6d
Exponent: 65537 (0x10001)
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyK8lOAk93FSQVGLs5e6t
wDmh2av4ow7CyvmOJKmdTSV49paMBQSc6uM1fug7qFHCKFTgZ9dgXkEU5ncuEF7T
zl3J6Y77qE/6+fMSXjqSbB3M/w29DLVbp5kZDqQy2AsO63YvRW7+VG/CXMTeW1Df
L/Ejh93+ZMGZ7vgXvRX/dwIaeWcS7d+OF85DHPb9GvODgSMt6jNSJ8ngMjQwSlf+
ecT74mAsQNZPC6eVJepQ/otSp0CKKy0I52doKyRIBSY3x6PPUD5p1Decb5CY16r2
a6HiyWfBJ93a5oQQToGmODLOGSrp8kx8DyuPl2RqA4dsTO4ji1ht1zCJSd31AYce
bQIDAQAB
-----END PUBLIC KEY-----
