반응형
OpenSSL을 사용하여 RSA 키를 생성하는 방법
1) 개인키 생성
openssl genrsa -out openssl_rsa_1024.key -rand /dev/urandom 1024$ openssl genrsa -out openssl_rsa_1024.key -rand /dev/urandom 1024
2048 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
..........++++++
...........++++++
e is 65537 (0x10001)2) 공개키 생성
openssl rsa -inform PEM -outform PEM -in openssl_rsa_1024.key -outopenssl rsa -inform PEM -outform PEM -in openssl_rsa_1024.key -out openssl_rsa_1024.pubkey -pubout
writing RSA key$ ls -l openssl_rsa_1024.*
-rw-r--r-- 1 root root 891 2013-07-04 14:36 openssl_rsa_1024.key
-rw-r--r-- 1 root root 272 2013-07-04 14:37 openssl_rsa_1024.pubkey3) 개인키 파일 내용
cat openssl_rsa_1024.key$ cat openssl_rsa_1024.key
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDTwbfkqUAywH5WXMxQCjtwZp8LVBKD9hdTr29z8qCy9YRGpSt6
nm+oiWW7MFDjNGL/KjvNeWASeJFBFy5Q0lTB1qG2dx1U91NMbZpYw/j9ZBhEEvnk
c0rlnJixHJnaebF0ISMX7eWpqklzCWm6z3Vt0pIog4SQmCnfwkerM4tFowIDAQAB
AoGBAJ2E+fV3zZCzToeRyk4z/lkzjVXQ+WD+fAW9eAvpTY8yQW6HyVsSZn8Zjfp8
C3+n5Yhoc0n64vN6ipq/0q0+eNrJJfVFkCCaei1Pdn4oeM2Av4yFqX5ih523jgu6
aW84fyFmJCKqURzjrjnGixWa7zfo8SaZFYJ/fYPh1fShiiXJAkEA+q6dDt5QNIy0
ff8DLRx0E3fzLKHrSa5B+Tgj7U7xRVVPxrw0A4tZVwxnqtHB22j/HwwM10qMeuBZ
5aHnufwBFQJBANg/tjBUXnamj/zR2/joBq24AgVR+0CcrLdxcWtcJbFzmXwBsih/
EM7bEiO1LGjTOhly5tbnAKCr6C2ENhxSKdcCQQDSUP1kJBCWhhZIP1Oi3WRlkRVs
NMz6nECtnvRFfR3fVZwA2JWrA5aI+ddf8Wv7cTPaEHoVhm4mCWRizFtmJo+hAkBt
TCZlXv8vsRftjJRFxeA6RVqgHcOD8KxLO4c74CMdAXR9/M1zMmXoZ0lPyu5bPQeM
fUq3K6JhkwGSn9RJlC2ZAkEA9nextgjStLpIo65JMDmCuXFEFIAQzh49cjYbG/Qo
XHuD7p5dgsoDZYqPuNaric/6mO+ZBqgoRWpCFSc4z8HuiA==
-----END RSA PRIVATE KEY-----openssl rsa -inform PEM -in openssl_rsa_1024.key -text$ openssl rsa -inform PEM -in openssl_rsa_1024.key -text
Private-Key: (1024 bit)
modulus:
00:d3:c1:b7:e4:a9:40:32:c0:7e:56:5c:cc:50:0a:
3b:70:66:9f:0b:54:12:83:f6:17:53:af:6f:73:f2:
a0:b2:f5:84:46:a5:2b:7a:9e:6f:a8:89:65:bb:30:
50:e3:34:62:ff:2a:3b:cd:79:60:12:78:91:41:17:
2e:50:d2:54:c1:d6:a1:b6:77:1d:54:f7:53:4c:6d:
9a:58:c3:f8:fd:64:18:44:12:f9:e4:73:4a:e5:9c:
98:b1:1c:99:da:79:b1:74:21:23:17:ed:e5:a9:aa:
49:73:09:69:ba:cf:75:6d:d2:92:28:83:84:90:98:
29:df:c2:47:ab:33:8b:45:a3
publicExponent: 65537 (0x10001)
privateExponent:
00:9d:84:f9:f5:77:cd:90:b3:4e:87:91:ca:4e:33:
fe:59:33:8d:55:d0:f9:60:fe:7c:05:bd:78:0b:e9:
4d:8f:32:41:6e:87:c9:5b:12:66:7f:19:8d:fa:7c:
0b:7f:a7:e5:88:68:73:49:fa:e2:f3:7a:8a:9a:bf:
d2:ad:3e:78:da:c9:25:f5:45:90:20:9a:7a:2d:4f:
76:7e:28:78:cd:80:bf:8c:85:a9:7e:62:87:9d:b7:
8e:0b:ba:69:6f:38:7f:21:66:24:22:aa:51:1c:e3:
ae:39:c6:8b:15:9a:ef:37:e8:f1:26:99:15:82:7f:
7d:83:e1:d5:f4:a1:8a:25:c9
prime1:
00:fa:ae:9d:0e:de:50:34:8c:b4:7d:ff:03:2d:1c:
74:13:77:f3:2c:a1:eb:49:ae:41:f9:38:23:ed:4e:
f1:45:55:4f:c6:bc:34:03:8b:59:57:0c:67:aa:d1:
c1:db:68:ff:1f:0c:0c:d7:4a:8c:7a:e0:59:e5:a1:
e7:b9:fc:01:15
prime2:
00:d8:3f:b6:30:54:5e:76:a6:8f:fc:d1:db:f8:e8:
06:ad:b8:02:05:51:fb:40:9c:ac:b7:71:71:6b:5c:
25:b1:73:99:7c:01:b2:28:7f:10:ce:db:12:23:b5:
2c:68:d3:3a:19:72:e6:d6:e7:00:a0:ab:e8:2d:84:
36:1c:52:29:d7
exponent1:
00:d2:50:fd:64:24:10:96:86:16:48:3f:53:a2:dd:
64:65:91:15:6c:34:cc:fa:9c:40:ad:9e:f4:45:7d:
1d:df:55:9c:00:d8:95:ab:03:96:88:f9:d7:5f:f1:
6b:fb:71:33:da:10:7a:15:86:6e:26:09:64:62:cc:
5b:66:26:8f:a1
exponent2:
6d:4c:26:65:5e:ff:2f:b1:17:ed:8c:94:45:c5:e0:
3a:45:5a:a0:1d:c3:83:f0:ac:4b:3b:87:3b:e0:23:
1d:01:74:7d:fc:cd:73:32:65:e8:67:49:4f:ca:ee:
5b:3d:07:8c:7d:4a:b7:2b:a2:61:93:01:92:9f:d4:
49:94:2d:99
coefficient:
00:f6:77:b1:b6:08:d2:b4:ba:48:a3:ae:49:30:39:
82:b9:71:44:14:80:10:ce:1e:3d:72:36:1b:1b:f4:
28:5c:7b:83:ee:9e:5d:82:ca:03:65:8a:8f:b8:d6:
ab:89:cf:fa:98:ef:99:06:a8:28:45:6a:42:15:27:
38:cf:c1:ee:88
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDTwbfkqUAywH5WXMxQCjtwZp8LVBKD9hdTr29z8qCy9YRGpSt6
nm+oiWW7MFDjNGL/KjvNeWASeJFBFy5Q0lTB1qG2dx1U91NMbZpYw/j9ZBhEEvnk
c0rlnJixHJnaebF0ISMX7eWpqklzCWm6z3Vt0pIog4SQmCnfwkerM4tFowIDAQAB
AoGBAJ2E+fV3zZCzToeRyk4z/lkzjVXQ+WD+fAW9eAvpTY8yQW6HyVsSZn8Zjfp8
C3+n5Yhoc0n64vN6ipq/0q0+eNrJJfVFkCCaei1Pdn4oeM2Av4yFqX5ih523jgu6
aW84fyFmJCKqURzjrjnGixWa7zfo8SaZFYJ/fYPh1fShiiXJAkEA+q6dDt5QNIy0
ff8DLRx0E3fzLKHrSa5B+Tgj7U7xRVVPxrw0A4tZVwxnqtHB22j/HwwM10qMeuBZ
5aHnufwBFQJBANg/tjBUXnamj/zR2/joBq24AgVR+0CcrLdxcWtcJbFzmXwBsih/
EM7bEiO1LGjTOhly5tbnAKCr6C2ENhxSKdcCQQDSUP1kJBCWhhZIP1Oi3WRlkRVs
NMz6nECtnvRFfR3fVZwA2JWrA5aI+ddf8Wv7cTPaEHoVhm4mCWRizFtmJo+hAkBt
TCZlXv8vsRftjJRFxeA6RVqgHcOD8KxLO4c74CMdAXR9/M1zMmXoZ0lPyu5bPQeM
fUq3K6JhkwGSn9RJlC2ZAkEA9nextgjStLpIo65JMDmCuXFEFIAQzh49cjYbG/Qo
XHuD7p5dgsoDZYqPuNaric/6mO+ZBqgoRWpCFSc4z8HuiA==
-----END RSA PRIVATE KEY-----4) 공개키 파일 내용
cat openssl_rsa_1024.pubkey$ cat openssl_rsa_1024.pubkey
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTwbfkqUAywH5WXMxQCjtwZp8L
VBKD9hdTr29z8qCy9YRGpSt6nm+oiWW7MFDjNGL/KjvNeWASeJFBFy5Q0lTB1qG2
dx1U91NMbZpYw/j9ZBhEEvnkc0rlnJixHJnaebF0ISMX7eWpqklzCWm6z3Vt0pIo
g4SQmCnfwkerM4tFowIDAQAB
-----END PUBLIC KEY-----openssl rsa -inform PEM -pubin -in openssl_rsa_1024.pubkey -text$ openssl rsa -inform PEM -pubin -in openssl_rsa_1024.pubkey -text
Public-Key: (1024 bit)
Modulus:
00:d3:c1:b7:e4:a9:40:32:c0:7e:56:5c:cc:50:0a:
3b:70:66:9f:0b:54:12:83:f6:17:53:af:6f:73:f2:
a0:b2:f5:84:46:a5:2b:7a:9e:6f:a8:89:65:bb:30:
50:e3:34:62:ff:2a:3b:cd:79:60:12:78:91:41:17:
2e:50:d2:54:c1:d6:a1:b6:77:1d:54:f7:53:4c:6d:
9a:58:c3:f8:fd:64:18:44:12:f9:e4:73:4a:e5:9c:
98:b1:1c:99:da:79:b1:74:21:23:17:ed:e5:a9:aa:
49:73:09:69:ba:cf:75:6d:d2:92:28:83:84:90:98:
29:df:c2:47:ab:33:8b:45:a3
Exponent: 65537 (0x10001)
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTwbfkqUAywH5WXMxQCjtwZp8L
VBKD9hdTr29z8qCy9YRGpSt6nm+oiWW7MFDjNGL/KjvNeWASeJFBFy5Q0lTB1qG2
dx1U91NMbZpYw/j9ZBhEEvnkc0rlnJixHJnaebF0ISMX7eWpqklzCWm6z3Vt0pIo
g4SQmCnfwkerM4tFowIDAQAB
-----END PUBLIC KEY-----
Open SSL : 암호화/복호화의 단순한 예시
1)간단한 원문 작성
vi text_original.txt"DNSSEC is a suite of IETF apecifcations for securing certain kinds of infomation provided by the DNS"2) 암호화 처리 및 암호문 내용 확인
openssl rsautl -encrypt -pubin -inkey openssl_rsa_1024.pubkey -in text_original.txt -out text_cypher.txt$ ls -l
합계 16
-rw-r--r-- 1 root root 891 2013-07-04 14:36 openssl_rsa_1024.key
-rw-r--r-- 1 root root 272 2013-07-04 14:37 openssl_rsa_1024.pubkey
-rw-r--r-- 1 root root 128 2013-07-04 14:46 text_cypher.txt
-rw-r--r-- 1 root root 103 2013-07-04 14:44 text_original.txt$ file *
openssl_rsa_1024.key: ASCII text
openssl_rsa_1024.pubkey: ASCII text
text_cypher.txt: data
text_original.txt: ASCII English texthexdump -C text_cypher.txt$ hexdump -C text_cypher.txt
00000000 24 52 08 44 81 dc f8 4a 55 01 36 ba f0 60 d3 f6 |$R.D...JU.6..`..|
00000010 71 c8 0b 8a b5 f3 8c 71 31 a9 2a b7 bc 7b ec 88 |q......q1.*..{..|
00000020 ed 79 f1 6c 8f 80 4a 94 f5 0d ac 4d 54 92 50 67 |.y.l..J....MT.Pg|
00000030 df 5f 6a 19 b5 74 b9 6d ff ff a7 3e 73 6f 7a cf |._j..t.m...>soz.|
00000040 77 12 db 1f d9 82 01 99 da cc 5b 50 43 de 2f 9b |w.........[PC./.|
00000050 c5 23 ea 74 5c 51 f0 86 23 d4 55 11 aa ad 4c 1c |.#.t\Q..#.U...L.|
00000060 33 66 7c bf 43 ca 75 a7 44 a3 f8 9a 4f 2c ad fd |3f|.C.u.D...O,..|
00000070 0e 23 21 2e 09 c9 07 8c 6d 47 a1 5b 64 d0 cd d9 |.#!.....mG.[d...|3) 수신 암호문의 복호화 처리 및 원문 해독 내용 확인
openssl rsautl -decrypt -inkey openssl_rsa_1024.key -in text_cypher.txt -out text_restored.txt$ ls -la
합계 32
drwxrwxrwt. 3 root root 4096 2013-07-04 14:48 .
dr-xr-xr-x. 22 root root 4096 2013-07-04 12:23 ..
drwxrwxrwt 2 root root 4096 2013-07-04 12:23 .ICE-unix
-rw-r--r-- 1 root root 891 2013-07-04 14:36 openssl_rsa_1024.key
-rw-r--r-- 1 root root 272 2013-07-04 14:37 openssl_rsa_1024.pubkey
-rw-r--r-- 1 root root 128 2013-07-04 14:46 text_cypher.txt
-rw-r--r-- 1 root root 103 2013-07-04 14:44 text_original.txt
-rw-r--r-- 1 root root 103 2013-07-04 14:48 text_restored.txt$ cat text_restored.txt
"DNSSEC is a suite of IETF apecifcations for securing certain kinds of infomation provided by the DNS"diff text_original.txt text_restored.txt
728x90
반응형
'리눅스' 카테고리의 다른 글
| CentOS 7에서 ModSecurity를 설치하는 방법 (0) | 2013.07.09 |
|---|---|
| MySQL error: No curses/termcap library found (0) | 2013.07.09 |
| [리눅스] 우분투에서 sudo를 비밀번호 없이 사용하는 방법 (0) | 2013.07.04 |
| 쉘(Shell) 환경 변수를 등록하는 방법 (0) | 2013.07.03 |
| CentOS Net Install을 통한 설치 (1) | 2013.07.02 |
