openssl生成RSA格式,并转为pkcs8格式

openssl默认使用的是PEM格式,经过base64。

生成pem格式的私钥:
openssl genrsa -out private_key.pem 1024

生成公钥:
openssl rsa -in private_key.pem -pubout -out public_key.pem

产生的密钥如下:

[wind@localhost key]$ cat private_key.pem
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u
VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+RpkIAb2gMU8hGrNfR34izZh36
KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB
AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo
AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY/juA60QDe5kY5
rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV
xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO
0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC
u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep
3wYjmjIUKBT9SyIY5sng78ybgZkyGjza/Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD
bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL/YsjK
OZM3d/t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu
i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU/pxao=
-----END RSA PRIVATE KEY-----
[wind@localhost key]$
[wind@localhost key]$
[wind@localhost key]$ openssl rsa -in private_key.pem -pubout -out public_key.pem
writing RSA key
[wind@localhost key]$ cat public_key.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q
URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+R
pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZ
JkgyKcWqnz5aL3FMXQIDAQAB
-----END PUBLIC KEY-----

某些语言需要pkcs8格式的公钥。 (php就不需要了)
使用openssl将刚才生成的公钥转为pkcs#8格式:
openssl pkcs8 -topk8 -inform PEM -in private_key.pem -outform PEM -nocrypt -out private_key_pkcs8.pem

继续阅读“openssl生成RSA格式,并转为pkcs8格式”

一个以ajax请求为主的应用,数据传输加密的解决方案

首先是密钥交换的过程,Diffie-Hellman密钥交换算法参考维基百科的文档:
http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange

client端js语言,服务端php语言 用DH密钥交换算法交换密钥。
继续阅读“一个以ajax请求为主的应用,数据传输加密的解决方案”