RSA的私钥和公钥,以及用openssl制作的方法
目录
RSA原理
RSA加密算法,在RSA算法原理中介绍的很明白。
简而言之,一共有个六个数字:
p :质数,随机选取
q :质数,随机选取
n :大数,=p*q,n的位数就是加密的强度
φ(n) :大数的欧拉函数价,=(p-1)*(q-1)
e :在区间( 1, φ(n) )中随机选择的一个与φ(n)质的数
d :通过φ(n)和e计算出的,e*d ≡ 1 (mod φ(n))
公钥是(n,e),私钥是(n,d)。
用公钥加密的过程:
m^e ≡ c (mod n) //m是明文,c是密文,通过m、e、n计算出c,m必须小于n
用私钥解密的过程:
c^d ≡ m (mod n) //m是明文,c是密文,通过c、d、n计算出m,m是小于n的数
RSA算法的加密强度取决于φ(n)的计算难度,私钥中的d就是通过e和φ(n)计算出来的。
根据欧拉公式,将n分解为两个质数后,就可以求的φ(n):
φ(n)=(p-1)*(q-1)
而大数的质因数分解是非常困难的,除了暴力破解,至今没有别的有效方法。
用opensssl制作
生成私钥,加密强度为1024:
openssl genrsa -out rsa_private_key.pem 1024
生成公钥:
openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
私钥和公钥不可以颠倒使用!
用公钥的加密的内容,可以用私钥解密,用私钥加密的内容,也可以用公钥解密。
但是私钥文件和公钥文件不可以颠倒使用,因为私钥文件中包含的信息超出了解密的需要。
如下面命令输出所示:
$ openssl rsa -in rsa_private_key.pem -text -noout
Private-Key: (1024 bit)
modulus: <<-- 大数n
00:be:6e:a6:ae:00:d8:db:cf:9f:fb:d7:05:45:5a:
b4:b7:b9:8e:a8:33:cb:d4:b8:0a:9f:3b:2f:cb:d6:
06:be:e0:19:fc:f2:be:32:ed:b3:93:7d:95:47:51:
79:06:d4:65:e2:e4:6c:f3:22:a9:32:9f:2f:6a:b0:
33:bc:37:d4:18:c0:f0:bf:0e:74:f0:bf:4d:6c:53:
0a:a9:bd:fb:2f:29:40:c8:6d:a8:c9:21:94:cc:d3:
e7:c8:9b:32:29:28:4a:36:15:08:dd:c5:f5:41:98:
7b:ce:f4:17:e1:e8:ea:ae:81:8f:43:91:e8:75:60:
6b:d1:c6:9d:5a:8e:10:5e:9b
publicExponent: 65537 (0x10001) <<-- e
privateExponent: <<-- d
0d:11:28:ac:cd:f0:13:7d:36:bc:20:30:03:67:4a:
f9:44:69:4e:8f:67:50:2c:64:c6:32:58:80:43:2a:
69:54:95:53:ef:10:30:0c:71:83:10:5d:fa:eb:d3:
43:2d:b5:e4:10:ca:8d:10:76:cd:bb:70:94:80:8c:
bc:40:94:74:14:0b:26:06:78:2c:cb:06:a4:01:54:
e7:4a:49:07:9f:03:fd:66:31:5b:9d:81:4f:23:a5:
78:b8:2a:2e:b6:72:74:23:f1:a0:a0:88:bf:34:8d:
d4:be:c0:09:4b:39:a4:66:2d:52:0d:e1:68:99:22:
b9:b0:96:10:3b:34:5a:d9
prime1: <<-- 质数p
00:e7:9d:16:98:a9:77:64:b6:41:22:5b:75:dd:40:
82:ca:e7:6d:41:4b:77:76:ef:33:f7:37:49:c7:94:
f8:ae:98:ef:21:ce:e3:26:17:67:fe:65:1b:ff:e6:
52:2a:bb:cd:fd:71:ca:c6:47:a7:38:6a:2b:af:cf:
dd:f3:47:9a:cf
prime2: <<-- 质数q
00:d2:7b:8f:51:f9:f7:e4:0b:4c:35:95:d5:b5:c9:
c3:a6:27:eb:87:84:aa:98:17:d0:06:d6:63:4b:73:
5a:e8:2d:92:69:97:31:52:6c:c0:4f:2b:be:b4:64:
1c:2a:a1:e3:ff:b8:21:00:b6:ec:2e:c3:27:2e:70:
fd:b3:0f:02:75
exponent1: <<-- d mod (p-1)
00:ce:01:6f:de:bb:24:a1:a4:65:8c:9c:92:da:07:
0e:0e:51:07:61:43:31:6f:cc:d4:88:b7:59:5d:36:
48:76:6b:3a:8e:f4:88:1f:12:44:82:06:06:80:76:
a8:70:af:f8:48:cb:d4:92:c5:9a:9b:57:fb:a1:75:
9e:b1:4a:e8:0b
exponent2: <<-- d mode (q-1)
00:8e:4f:08:29:ae:ce:51:9a:e9:dd:d8:fe:73:38:
85:55:93:ec:04:e6:47:c9:29:60:77:1f:00:67:85:
08:d3:ad:ec:2e:04:11:4e:df:44:6e:c2:ee:df:5c:
48:46:f2:ca:0a:9d:5d:82:f4:2a:5f:bb:86:84:39:
d4:ed:f9:99:f9
coefficient: <<-- q - 1 mod p
32:9c:86:32:ed:9e:74:ad:c3:38:8a:46:7b:6f:ac:
97:94:ec:2c:55:80:4f:20:76:26:07:1a:f3:ea:20:
5e:51:99:37:4f:e4:1c:e4:a0:d3:93:6d:b1:00:18:
a4:29:92:e6:c1:b1:a8:b9:4e:2e:3d:44:f7:b0:9f:
df:8b:7b:7f
私钥文件中包含了所有信息,而不是只有n和d,虽然解密的时候只需要n和d!
因此,公钥和私钥不可颠倒使用!
公钥文件中只包含了加密时需要的n和e。
$ openssl rsa -in rsa_public_key.pem -pubin -text -noout
Public-Key: (1024 bit)
Modulus:
00:be:6e:a6:ae:00:d8:db:cf:9f:fb:d7:05:45:5a:
b4:b7:b9:8e:a8:33:cb:d4:b8:0a:9f:3b:2f:cb:d6:
06:be:e0:19:fc:f2:be:32:ed:b3:93:7d:95:47:51:
79:06:d4:65:e2:e4:6c:f3:22:a9:32:9f:2f:6a:b0:
33:bc:37:d4:18:c0:f0:bf:0e:74:f0:bf:4d:6c:53:
0a:a9:bd:fb:2f:29:40:c8:6d:a8:c9:21:94:cc:d3:
e7:c8:9b:32:29:28:4a:36:15:08:dd:c5:f5:41:98:
7b:ce:f4:17:e1:e8:ea:ae:81:8f:43:91:e8:75:60:
6b:d1:c6:9d:5a:8e:10:5e:9b
Exponent: 65537 (0x10001)
并且,e一般都默认使用65537,即使私钥文件中只有(n, d),也不能互换。
参考
