dh 加密解密

# 创建dh参数文件dhp.pem 
openssl genpkey -genparam -algorithm DH -out dhp.pem 

# 用dh 参数文件创建私钥dhkey1.pem
openssl genpkey -paramfile dhp.pem -out dhkey1.pem
openssl pkey -in dhkey1.pem -text -noout

# 用dh 参数文件创建私钥dhkey2.pem
openssl genpkey -paramfile dhp.pem -out dhkey2.pem
openssl pkey -in dhkey2.pem -text -noout

# 创建私钥dhkey1.pem对应的公钥dhpub1.pem
openssl pkey -in dhkey1.pem -pubout -out dhpub1.pem
openssl pkey -pubin -in dhpub1.pem -text 

# 创建私钥dhkey2.pem对应的公钥dhpub2.pem
openssl pkey -in dhkey2.pem -pubout -out dhpub2.pem
openssl pkey -pubin -in dhpub2.pem -text 

# 用自己的私钥和对方的公钥获取共享密钥
openssl pkeyutl -derive -inkey dhkey1.pem -peerkey dhpub2.pem -out secret1.bin

# 用对方的私钥和自己的公钥获取共享密钥
openssl pkeyutl -derive -inkey dhkey2.pem -peerkey dhpub1.pem -out secret2.bin

rsa 加密 解密 签名 验证

# 明文数据
echo "abc" > test.txt

# 生成私钥
openssl genrsa -out private.pem 2048

# 生成公钥
openssl rsa -in private.pem -pubout -out public.pem

# 公钥加密
openssl rsautl -encrypt -in test.txt -inkey public.pem -pubin -out test.enc

# 私钥解密
openssl rsautl -decrypt -in test.enc -inkey private.pem -out test.dec

# 私钥签名明文。私钥对明文签名
openssl rsautl -sign -in test.txt -inkey private.pem -out test.sign

# 公钥验证明文。公钥验证明文的签名
openssl rsautl -verify -in test.sign -inkey public.pem -pubin -out test.ver

# 私钥签名摘要。sha256对明文生成摘要，用私钥对摘要签名
openssl dgst -sha256 -sign private.pem -out test.dgst.sign test.txt

# 公钥验证摘要。公钥验证摘要的签名
openssl dgst -sha256 -verify public.pem -signature test.dgst.sign test.txt

dsa 加密 解密 签名 验证

echo "123456" > aa

openssl dsaparam -out dsaparam.pem 1024 

openssl gendsa -out privkey.pem dsaparam.pem

openssl dsa -in privkey.pem -out pubkey.pem -pubout

openssl dgst -sha512 -sign privkey.pem -out sign.result aa 

openssl dgst -sha512 -verify pubkey.pem -signature sign.result aa