一、简介
椭圆曲线密钥处理工具
二、语法
openssl ec [-inform PEM|DER] [-outform PEM|DER] [-in filename] [-out filename] [-passin arg] [-passout arg] [-text] [-noout] [-param_out] [-conv_form arg] [-pubin] [-pubout] [-param_enc arg] [-engine id] [-des] [-des3] [-idea]
选项
-inform arg input format - DER or PEM -outform arg output format - DER or PEM -in arg input file -passin arg input file pass phrase source -out arg output file -passout arg output file pass phrase source -engine e use engine e, possibly a hardware device. -des encrypt PEM output, instead of 'des' every other cipher supported by OpenSSL can be used -text print the key -noout don't print key out -param_out print the elliptic curve parameters -conv_form arg specifies the point conversion form possible values: compressed uncompressed (default) hybrid -param_enc arg specifies the way the ec parameters are encoded in the asn1 der encoding possible values: named_curve (default) explicit
三、实例
1、生成EC私钥
openssl ecparam -genkey -name prime256v1 -param_enc explicit -outform pem -out ec_prikey.pem
2、对私钥进行口令保护
openssl ec -in ec_prikey.pem -des -out ec_prikey.pem
openssl ec -in ec_prikey.pem -des -passout pass:"123456" -out ec_prikey.pem
3、从私钥提取公钥
openssl ec -in ec_prikey.pem -pubout -out ec_pubkey.pem
4、查看私钥信息
openssl ec -in ec_prikey.pem -passin pass:"123456" -text
5、查看公钥信息
openssl ec -in ec_pubkey.pem -pubin -text
6、pem为der
openssl ec -in ec_prikey.pem -outform der -out ec_prikey.der