521 | 521 |
|
522 | 522 |
Create encrypted file (from commandline):
|
523 | 523 |
|
524 | |
echo 'secret message' | openssl rsautl -encrypt -inkey rsakey.pub.pem -pubin -out input.encrypted.rsa
|
|
524 |
openssl rsautl -encrypt -inkey rsakey.pub.pem -pubin -out input.encrypted.rsa -in input.data
|
525 | 525 |
|
526 | 526 |
Decrypt file (Perl code):
|
527 | 527 |
|
|
557 | 557 |
|
558 | 558 |
Verify signature (Perl code):
|
559 | 559 |
|
560 | |
use Crypt::PK::RSA;
|
561 | |
use Crypt::Digest 'digest_file';
|
562 | |
use File::Slurp 'read_file';
|
|
560 |
use Crypt::PK::RSA;
|
|
561 |
use Crypt::Digest 'digest_file';
|
|
562 |
use File::Slurp 'read_file';
|
563 | 563 |
|
564 | |
my $pkrsa = Crypt::PK::RSA->new("rsakey.pub.pem");
|
565 | |
my $signature = read_file("input.sha1-rsa.sig", binmode=>':raw');
|
566 | |
my $valid = $pkrsa->verify_hash($signature, digest_file("SHA1", "input.data"), "SHA1", "v1.5");
|
567 | |
print $valid ? "SUCCESS" : "FAILURE";
|
|
564 |
my $pkrsa = Crypt::PK::RSA->new("rsakey.pub.pem");
|
|
565 |
my $signature = read_file("input.sha1-rsa.sig", binmode=>':raw');
|
|
566 |
my $valid = $pkrsa->verify_hash($signature, digest_file("SHA1", "input.data"), "SHA1", "v1.5");
|
|
567 |
print $valid ? "SUCCESS" : "FAILURE";
|
568 | 568 |
|
569 | 569 |
=head2 Sign by Crypt::PK::RSA, verify by OpenSSL
|
570 | 570 |
|
571 | 571 |
Create signature (Perl code):
|
572 | 572 |
|
573 | |
use Crypt::PK::RSA;
|
574 | |
use Crypt::Digest 'digest_file';
|
575 | |
use File::Slurp 'write_file';
|
|
573 |
use Crypt::PK::RSA;
|
|
574 |
use Crypt::Digest 'digest_file';
|
|
575 |
use File::Slurp 'write_file';
|
576 | 576 |
|
577 | |
my $pkrsa = Crypt::PK::RSA->new("rsakey.priv.pem");
|
578 | |
my $signature = $pkrsa->sign_hash(digest_file("SHA1", "input.data"), "SHA1", "v1.5");
|
579 | |
write_file("input.sha1-rsa.sig", {binmode=>':raw'}, $signature);
|
|
577 |
my $pkrsa = Crypt::PK::RSA->new("rsakey.priv.pem");
|
|
578 |
my $signature = $pkrsa->sign_hash(digest_file("SHA1", "input.data"), "SHA1", "v1.5");
|
|
579 |
write_file("input.sha1-rsa.sig", {binmode=>':raw'}, $signature);
|
580 | 580 |
|
581 | 581 |
Verify signature (from commandline):
|
582 | 582 |
|
583 | 583 |
openssl dgst -sha1 -verify rsakey.pub.pem -signature input.sha1-rsa.sig input.data
|
584 | 584 |
|
|
585 |
=head2 Keys generated by Crypt::PK::RSA
|
|
586 |
|
|
587 |
Generate keys (Perl code):
|
|
588 |
|
|
589 |
use Crypt::PK::RSA;
|
|
590 |
use File::Slurp 'write_file';
|
|
591 |
|
|
592 |
my $pkrsa = Crypt::PK::RSA->new;
|
|
593 |
$pkrsa->generate_key(256, 65537);
|
|
594 |
write_file("rsakey.pub.der", {binmode=>':raw'}, $pkrsa->export_key_der('public'));
|
|
595 |
write_file("rsakey.priv.der", {binmode=>':raw'}, $pkrsa->export_key_der('private'));
|
|
596 |
write_file("rsakey.pub.pem", $pkrsa->export_key_pem('public_x509'));
|
|
597 |
write_file("rsakey.priv.pem", $pkrsa->export_key_pem('private'));
|
|
598 |
write_file("rsakey-passwd.priv.pem", $pkrsa->export_key_pem('private', 'secret'));
|
|
599 |
|
|
600 |
Use keys by OpenSSL:
|
|
601 |
|
|
602 |
openssl rsa -in rsakey.priv.der -text -inform der
|
|
603 |
openssl rsa -in rsakey.priv.pem -text
|
|
604 |
openssl rsa -in rsakey-passwd.priv.pem -text -inform pem -passin pass:secret
|
|
605 |
openssl rsa -in rsakey.pub.der -pubin -text -inform der
|
|
606 |
openssl rsa -in rsakey.pub.pem -pubin -text
|
|
607 |
|
|
608 |
=head2 Keys generated by OpenSSL
|
|
609 |
|
|
610 |
Generate keys:
|
|
611 |
|
|
612 |
openssl genrsa -out rsakey.priv.pem 1024
|
|
613 |
openssl rsa -in rsakey.priv.pem -out rsakey.priv.der -outform der
|
|
614 |
openssl rsa -in rsakey.priv.pem -out rsakey.pub.pem -pubout
|
|
615 |
openssl rsa -in rsakey.priv.pem -out rsakey.pub.der -outform der -pubout
|
|
616 |
openssl rsa -in rsakey.priv.pem -passout pass:secret -des3 -out rsakey-passwd.priv.pem
|
|
617 |
|
|
618 |
Load keys (Perl code):
|
|
619 |
|
|
620 |
use Crypt::PK::RSA;
|
|
621 |
use File::Slurp 'write_file';
|
|
622 |
|
|
623 |
my $pkrsa = Crypt::PK::RSA->new;
|
|
624 |
$pkrsa->import_key("rsakey.pub.der");
|
|
625 |
$pkrsa->import_key("rsakey.priv.der");
|
|
626 |
$pkrsa->import_key("rsakey.pub.pem");
|
|
627 |
$pkrsa->import_key("rsakey.priv.pem");
|
|
628 |
$pkrsa->import_key("rsakey-passwd.priv.pem", "secret");
|
|
629 |
|
585 | 630 |
=head1 SEE ALSO
|
586 | 631 |
|
587 | 632 |
=over
|