一、简介

pkeyutl命令能够测试所支持的密钥算法的性能

二、语法

openssl rsautl [-in file] [-out file] [-sigfile file] [-inkey file] [-passin arg] [-keyform PEM|DER] [-peerkey file]
[-peerform PEM|DER] [-pubin] [-certin] [-rev] [-sign] [-verify] [-verifyrecover ] [-encrypt] [-decrypt] [-derive]
[-pkeyopt opt:value] [-asn1parse] [-engine e]

选项

-in file        input file
-out file output file
-sigfile file signature file (verify operation only)
-inkey file input key
-keyform arg private key format - default PEM
-pubin input is a public key
-certin input is a certificate carrying a public key
-pkeyopt X:Y public key options
-sign sign with private key
-verify verify with public key
-verifyrecover verify with public key, recover original data
-encrypt encrypt with public key
-decrypt decrypt with private key
-derive derive shared secret
-hexdump hex dump output
-engine e use engine e, possibly a hardware device.
-passin arg pass phrase source

三、实例

1、签名验签

openssl pkeyutl -sign -inkey prikey.pem -in test.txt -out test_sign.msg
openssl pkeyutl -verify -in test.txt -sigfile test_sign.msg -inkey prikey.pem

Openssl pkeyutl命令-LMLPHP

2、恢复签名数据

openssl pkeyutl -verifyrecover -in test_sign.msg -inkey prikey.pem

Openssl pkeyutl命令-LMLPHP

05-11 11:29