Table of Contents for
Network Security with OpenSSL

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Network Security with OpenSSL by Pravir Chandra Published by O'Reilly Media, Inc., 2002
  1. Cover
  2. Network Security with OpenSSL
  3. Network Security with OpenSSL
  4. Dedication
  5. A Note Regarding Supplemental Files
  6. Preface
  7. 1. Introduction
  8. 2. Command-Line Interface
  9. 3. Public Key Infrastructure (PKI)
  10. 4. Support Infrastructure
  11. 5. SSL/TLS Programming
  12. 6. Symmetric Cryptography
  13. 7. Hashes and MACs
  14. 8. Public Key Algorithms
  15. 9. OpenSSL in Other Languages
  16. 10. Advanced Programming Topics
  17. A. Command-Line Reference
  18. asn1parse
  19. ca
  20. ciphers
  21. crl
  22. crl2pkcs7
  23. dgst
  24. dhparam
  25. dsa
  26. dsaparam
  27. enc
  28. errstr
  29. gendsa
  30. genrsa
  31. nseq
  32. passwd
  33. pkcs7
  34. pkcs8
  35. pkcs12
  36. rand
  37. req
  38. rsa
  39. rsautl
  40. s_client
  41. s_server
  42. s_time
  43. sess_id
  44. smime
  45. speed
  46. spkac
  47. verify
  48. version
  49. x509
  50. Index
  51. About the Authors
  52. Colophon
  53. Copyright

Name

rsa

Synopsis

The rsa command is used modify RSA private keys or examine their contents. The command may be used to remove encryption from a private key, add it to a private key, or change the encryption that is used on a private key. The command can also be used to compute a public key from a private key.

Options

-in filename

Specify the name of a file from which an RSA private key will be read. If no file is specified, stdin is used.

-inform DER|NET|PEM

Specify the format—DER, NET, or PEM—of the key that is read as input. If this option is omitted, the default format is PEM.

-out filename

Specify the name of a file to which the output from this command will be written. If this option is omitted, stdout will be used.

-outform DER|NET|PEM

Specify the format—DER, NET or PEM—of the key that is written. If this option is omitted, the default format is PEM.

-pubin

Cause the input key to be interpreted as a public key.

-pubout

Cause the output key to be interpreted as a public key.

-passin password

Specify the password to use to decrypt the input key. This option follows the password and passphrase guidelines outlined in Chapter 2.

-passout password

Specify the password to use to encrypt the output key. This option follows the password and passphrase guidelines outlined in Chapter 2.

-des, -des3, -idea

Specify the cipher to use to encrypt the private key. If this option is omitted, the private key that is written out by this command will not be encrypted.

-noout

Cause the output of the key in DER or PEM format to be suppressed.

-text

Cause the input key, public or private, to be output in a human-readable form.

-modulus

Cause the modulus of the public key to be written to the output destination.

-check

Specify this option to check the consistency of an RSA private key.

-sgckey

Cause a modified form of the NET format used by some versions of Microsoft IIS and old Netscape servers to be used for the output key. This format is not very secure, so it should be used only if necessary.

Notes

When producing private keys using the sgckey option, the passout option is currently ignored. The command will not read some forms of an unmodified NET format private key because they contain additional data. To use these keys with this command, try editing the key with a binary editor and removing all of the data in the file prior to the byte sequence 0x30, 0x82. Do not remove this byte sequence; it should be included in the resulting file.