Openssl pkeyutl命令

一、简介

pkeyutl命令能够测试所支持的密钥算法的性能

 

二、语法

openssl rsautl [-in file] [-out file] [-sigfile file] [-inkey file] [-passin arg] [-keyform PEM|DER] [-peerkey file] 
[-peerform PEM|DER] [-pubin] [-certin] [-rev] [-sign] [-verify] [-verifyrecover ] [-encrypt] [-decrypt] [-derive]
[-pkeyopt opt:value] [-asn1parse] [-engine e]

选项

-in file        input file
-out file       output file
-sigfile file signature file (verify operation only)
-inkey file     input key
-keyform arg    private key format - default PEM
-pubin          input is a public key
-certin         input is a certificate carrying a public key
-pkeyopt X:Y    public key options
-sign           sign with private key
-verify         verify with public key
-verifyrecover  verify with public key, recover original data
-encrypt        encrypt with public key
-decrypt        decrypt with private key
-derive         derive shared secret
-hexdump        hex dump output
-engine e       use engine e, possibly a hardware device.
-passin arg     pass phrase source

 

三、实例

1、签名验签

openssl pkeyutl -sign -inkey prikey.pem -in test.txt -out test_sign.msg
openssl pkeyutl -verify -in test.txt -sigfile test_sign.msg -inkey prikey.pem

2、恢复签名数据

openssl pkeyutl -verifyrecover -in test_sign.msg -inkey prikey.pem

 

参考：http://blog.csdn.net/as3luyuan123/article/details/16331003