openssl生成公私钥为什么不能互换

发表于 | 分类于
字数统计: 3,809字 | 阅读时长 ≈ 22分钟
RSA算法从实现原理上来说,没有公私钥的区分,一个key为公钥,另一个则为私钥。但今天用openssl生成密钥时才发现。。。

RSA算法简单回顾

RSA常见参数

  • RSA算法涉及三个参数,n,e,d,私钥为(n,d),公钥为(n,e)。

  • 其中n是两个大素数p,q的乘积,

  • d是e模$ varphi(n) $的逆元,$ varphi(n) $是n的欧拉函数。

  • c为密文,m为明文,

在n,e是公开的情况下,想要知道d的值,必须要将n分解计算出n的欧拉函数值,而n是两个大素数p,q的乘积,将其分解是困难的,所以大数分解决定了该算法的安全性。

公钥与私钥的产生:

  1. 进行加密之前,首先找出2个不同的大质数p和q

  2. 计算n=p*q

  3. 根据欧拉函数,求得φ(n)=φ(p)φ(q)=(p−1)(q−1)

  4. 找出一个公钥e,e要满足: 1<e<φ(n) 的整数,且使e和φ(N)互质。

  5. 根据e*d除以φ(n)余数为1,找到私钥d。

  6. 公钥就是(n,e) 私钥就是(n,d)

所以公钥和私钥在原理上是可以互相替换的,在 公钥没有泄露的情况下 ,下发私钥并利用私钥进行加密,公钥进行解密完成可行。

问题由来

以前用openssl生成公私钥时,都是直接机械式复制那几条命令,没有深究。今天在生成公钥的时候,才发现openssl的公钥原来是从私钥中提取出来的,那如果公私钥互换,,,???

分析:

生成密钥与公钥
  1. 利用openssl生成密钥:
1
(umask 066;openssl genrsa -out genrsa.pem 4096;umask 022)

这里因为密钥一般只自已使用,所以直接用umask生成了600权限的密钥。

  1. 利用生成密钥提取公钥:
1
openssl rsa -in genrsa.pem -out rsa.pub -pubout
分析公私钥
  1. 使用openssl命令提取公钥的信息
1
openssl rsa -pubin -in rsa.pub -text -modulus

如下所示:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
Public-Key: (4096 bit)
Modulus:
    00:b7:07:81:b3:0f:3c:8b:f8:7e:e4:8d:a3:ee:42:
    6d:1b:8f:0c:c3:d5:b5:9b:f0:0b:8a:81:4f:76:d5:
    cc:2b:7e:b6:98:2e:bf:e2:77:ac:cb:da:fb:a5:a2:
    a6:56:e3:c7:1f:0e:61:06:ab:4c:89:65:4b:c5:1d:
    24:cd:01:e1:1e:23:90:c9:c9:f5:ba:e7:b8:c0:6f:
    17:2d:a1:05:aa:2c:5c:58:ca:28:dc:74:6a:8f:d6:
    10:73:1c:2c:6b:ec:38:01:c0:86:dd:b1:da:ba:9e:
    23:bf:d4:5f:3f:16:3e:ab:b8:0d:80:7b:22:b1:35:
    ba:5d:8a:25:ec:cd:07:7f:7e:c7:97:d5:33:37:bb:
    16:b6:c6:a8:98:d1:ea:da:65:74:f9:21:b9:39:bd:
    61:31:36:f8:81:3c:28:17:80:3f:87:c4:69:fa:6a:
    54:e5:98:64:44:13:e7:2a:9d:c0:00:99:0b:a7:55:
    68:c3:83:68:46:cd:f3:2e:de:2d:f8:e8:00:5b:1c:
    38:06:e4:63:59:e4:1d:66:5a:28:fc:72:f9:65:1b:
    ba:e8:fe:9a:a7:f6:b2:79:ee:bb:ec:4f:32:47:ba:
    9f:da:8c:27:77:b8:4c:b6:f0:1c:1b:95:19:71:cd:
    8e:1f:57:39:d6:0d:ed:00:c6:78:77:ba:f1:93:bb:
    c5:4e:fd:03:71:c1:55:d8:93:1c:3a:6d:7e:87:1a:
    cb:c6:5c:0e:4d:bf:05:73:59:c9:02:16:53:5c:bc:
    e9:8e:a0:e8:20:fa:de:75:ca:09:7d:60:1a:a6:3c:
    83:0c:ff:5c:5e:6a:bd:53:47:87:f9:fc:fd:c0:74:
    d2:8a:fa:c2:bf:5a:7c:b6:83:c4:37:64:52:72:7e:
    24:30:5c:7e:ea:d0:c8:6d:94:96:ad:02:bc:12:92:
    5a:48:a9:72:ae:b0:e7:2e:f2:d4:84:08:1a:77:72:
    c0:42:27:12:0c:7e:82:89:c7:9d:a7:d7:1b:c3:57:
    c5:73:74:e5:08:0c:9f:57:9b:6e:a2:ac:00:44:86:
    fd:3c:f0:a6:85:6e:51:50:6a:88:fc:38:e2:ae:4d:
    ce:56:d1:ad:cc:42:4b:d4:a0:f7:56:de:df:7b:52:
    b0:d9:b8:9d:7f:37:80:80:8e:b4:50:16:7a:5d:4e:
    43:98:a0:15:0d:30:b0:d7:a2:4e:70:1d:bf:f6:b8:
    e4:8e:ac:23:ef:81:eb:14:cf:9e:32:12:ca:7f:9b:
    d9:14:9e:4a:d2:97:d8:c7:6c:f0:41:f9:e1:75:1d:
    a8:e5:e4:b1:e1:b9:a7:f5:9a:fb:b6:26:70:7b:02:
    14:ee:ac:4e:0b:31:71:3b:eb:05:8b:0d:6e:d8:27:
    50:7d:1d
Exponent: 65537 (0x10001)
Modulus=B70781B30F3C8BF87EE48DA3EE426D1B8F0CC3D5B59BF00B8A814F76D5CC2B7EB6982EBFE277ACCBDAFBA5A2A656E3C71F0E6106AB4C89654BC51D24CD01E11E2390C9C9F5BAE7B8C06F172DA105AA2C5C58CA28DC746A8FD610731C2C6BEC3801C086DDB1DABA9E23BFD45F3F163EABB80D807B22B135BA5D8A25ECCD077F7EC797D53337BB16B6C6A898D1EADA6574F921B939BD613136F8813C2817803F87C469FA6A54E598644413E72A9DC000990BA75568C3836846CDF32EDE2DF8E8005B1C3806E46359E41D665A28FC72F9651BBAE8FE9AA7F6B279EEBBEC4F3247BA9FDA8C2777B84CB6F01C1B951971CD8E1F5739D60DED00C67877BAF193BBC54EFD0371C155D8931C3A6D7E871ACBC65C0E4DBF057359C90216535CBCE98EA0E820FADE75CA097D601AA63C830CFF5C5E6ABD534787F9FCFDC074D28AFAC2BF5A7CB683C4376452727E24305C7EEAD0C86D9496AD02BC12925A48A972AEB0E72EF2D484081A7772C04227120C7E8289C79DA7D71BC357C57374E5080C9F579B6EA2AC004486FD3CF0A6856E51506A88FC38E2AE4DCE56D1ADCC424BD4A0F756DEDF7B52B0D9B89D7F3780808EB450167A5D4E4398A0150D30B0D7A24E701DBFF6B8E48EAC23EF81EB14CF9E3212CA7F9BD9149E4AD297D8C76CF041F9E1751DA8E5E4B1E1B9A7F59AFBB626707B0214EEAC4E0B31713BEB058B0D6ED827507D1D
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtweBsw88i/h+5I2j7kJt
G48Mw9W1m/ALioFPdtXMK362mC6/4nesy9r7paKmVuPHHw5hBqtMiWVLxR0kzQHh
HiOQycn1uue4wG8XLaEFqixcWMoo3HRqj9YQcxwsa+w4AcCG3bHaup4jv9RfPxY+
q7gNgHsisTW6XYol7M0Hf37Hl9UzN7sWtsaomNHq2mV0+SG5Ob1hMTb4gTwoF4A/
h8Rp+mpU5ZhkRBPnKp3AAJkLp1Vow4NoRs3zLt4t+OgAWxw4BuRjWeQdZloo/HL5
ZRu66P6ap/ayee677E8yR7qf2ownd7hMtvAcG5UZcc2OH1c51g3tAMZ4d7rxk7vF
Tv0DccFV2JMcOm1+hxrLxlwOTb8Fc1nJAhZTXLzpjqDoIPredcoJfWAapjyDDP9c
Xmq9U0eH+fz9wHTSivrCv1p8toPEN2RScn4kMFx+6tDIbZSWrQK8EpJaSKlyrrDn
LvLUhAgad3LAQicSDH6Cicedp9cbw1fFc3TlCAyfV5tuoqwARIb9PPCmhW5RUGqI
/Djirk3OVtGtzEJL1KD3Vt7fe1Kw2bidfzeAgI60UBZ6XU5DmKAVDTCw16JOcB2/
9rjkjqwj74HrFM+eMhLKf5vZFJ5K0pfYx2zwQfnhdR2o5eSx4bmn9Zr7tiZwewIU
7qxOCzFxO+sFiw1u2CdQfR0CAwEAAQ==
-----END PUBLIC KEY-----

发现公钥(n,e)正常,

  1. 查看生成私钥
1
openssl rsa -in genrsa.pem -text -noout

由于私钥过长,此处加了‘-noout’参数,不显示私钥内容,如下所示:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
Private-Key: (4096 bit)
modulus:
    00:b7:07:81:b3:0f:3c:8b:f8:7e:e4:8d:a3:ee:42:
    6d:1b:8f:0c:c3:d5:b5:9b:f0:0b:8a:81:4f:76:d5:
    cc:2b:7e:b6:98:2e:bf:e2:77:ac:cb:da:fb:a5:a2:
    a6:56:e3:c7:1f:0e:61:06:ab:4c:89:65:4b:c5:1d:
    24:cd:01:e1:1e:23:90:c9:c9:f5:ba:e7:b8:c0:6f:
    17:2d:a1:05:aa:2c:5c:58:ca:28:dc:74:6a:8f:d6:
    10:73:1c:2c:6b:ec:38:01:c0:86:dd:b1:da:ba:9e:
    23:bf:d4:5f:3f:16:3e:ab:b8:0d:80:7b:22:b1:35:
    ba:5d:8a:25:ec:cd:07:7f:7e:c7:97:d5:33:37:bb:
    16:b6:c6:a8:98:d1:ea:da:65:74:f9:21:b9:39:bd:
    61:31:36:f8:81:3c:28:17:80:3f:87:c4:69:fa:6a:
    54:e5:98:64:44:13:e7:2a:9d:c0:00:99:0b:a7:55:
    68:c3:83:68:46:cd:f3:2e:de:2d:f8:e8:00:5b:1c:
    38:06:e4:63:59:e4:1d:66:5a:28:fc:72:f9:65:1b:
    ba:e8:fe:9a:a7:f6:b2:79:ee:bb:ec:4f:32:47:ba:
    9f:da:8c:27:77:b8:4c:b6:f0:1c:1b:95:19:71:cd:
    8e:1f:57:39:d6:0d:ed:00:c6:78:77:ba:f1:93:bb:
    c5:4e:fd:03:71:c1:55:d8:93:1c:3a:6d:7e:87:1a:
    cb:c6:5c:0e:4d:bf:05:73:59:c9:02:16:53:5c:bc:
    e9:8e:a0:e8:20:fa:de:75:ca:09:7d:60:1a:a6:3c:
    83:0c:ff:5c:5e:6a:bd:53:47:87:f9:fc:fd:c0:74:
    d2:8a:fa:c2:bf:5a:7c:b6:83:c4:37:64:52:72:7e:
    24:30:5c:7e:ea:d0:c8:6d:94:96:ad:02:bc:12:92:
    5a:48:a9:72:ae:b0:e7:2e:f2:d4:84:08:1a:77:72:
    c0:42:27:12:0c:7e:82:89:c7:9d:a7:d7:1b:c3:57:
    c5:73:74:e5:08:0c:9f:57:9b:6e:a2:ac:00:44:86:
    fd:3c:f0:a6:85:6e:51:50:6a:88:fc:38:e2:ae:4d:
    ce:56:d1:ad:cc:42:4b:d4:a0:f7:56:de:df:7b:52:
    b0:d9:b8:9d:7f:37:80:80:8e:b4:50:16:7a:5d:4e:
    43:98:a0:15:0d:30:b0:d7:a2:4e:70:1d:bf:f6:b8:
    e4:8e:ac:23:ef:81:eb:14:cf:9e:32:12:ca:7f:9b:
    d9:14:9e:4a:d2:97:d8:c7:6c:f0:41:f9:e1:75:1d:
    a8:e5:e4:b1:e1:b9:a7:f5:9a:fb:b6:26:70:7b:02:
    14:ee:ac:4e:0b:31:71:3b:eb:05:8b:0d:6e:d8:27:
    50:7d:1d
publicExponent: 65537 (0x10001)
privateExponent:
    52:4e:36:dd:ed:a9:1d:8c:76:8b:92:c2:38:1f:78:
    ef:1e:a9:ef:da:c7:9b:43:1b:fd:81:de:d9:22:95:
    78:ad:b7:b0:c1:bd:1a:3b:14:e2:6b:2c:24:b4:fa:
    b6:32:21:d5:ee:62:65:5c:5c:c3:a0:60:ad:58:48:
    b7:43:f4:16:d8:89:80:a4:a8:33:0f:86:fe:4a:36:
    93:17:48:f3:d8:95:02:7c:8e:59:6c:a4:8a:e0:09:
    6f:aa:28:b3:b3:7b:10:16:a2:cf:48:ee:82:63:20:
    d2:5f:cf:21:10:80:c8:39:b1:20:a8:be:d6:0f:c2:
    29:d4:38:ef:be:d7:73:56:f0:ac:6f:7c:63:c0:67:
    1b:74:44:56:cc:77:1f:14:e6:c0:2d:91:1c:cc:f3:
    ca:ec:dc:5d:49:4f:02:1a:72:f7:3b:b5:28:9d:ee:
    65:7c:dd:01:dc:2d:64:f5:a1:64:e3:6d:e1:26:c0:
    40:c3:73:fd:fb:19:33:67:48:27:19:35:27:c3:8d:
    d2:53:9b:f5:cd:66:07:23:de:30:80:07:74:97:3e:
    bb:0d:db:40:52:e8:b9:7a:48:d9:a0:57:8c:f7:f8:
    70:8f:fc:23:93:26:34:51:cf:61:fb:ef:80:44:9e:
    77:ab:82:df:a6:4d:80:be:bf:67:a0:12:88:8b:b4:
    d2:e7:9d:30:df:cb:87:9a:fd:f8:7f:0d:47:97:c3:
    5b:e8:6e:89:b7:54:9a:10:87:49:e6:13:ac:2c:f5:
    09:e7:2c:c6:47:0e:d8:19:37:89:40:56:f0:cf:27:
    88:35:86:4d:e4:07:cb:b1:0e:d7:37:d7:f1:cb:ac:
    33:ab:6d:01:50:18:c1:13:9e:e7:21:7c:7c:48:38:
    4b:cb:9e:b1:f1:7f:02:07:5f:71:3e:83:b8:e7:a3:
    00:73:ce:ed:fc:41:ac:7b:b8:c7:58:03:09:09:e7:
    ef:ee:02:b6:3b:2a:c0:9b:64:a4:cf:ee:79:69:b9:
    f3:8f:38:7c:d9:cb:e0:b0:1e:12:bb:e4:f4:f3:1d:
    98:0d:2a:f1:e8:3c:ba:6a:ce:fd:a8:4b:60:d3:93:
    c0:ba:3c:8d:84:eb:45:23:82:c9:92:3b:30:df:54:
    d8:6c:9b:c1:4a:19:39:1b:45:51:a2:45:98:91:ea:
    82:70:9d:0f:0f:f2:fd:28:66:e6:1f:f3:9a:99:14:
    c6:18:6f:28:e9:37:d4:cb:d7:f8:e2:00:8f:c6:f8:
    ff:51:1f:ab:08:74:1e:e5:ac:7f:b6:81:29:73:7f:
    1f:bf:7d:6d:99:49:09:f9:65:1b:d7:8e:da:40:a6:
    09:9c:a9:f0:16:54:dc:86:2a:a8:aa:54:59:d5:f9:
    84:e5
prime1:
    00:f0:c5:64:57:7c:d7:ce:c0:95:1a:c7:7b:82:1a:
    85:ba:c0:14:12:f6:9a:90:57:1a:9b:f0:e9:64:05:
    d6:08:d5:d0:03:14:6e:aa:46:19:b1:67:f2:15:2d:
    be:22:79:75:00:64:61:27:8a:d1:14:8c:39:a8:06:
    e5:33:01:4d:e0:0c:cd:0e:02:58:b6:c5:5f:42:d5:
    60:2f:16:bd:16:22:b9:54:84:ea:41:c3:55:fd:09:
    fc:6f:1a:28:f1:1a:33:45:67:62:8e:dc:cb:89:fe:
    38:3b:d9:0f:da:9e:dc:cc:3b:5c:ca:66:78:16:62:
    87:6f:2a:c7:cc:17:3e:3e:db:61:14:b2:10:26:a5:
    80:3e:8d:ed:aa:96:72:18:65:e7:05:2c:0b:32:d8:
    b8:1b:0a:3d:f7:77:27:54:55:83:a4:43:63:08:a9:
    40:98:83:99:32:67:95:3e:a7:00:96:c2:d5:63:0e:
    b0:e2:c3:4e:d0:47:36:10:06:e9:8a:51:8a:16:71:
    e6:d8:6b:41:0f:10:08:46:be:48:d9:39:32:b6:8f:
    c8:ce:49:c0:7a:82:08:83:e0:1a:f8:8d:3e:38:75:
    70:69:dd:5c:5a:b7:6e:bd:7e:ce:de:d4:ee:06:3d:
    14:ab:8e:78:00:f8:ab:3e:72:60:bb:54:55:7d:54:
    5e:f7
prime2:
    00:c2:9b:26:6e:43:fd:bf:8e:db:70:99:3a:44:c7:
    fa:ad:f3:01:ca:ff:1e:ed:e6:2d:95:6b:b3:13:1b:
    e5:dd:c1:eb:32:c2:c3:b9:96:48:f4:82:84:b5:06:
    48:a4:8f:01:55:cc:42:f6:7d:24:f5:57:6d:3f:63:
    4d:63:c0:2f:9d:c5:f5:7f:08:e0:20:0d:1d:c0:eb:
    2d:c8:ac:89:5a:49:ce:14:a4:35:ba:8f:af:e5:d8:
    d9:4e:9d:e5:09:df:9e:30:99:53:be:85:6b:ef:00:
    f7:18:7b:7f:52:2f:29:d4:f3:e2:ca:09:69:3d:4f:
    2c:d0:42:fe:4b:00:50:eb:a9:52:3c:12:e4:fd:5f:
    65:aa:eb:c9:84:f0:39:55:58:f6:0e:f3:aa:df:16:
    47:51:8f:6e:6a:dc:18:3f:df:4e:b7:55:28:f4:3c:
    4a:e8:7d:14:f8:c4:48:e7:cf:6b:86:6d:f9:98:39:
    49:f0:7c:b7:f7:45:4d:a1:5b:d2:4c:26:f9:1b:55:
    b1:77:9d:bd:d8:b7:42:ab:fa:94:bb:40:d4:9b:e5:
    5f:6c:f3:bc:51:22:98:fc:a5:d1:47:2d:a1:1d:eb:
    3c:b7:83:36:ea:b5:65:40:da:24:6f:84:1d:bd:72:
    0b:20:b1:49:ae:89:e5:5e:07:a7:1e:ad:e6:ce:d2:
    3b:8b
exponent1:
    60:88:83:e6:9f:e3:56:bd:d8:0a:58:98:a8:5d:41:
    e8:d2:42:3a:28:2d:68:59:c4:0d:69:d5:e9:88:7d:
    7c:25:5d:b5:1e:68:10:54:f2:d0:32:40:d9:44:f1:
    ca:98:af:d4:6c:6a:97:94:0c:a8:14:60:b9:81:aa:
    3b:7c:f6:60:32:41:b4:b0:34:29:73:90:f2:16:e2:
    ed:7e:4c:69:a7:9a:6e:cc:ab:af:9a:45:cb:a2:49:
    57:b2:41:60:09:85:2c:fa:7a:85:94:f8:f6:66:ba:
    dd:23:f6:3b:4d:1e:71:b4:0b:4c:0b:31:72:a8:26:
    6c:e7:d6:1b:79:e6:37:05:76:32:fa:01:87:bd:2b:
    61:e9:3d:b4:fb:84:db:4b:60:08:ae:d3:fe:9a:ed:
    95:c9:d1:76:7a:8b:86:40:92:fb:35:19:6b:cb:90:
    5e:95:c4:c2:74:cd:5d:c5:4f:73:22:c2:b3:68:9c:
    7b:0e:9b:76:de:56:4a:ae:ba:cb:fe:4d:43:1a:7f:
    d7:9d:89:04:25:05:6c:77:b6:75:81:7d:57:bc:e6:
    61:ef:28:00:f6:49:bb:b6:0a:9a:44:e7:01:73:f4:
    92:3d:72:5d:dc:d5:c5:9c:26:0d:29:8a:15:6e:3f:
    ef:58:bb:bc:87:f7:00:9e:93:32:08:6a:0e:49:d9:
    99
exponent2:
    00:a5:d4:5b:ed:3e:56:ee:73:27:9f:4d:93:0f:a5:
    71:81:e5:3f:b3:e1:ae:53:7e:ff:7d:02:67:78:73:
    1f:6f:d6:9d:3b:86:28:0e:ef:77:7f:93:f0:cd:e9:
    6a:e1:7f:52:dd:ef:cf:68:07:c0:04:a8:d9:59:58:
    9f:4b:cf:2b:44:40:ba:2f:e4:3a:48:55:a4:f3:0d:
    f4:d7:b9:de:d9:67:67:0a:c3:db:5c:fc:b0:21:26:
    a6:16:8e:09:ec:5d:f7:88:e6:3f:2c:6c:b9:4a:d3:
    01:bc:85:10:3b:d2:20:cd:6c:7d:e7:38:19:cb:ba:
    ba:2f:45:c7:37:d6:2f:1e:82:0c:a7:50:5a:7d:66:
    5b:56:48:d2:52:4b:fa:2f:36:3d:87:04:30:a9:25:
    6c:e4:9d:5a:b4:08:95:49:68:5a:c5:72:f6:11:19:
    87:a3:91:62:db:91:37:a7:01:63:59:0c:41:d2:6b:
    8f:0c:34:da:f7:04:c1:60:2c:c4:89:4b:f4:9e:4c:
    69:8b:ca:89:4a:30:ef:c9:69:20:70:68:90:43:c0:
    33:8e:be:2b:cc:df:b4:8a:26:2a:ad:82:be:76:a6:
    4b:f8:fd:01:41:04:0e:22:33:41:35:1d:d9:d1:e3:
    6a:84:13:4e:fc:42:59:87:c4:f1:ad:fc:f6:5f:6b:
    5a:7d
coefficient:
    00:83:41:c3:31:6a:02:15:82:69:f8:48:eb:d7:fd:
    90:61:f4:e8:10:56:dd:cd:f0:a7:cc:60:3e:2b:82:
    a3:11:31:23:b7:03:03:69:38:54:55:25:65:f8:b4:
    c6:20:37:54:d4:2e:e8:c7:36:72:a9:a2:bb:d4:31:
    65:93:1e:f7:41:e4:00:a6:a6:2d:e9:22:08:7a:f7:
    1f:b6:93:f2:0e:ba:7a:11:0b:f3:3a:1f:16:fe:1d:
    ef:65:65:89:0c:bb:07:41:10:51:4d:c6:1f:48:1e:
    d7:d9:90:73:43:88:59:0c:3d:f8:e7:22:58:42:78:
    91:6a:0a:fc:31:cc:02:4f:c1:c0:00:e0:ff:40:99:
    32:80:ef:36:c1:1f:50:6a:dc:91:b3:64:6c:1e:7e:
    48:2a:52:c3:ed:33:d5:0b:d0:1f:35:e2:cd:cc:2d:
    e1:d0:89:3d:79:12:ef:8a:dd:7a:bb:11:95:fd:b0:
    65:d8:9c:e4:fc:6a:c7:d8:55:cd:6c:79:fb:b0:1b:
    67:fe:6a:ba:f7:f6:f8:16:81:d3:8c:3b:de:a1:72:
    1c:1b:e9:ec:a8:af:37:7e:a7:41:b3:74:52:31:43:
    83:73:b7:b3:84:52:07:18:dd:fc:d1:e7:85:d6:c3:
    b0:85:99:a2:cb:09:1b:62:5d:73:3c:b4:ea:35:7f:
    97:fc

  1. 发现该私钥中存在n,e,d,也就是说利用openssl genrsa -out genrsa.pem 4096命令生成的私钥,严格意义上来说并不是私钥,而是包含公钥与私钥的密钥对。所以用openssl工具生成公钥与私钥千万不能搞错。。。

  2. 同时可以看到e,d 的值差距明显,在该例中,e=65537(现在默认)。当e=1,2,3时都有低加密指数分解攻击的风险,当e过大时,也可使用Boneh and Durfee attack等方式攻击,所以从性能与安全的角度综合考虑为65537,而生成的私钥e很大,如果置换后,可能带来性能与安全各种问题。