opensslで暗号化せずに作成した鍵を暗号化する方法をご紹介します。
まずは暗号化なしで鍵を作成します。
|
1 2 3 4 5 6 |
[root@kamatora ~]# openssl genrsa > no-encription.key Generating RSA private key, 1024 bit long modulus ...............................++++++ ......++++++ e is 65537 (0x10001) [root@kamatora ~]# |
暗号化なしの鍵「no-encription.key」を作成しました。
この鍵を暗号化してみましょう。
|
1 |
openssl rsa -暗号方式 -in 暗号化したい鍵 -out 作成される鍵 |
暗号化方式がAES256の場合は以下のようになります。
|
1 |
openssl rsa -aes256 -in 暗号化したい鍵 -out 作成される鍵 |
実際にやってみましょう。作成される鍵を「encription.key」としています。
|
1 2 3 4 5 6 |
[root@kamatora ~]# openssl rsa -aes256 -in no-encription.key -out encription.key writing RSA key Enter PEM pass phrase: Verifying - Enter PEM pass phrase: [root@kamatora ~]# |
復号化してみましょう。パスワードが要求されることが確認できると思います。
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
[root@kamatora ~]# openssl rsa -text < encription.key <span style="color: #800000;"><span style="color: #ff0000;">Enter pass phrase</span>:</span> Private-Key: (1024 bit) modulus: 00:b2:d5:bf:27:ca:44:d1:5d:8d:9b:c3:90:8a:51: 3f:79:16:3d:f3:0a:7c:96:60:a8:57:dc:2c:5a:16: 3a:92:0d:70:0b:6f:1c:d6:e0:83:c8:e2:c3:fd:5f: 4f:c9:32:f4:8d:c2:5b:16:99:58:e9:d8:95:07:27: d3:53:e1:ba:b1:c6:37:91:31:76:ed:d4:ea:cf:22: f7:84:ae:9e:e3:79:7e:c7:7d:e6:f6:91:71:aa:05: 84:b9:f7:62:cd:21:d8:49:72:d3:90:01:ed:5f:16: 6c:37:ea:02:94:38:28:a8:1c:cd:6d:51:cd:72:7d: f1:34:87:cc:33:08:22:a9:43 publicExponent: 65537 (0x10001) privateExponent: 00:83:79:7b:28:50:9f:19:60:f2:fb:c1:e1:e0:9e: 6c:d0:a3:96:75:b8:8e:f1:ab:2b:f8:33:e8:f3:6e: 06:2f:5b:eb:b4:ac:42:82:82:da:bf:f4:5e:ec:46: 87:0c:bf:06:65:b5:ae:6b:c5:df:45:44:32:03:e9: b6:86:a3:9c:31:5d:90:ca:19:81:fb:c9:a3:69:6b: 9c:90:12:08:f9:86:1f:c2:72:af:ae:e1:a2:84:cb: 14:01:59:d6:41:4d:04:12:14:c0:34:4d:a6:1f:5b: ff:11:93:56:d7:46:f2:83:c5:4e:4e:8b:94:40:52: ec:fa:28:b5:94:1b:86:3f:19 prime1: 00:d6:ce:2d:7d:bc:ac:94:64:a6:78:97:a8:3a:92: 12:97:26:ba:07:6c:ab:85:84:fb:12:0f:85:f7:d4: d1:77:93:db:86:ab:a0:3a:ab:b4:59:f1:21:e0:d2: 71:a6:6e:c7:e5:6d:da:f7:b8:94:fb:1c:7e:1e:26: 31:f0:62:f4:55 prime2: 00:d5:21:9b:cc:5c:0c:6d:e3:4f:af:ae:ba:65:b0: 1f:5c:6d:14:5f:7f:3b:43:af:7b:89:4f:51:28:91: ef:78:3a:e1:80:eb:e8:1e:0a:a9:e4:0b:f1:dd:b9: 19:13:54:42:b1:a4:7c:67:3b:a5:c6:0c:3f:26:ee: 46:d7:02:7f:37 exponent1: 5a:2b:ac:af:06:9f:cf:9f:3c:be:8c:b3:42:fb:04: b0:cc:c1:f4:d1:ea:62:9f:43:21:fe:c0:37:1b:f0: 5e:69:04:13:51:42:6e:be:9b:73:d2:24:6d:93:09: c0:5a:ea:b0:e5:df:b0:73:9c:9e:99:04:5c:35:9e: 6b:11:af:0d exponent2: 00:80:ec:0a:8d:2c:a5:0c:17:b3:4d:27:19:73:87: 7d:00:f0:ae:a1:31:9a:4c:d0:2a:9f:1d:8e:8f:46: ef:9f:3f:a6:c6:d0:6c:a1:37:7c:1b:09:2a:ae:1f: 58:4e:bb:ea:78:00:72:8c:13:a5:ac:4e:1e:29:53: 7b:20:76:4f:33 coefficient: 09:7b:e7:7d:01:5b:b9:62:bf:2b:34:8f:f0:7b:7b: 52:48:7e:61:42:55:30:3c:5a:fd:6f:2e:08:4a:05: 5b:8c:b1:3c:2b:7c:19:2f:5b:78:f0:1e:d6:e9:da: 59:b9:c9:fd:7f:1e:0b:04:cc:80:bc:e9:34:99:41: cf:86:bf:1c writing RSA key -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQCy1b8nykTRXY2bw5CKUT95Fj3zCnyWYKhX3CxaFjqSDXALbxzW 4IPI4sP9X0/JMvSNwlsWmVjp2JUHJ9NT4bqxxjeRMXbt1OrPIveErp7jeX7Hfeb2 kXGqBYS592LNIdhJctOQAe1fFmw36gKUOCioHM1tUc1yffE0h8wzCCKpQwIDAQAB AoGBAIN5eyhQnxlg8vvB4eCebNCjlnW4jvGrK/gz6PNuBi9b67SsQoKC2r/0XuxG hwy/BmW1rmvF30VEMgPptoajnDFdkMoZgfvJo2lrnJASCPmGH8Jyr67hooTLFAFZ 1kFNBBIUwDRNph9b/xGTVtdG8oPFTk6LlEBS7PootZQbhj8ZAkEA1s4tfbyslGSm eJeoOpISlya6B2yrhYT7Eg+F99TRd5PbhqugOqu0WfEh4NJxpm7H5W3a97iU+xx+ HiYx8GL0VQJBANUhm8xcDG3jT6+uumWwH1xtFF9/O0Ove4lPUSiR73g64YDr6B4K qeQL8d25GRNUQrGkfGc7pcYMPybuRtcCfzcCQForrK8Gn8+fPL6Ms0L7BLDMwfTR 6mKfQyH+wDcb8F5pBBNRQm6+m3PSJG2TCcBa6rDl37BznJ6ZBFw1nmsRrw0CQQCA 7AqNLKUMF7NNJxlzh30A8K6hMZpM0CqfHY6PRu+fP6bG0GyhN3wbCSquH1hOu+p4 AHKME6WsTh4pU3sgdk8zAkAJe+d9AVu5Yr8rNI/we3tSSH5hQlUwPFr9by4ISgVb jLE8K3wZL1t48B7W6dpZucn9fx4LBMyAvOk0mUHPhr8c -----END RSA PRIVATE KEY----- [root@kamatora ~]# |
当たり前ではありますが、暗号化の前後で鍵の内容は変わっていません。
念のため確認してみましょう。
暗号化前の鍵「no-encription.key」を確認してみます。
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
[root@kamatora ~]# openssl rsa -text < no-encription.key Private-Key: (1024 bit) modulus: 00:b2:d5:bf:27:ca:44:d1:5d:8d:9b:c3:90:8a:51: 3f:79:16:3d:f3:0a:7c:96:60:a8:57:dc:2c:5a:16: 3a:92:0d:70:0b:6f:1c:d6:e0:83:c8:e2:c3:fd:5f: 4f:c9:32:f4:8d:c2:5b:16:99:58:e9:d8:95:07:27: d3:53:e1:ba:b1:c6:37:91:31:76:ed:d4:ea:cf:22: f7:84:ae:9e:e3:79:7e:c7:7d:e6:f6:91:71:aa:05: 84:b9:f7:62:cd:21:d8:49:72:d3:90:01:ed:5f:16: 6c:37:ea:02:94:38:28:a8:1c:cd:6d:51:cd:72:7d: f1:34:87:cc:33:08:22:a9:43 publicExponent: 65537 (0x10001) privateExponent: 00:83:79:7b:28:50:9f:19:60:f2:fb:c1:e1:e0:9e: 6c:d0:a3:96:75:b8:8e:f1:ab:2b:f8:33:e8:f3:6e: 06:2f:5b:eb:b4:ac:42:82:82:da:bf:f4:5e:ec:46: 87:0c:bf:06:65:b5:ae:6b:c5:df:45:44:32:03:e9: b6:86:a3:9c:31:5d:90:ca:19:81:fb:c9:a3:69:6b: 9c:90:12:08:f9:86:1f:c2:72:af:ae:e1:a2:84:cb: 14:01:59:d6:41:4d:04:12:14:c0:34:4d:a6:1f:5b: ff:11:93:56:d7:46:f2:83:c5:4e:4e:8b:94:40:52: ec:fa:28:b5:94:1b:86:3f:19 prime1: 00:d6:ce:2d:7d:bc:ac:94:64:a6:78:97:a8:3a:92: 12:97:26:ba:07:6c:ab:85:84:fb:12:0f:85:f7:d4: d1:77:93:db:86:ab:a0:3a:ab:b4:59:f1:21:e0:d2: 71:a6:6e:c7:e5:6d:da:f7:b8:94:fb:1c:7e:1e:26: 31:f0:62:f4:55 prime2: 00:d5:21:9b:cc:5c:0c:6d:e3:4f:af:ae:ba:65:b0: 1f:5c:6d:14:5f:7f:3b:43:af:7b:89:4f:51:28:91: ef:78:3a:e1:80:eb:e8:1e:0a:a9:e4:0b:f1:dd:b9: 19:13:54:42:b1:a4:7c:67:3b:a5:c6:0c:3f:26:ee: 46:d7:02:7f:37 exponent1: 5a:2b:ac:af:06:9f:cf:9f:3c:be:8c:b3:42:fb:04: b0:cc:c1:f4:d1:ea:62:9f:43:21:fe:c0:37:1b:f0: 5e:69:04:13:51:42:6e:be:9b:73:d2:24:6d:93:09: c0:5a:ea:b0:e5:df:b0:73:9c:9e:99:04:5c:35:9e: 6b:11:af:0d exponent2: 00:80:ec:0a:8d:2c:a5:0c:17:b3:4d:27:19:73:87: 7d:00:f0:ae:a1:31:9a:4c:d0:2a:9f:1d:8e:8f:46: ef:9f:3f:a6:c6:d0:6c:a1:37:7c:1b:09:2a:ae:1f: 58:4e:bb:ea:78:00:72:8c:13:a5:ac:4e:1e:29:53: 7b:20:76:4f:33 coefficient: 09:7b:e7:7d:01:5b:b9:62:bf:2b:34:8f:f0:7b:7b: 52:48:7e:61:42:55:30:3c:5a:fd:6f:2e:08:4a:05: 5b:8c:b1:3c:2b:7c:19:2f:5b:78:f0:1e:d6:e9:da: 59:b9:c9:fd:7f:1e:0b:04:cc:80:bc:e9:34:99:41: cf:86:bf:1c writing RSA key -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQCy1b8nykTRXY2bw5CKUT95Fj3zCnyWYKhX3CxaFjqSDXALbxzW 4IPI4sP9X0/JMvSNwlsWmVjp2JUHJ9NT4bqxxjeRMXbt1OrPIveErp7jeX7Hfeb2 kXGqBYS592LNIdhJctOQAe1fFmw36gKUOCioHM1tUc1yffE0h8wzCCKpQwIDAQAB AoGBAIN5eyhQnxlg8vvB4eCebNCjlnW4jvGrK/gz6PNuBi9b67SsQoKC2r/0XuxG hwy/BmW1rmvF30VEMgPptoajnDFdkMoZgfvJo2lrnJASCPmGH8Jyr67hooTLFAFZ 1kFNBBIUwDRNph9b/xGTVtdG8oPFTk6LlEBS7PootZQbhj8ZAkEA1s4tfbyslGSm eJeoOpISlya6B2yrhYT7Eg+F99TRd5PbhqugOqu0WfEh4NJxpm7H5W3a97iU+xx+ HiYx8GL0VQJBANUhm8xcDG3jT6+uumWwH1xtFF9/O0Ove4lPUSiR73g64YDr6B4K qeQL8d25GRNUQrGkfGc7pcYMPybuRtcCfzcCQForrK8Gn8+fPL6Ms0L7BLDMwfTR 6mKfQyH+wDcb8F5pBBNRQm6+m3PSJG2TCcBa6rDl37BznJ6ZBFw1nmsRrw0CQQCA 7AqNLKUMF7NNJxlzh30A8K6hMZpM0CqfHY6PRu+fP6bG0GyhN3wbCSquH1hOu+p4 AHKME6WsTh4pU3sgdk8zAkAJe+d9AVu5Yr8rNI/we3tSSH5hQlUwPFr9by4ISgVb jLE8K3wZL1t48B7W6dpZucn9fx4LBMyAvOk0mUHPhr8c -----END RSA PRIVATE KEY----- [root@kamatora ~]# |
いかがでしょうか。パッと見てわかりづらいですが、一致していることが確認できます。