Начало Каталог Помощ
Вход
Apq
/
winscp
огледало от https://github.com/winscp/winscp.git
1
0
Разклонения 0
Файлове Задачи 0 Уики
Клон: thirdparty_dev
Клонове Маркери
winscp
/
libs
/
openssl
/
doc
/
HOWTO
/
keys.txt

keys.txt 4.3 KB
Постоянна връзка История Директен файл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130 
  1. <DRAFT!>
    2. 

  2. 			HOWTO keys
    3. 

  3. 

  4. 1. Introduction
    5. 

  5. 

  6. Keys are the basis of public key algorithms and PKI.  Keys usually
    7. 

  7. come in pairs, with one half being the public key and the other half
    8. 

  8. being the private key.  With OpenSSL, the private key contains the
    9. 

  9. public key information as well, so a public key doesn't need to be
    10. 

  10. generated separately.
    11. 

  11. 

  12. Public keys come in several flavors, using different cryptographic
    13. 

  13. algorithms.  The most popular ones associated with certificates are
    14. 

  14. RSA and DSA, and this HOWTO will show how to generate each of them.
    15. 

  15. 

  16. 

  17. 2. To generate an RSA key
    18. 

  18. 

  19. An RSA key can be used both for encryption and for signing.
    20. 

  20. 

  21. Generating a key for the RSA algorithm is quite easy, all you have to
    22. 

  22. do is the following:
    23. 

  23. 

  24.   openssl genrsa -des3 -out privkey.pem 2048
    25. 

  25. 

  26. With this variant, you will be prompted for a protecting password.  If
    27. 

  27. you don't want your key to be protected by a password, remove the flag
    28. 

  28. '-des3' from the command line above.
    29. 

  29. 

  30. The number 2048 is the size of the key, in bits.  Today, 2048 or
    31. 

  31. higher is recommended for RSA keys, as fewer amount of bits is
    32. 

  32. consider insecure or to be insecure pretty soon.
    33. 

  33. 

  34. 

  35. 3. To generate a DSA key
    36. 

  36. 

  37. A DSA key can be used for signing only.  It is important to
    38. 

  38. know what a certificate request with a DSA key can really be used for.
    39. 

  39. 

  40. Generating a key for the DSA algorithm is a two-step process.  First,
    41. 

  41. you have to generate parameters from which to generate the key:
    42. 

  42. 

  43.   openssl dsaparam -out dsaparam.pem 2048
    44. 

  44. 

  45. The number 2048 is the size of the key, in bits.  Today, 2048 or
    46. 

  46. higher is recommended for DSA keys, as fewer amount of bits is
    47. 

  47. consider insecure or to be insecure pretty soon.
    48. 

  48. 

  49. When that is done, you can generate a key using the parameters in
    50. 

  50. question (actually, several keys can be generated from the same
    51. 

  51. parameters):
    52. 

  52. 

  53.   openssl gendsa -des3 -out privkey.pem dsaparam.pem
    54. 

  54. 

  55. With this variant, you will be prompted for a protecting password.  If
    56. 

  56. you don't want your key to be protected by a password, remove the flag
    57. 

  57. '-des3' from the command line above.
    58. 

  58. 

  59. 

  60. 4. To generate an EC key
    61. 

  61. 

  62. An EC key can be used both for key agreement (ECDH) and signing (ECDSA).
    63. 

  63. 

  64. Generating a key for ECC is similar to generating a DSA key. These are
    65. 

  65. two-step processes. First, you have to get the EC parameters from which
    66. 

  66. the key will be generated:
    67. 

  67. 

  68.   openssl ecparam -name prime256v1 -out prime256v1.pem
    69. 

  69. 

  70. The prime256v1, or NIST P-256, which stands for 'X9.62/SECG curve over
    71. 

  71. a 256-bit prime field', is the name of an elliptic curve which generates the
    72. 

  72. parameters. You can use the following command to list all supported curves:
    73. 

  73. 

  74.   openssl ecparam -list_curves
    75. 

  75. 

  76. When that is done, you can generate a key using the created parameters (several
    77. 

  77. keys can be produced from the same parameters):
    78. 

  78. 

  79.   openssl genpkey -des3 -paramfile prime256v1.pem -out private.key
    80. 

  80. 

  81. With this variant, you will be prompted for a password to protect your key.
    82. 

  82. If you don't want your key to be protected by a password, remove the flag
    83. 

  83. '-des3' from the command line above.
    84. 

  84. 

  85. You can also directly generate the key in one step:
    86. 

  86. 

  87.   openssl ecparam -genkey -name prime256v1 -out private.key
    88. 

  88. 

  89. or
    90. 

  90. 

  91.   openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256
    92. 

  92. 

  93. 5. To generate an ML-DSA key
    94. 

  94. 

  95. An ML-DSA key can be used for signing (and verification via the public key)
    96. 

  96. only.
    97. 

  97. 

  98. Generating a key for the ML-DSA algorithm is a one-step process.
    99. 

  99. 

  100.   openssl genpkey -algorithm ML-DSA-44 -out key.pem
    101. 

  101.   openssl genpkey -algorithm ML-DSA-65 -out key.pem
    102. 

  102.   openssl genpkey -algorithm ML-DSA-87 -out key.pem
    103. 

  103. 

  104. See L<EVP_PKEY-ML-DSA(7)> for more detail.
    105. 

  105. 

  106. 6. To generate an ML-KEM key
    107. 

  107. 

  108. An ML-KEM key can be used for decapsulation (and encapsulation via the public
    109. 

  109. key) only.
    110. 

  110. 

  111. Generating a key for the ML-KEM algorithm is a one-step process.
    112. 

  112. 

  113.   openssl genpkey -algorithm ML-KEM-512 -out key.pem
    114. 

  114.   openssl genpkey -algorithm ML-KEM-768 -out key.pem
    115. 

  115.   openssl genpkey -algorithm ML-KEM-1024 -out key.pem
    116. 

  116. 

  117. See L<EVP_PKEY-ML-KEM(7)> for more detail.
    118. 

  118. 

  119. 7. NOTE
    120. 

  120. 

  121. If you intend to use the key together with a server certificate,
    122. 

  122. it may be reasonable to avoid protecting it with a password, since
    123. 

  123. otherwise someone would have to type in the password every time the
    124. 

  124. server needs to access the key.
    125. 

  125. 

  126. X25519, X448, Ed25519 and Ed448 are treated as distinct algorithms and not as
    127. 

  127. one of the EC curves listed with 'ecparam -list_curves' option. You can use the
    128. 

  128. following command to generate an X25519 key:
    129. 

  129. 

  130.   openssl genpkey -algorithm X25519 -out xkey.pem
    131.