本篇文章介紹使用 openssl 指令產生 EC 橢圓曲線的私鑰和公鑰,包含 PEM 和 DER 格式。其中 PEM 分為 PKCS#1 和 PKCS#8 兩種格式。同時也說明如何生成包含密碼的方式。

產生私鑰

無密碼

PEM (PKCS#1)

輸入下面指令,會產生 private.pem 私鑰檔案

1
openssl ecparam -name secp256k1 -genkey -noout -out private.pem

檔案內容大概長這樣

1
2
3
4
5
-----BEGIN EC PRIVATE KEY-----
MHQCAQEEILQ9di0umjx6JoN3j6oOf9AC09z6M2X1dmRJHQ2tjinHoAcGBSuBBAAK
oUQDQgAEtPaEJXHpn09OBCz34QDeEltOVhAgs+qyB2MnyFr8t/lpmsgFyTKr80+p
P7R3UV99tzMjSZ2DI/udIQOjKFdgEg==
-----END EC PRIVATE KEY-----

其中,secp256k1 是指定的曲線,可以自行設定。以下指令可以查詢有哪些曲線可用:

1
openssl ecparam -list_curves

會輸出下面內容:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
secp112r1 : SECG/WTLS curve over a 112 bit prime field
secp112r2 : SECG curve over a 112 bit prime field
secp128r1 : SECG curve over a 128 bit prime field
secp128r2 : SECG curve over a 128 bit prime field
secp160k1 : SECG curve over a 160 bit prime field
secp160r1 : SECG curve over a 160 bit prime field
secp160r2 : SECG/WTLS curve over a 160 bit prime field
secp192k1 : SECG curve over a 192 bit prime field
secp224k1 : SECG curve over a 224 bit prime field
secp224r1 : NIST/SECG curve over a 224 bit prime field
secp256k1 : SECG curve over a 256 bit prime field
secp384r1 : NIST/SECG curve over a 384 bit prime field
secp521r1 : NIST/SECG curve over a 521 bit prime field
prime192v1: NIST/X9.62/SECG curve over a 192 bit prime field
prime192v2: X9.62 curve over a 192 bit prime field
prime192v3: X9.62 curve over a 192 bit prime field
prime239v1: X9.62 curve over a 239 bit prime field
prime239v2: X9.62 curve over a 239 bit prime field
prime239v3: X9.62 curve over a 239 bit prime field
prime256v1: X9.62/SECG curve over a 256 bit prime field
sect113r1 : SECG curve over a 113 bit binary field
sect113r2 : SECG curve over a 113 bit binary field
sect131r1 : SECG/WTLS curve over a 131 bit binary field
sect131r2 : SECG curve over a 131 bit binary field
sect163k1 : NIST/SECG/WTLS curve over a 163 bit binary field
sect163r1 : SECG curve over a 163 bit binary field
sect163r2 : NIST/SECG curve over a 163 bit binary field
sect193r1 : SECG curve over a 193 bit binary field
sect193r2 : SECG curve over a 193 bit binary field
sect233k1 : NIST/SECG/WTLS curve over a 233 bit binary field
sect233r1 : NIST/SECG/WTLS curve over a 233 bit binary field
sect239k1 : SECG curve over a 239 bit binary field
sect283k1 : NIST/SECG curve over a 283 bit binary field
sect283r1 : NIST/SECG curve over a 283 bit binary field
sect409k1 : NIST/SECG curve over a 409 bit binary field
sect409r1 : NIST/SECG curve over a 409 bit binary field
sect571k1 : NIST/SECG curve over a 571 bit binary field
sect571r1 : NIST/SECG curve over a 571 bit binary field
c2pnb163v1: X9.62 curve over a 163 bit binary field
c2pnb163v2: X9.62 curve over a 163 bit binary field
c2pnb163v3: X9.62 curve over a 163 bit binary field
c2pnb176v1: X9.62 curve over a 176 bit binary field
c2tnb191v1: X9.62 curve over a 191 bit binary field
c2tnb191v2: X9.62 curve over a 191 bit binary field
c2tnb191v3: X9.62 curve over a 191 bit binary field
c2pnb208w1: X9.62 curve over a 208 bit binary field
c2tnb239v1: X9.62 curve over a 239 bit binary field
c2tnb239v2: X9.62 curve over a 239 bit binary field
c2tnb239v3: X9.62 curve over a 239 bit binary field
c2pnb272w1: X9.62 curve over a 272 bit binary field
c2pnb304w1: X9.62 curve over a 304 bit binary field
c2tnb359v1: X9.62 curve over a 359 bit binary field
c2pnb368w1: X9.62 curve over a 368 bit binary field
c2tnb431r1: X9.62 curve over a 431 bit binary field
wap-wsg-idm-ecid-wtls1: WTLS curve over a 113 bit binary field
wap-wsg-idm-ecid-wtls3: NIST/SECG/WTLS curve over a 163 bit binary field
wap-wsg-idm-ecid-wtls4: SECG curve over a 113 bit binary field
wap-wsg-idm-ecid-wtls5: X9.62 curve over a 163 bit binary field
wap-wsg-idm-ecid-wtls6: SECG/WTLS curve over a 112 bit prime field
wap-wsg-idm-ecid-wtls7: SECG/WTLS curve over a 160 bit prime field
wap-wsg-idm-ecid-wtls8: WTLS curve over a 112 bit prime field
wap-wsg-idm-ecid-wtls9: WTLS curve over a 160 bit prime field
wap-wsg-idm-ecid-wtls10: NIST/SECG/WTLS curve over a 233 bit binary field
wap-wsg-idm-ecid-wtls11: NIST/SECG/WTLS curve over a 233 bit binary field
wap-wsg-idm-ecid-wtls12: WTLS curve over a 224 bit prime field
Oakley-EC2N-3: 
IPSec/IKE/Oakley curve #3 over a 155 bit binary field.
Not suitable for ECDSA.
Questionable extension field!
Oakley-EC2N-4: 
IPSec/IKE/Oakley curve #4 over a 185 bit binary field.
Not suitable for ECDSA.
Questionable extension field!
brainpoolP160r1: RFC 5639 curve over a 160 bit prime field
brainpoolP160t1: RFC 5639 curve over a 160 bit prime field
brainpoolP192r1: RFC 5639 curve over a 192 bit prime field
brainpoolP192t1: RFC 5639 curve over a 192 bit prime field
brainpoolP224r1: RFC 5639 curve over a 224 bit prime field
brainpoolP224t1: RFC 5639 curve over a 224 bit prime field
brainpoolP256r1: RFC 5639 curve over a 256 bit prime field
brainpoolP256t1: RFC 5639 curve over a 256 bit prime field
brainpoolP320r1: RFC 5639 curve over a 320 bit prime field
brainpoolP320t1: RFC 5639 curve over a 320 bit prime field
brainpoolP384r1: RFC 5639 curve over a 384 bit prime field
brainpoolP384t1: RFC 5639 curve over a 384 bit prime field
brainpoolP512r1: RFC 5639 curve over a 512 bit prime field
brainpoolP512t1: RFC 5639 curve over a 512 bit prime field
SM2       : SM2 curve over a 256 bit prime field

PEM (PKCS#8)

預設的 格式是 PKCS#1,如果要輸出 PKCS#8:

1
openssl ecparam -name secp256k1 -genkey -noout | openssl pkcs8 -topk8 -out private.pkcs8.pem -nocrypt

檔案格式如下:

1
2
3
4
5
-----BEGIN PRIVATE KEY-----
MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgjaj0U21GT2cBbA+bIyZ3
mLjuCdLpULODLZPpW5uOprihRANCAATRPK0Q/H462b5v+A0XiSLFRIyCzgDerz6D
cbY85F4wsC8bNDMm5s21zt+3IqesZXb+OXx2ietlunpiBSJ6O+wu
-----END PRIVATE KEY-----

DER 格式

如果要產生 DER 格式:

1
openssl ecparam -name secp256k1 -genkey -noout -out private.der -outform DER

有密碼

PEM (PKCS#1)

1
openssl ecparam -genkey -name secp256k1 | openssl ec -aes256 -out encrypted-private.pem

會產生這樣的檔案

1
2
3
4
5
6
7
8
-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,B6238EEA18CFA1109433278AEE8B0EF6

QMw22jMPsiiJIwB33rm3WDGyHRgaX9M1XhkrLETOqnv2KSa1rhbPP6TelfY02GMo
usJEFdmmwAyqhyQ9QFDzA7hKmvYtW3PBBdB6tHfRbjpztGlwotRcgHjyeLwJ8aP8
EifoLNL09LPnlvs87plD8VZ4f8Dg5sdRi61zAaCIAfs=
-----END EC PRIVATE KEY-----

其中 -aes256 是加密的演算法,可以自訂。以下指令可以查詢有哪些方法可用:

1
openssl enc -list

會輸出下面內容:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
Supported ciphers:
-aes-128-cbc               -aes-128-cfb               -aes-128-cfb1             
-aes-128-cfb8              -aes-128-ctr               -aes-128-ecb              
-aes-128-ofb               -aes-192-cbc               -aes-192-cfb              
-aes-192-cfb1              -aes-192-cfb8              -aes-192-ctr              
-aes-192-ecb               -aes-192-ofb               -aes-256-cbc              
-aes-256-cfb               -aes-256-cfb1              -aes-256-cfb8             
-aes-256-ctr               -aes-256-ecb               -aes-256-ofb              
-aes128                    -aes128-wrap               -aes192                   
-aes192-wrap               -aes256                    -aes256-wrap              
-aria-128-cbc              -aria-128-cfb              -aria-128-cfb1            
-aria-128-cfb8             -aria-128-ctr              -aria-128-ecb             
-aria-128-ofb              -aria-192-cbc              -aria-192-cfb             
-aria-192-cfb1             -aria-192-cfb8             -aria-192-ctr             
-aria-192-ecb              -aria-192-ofb              -aria-256-cbc             
-aria-256-cfb              -aria-256-cfb1             -aria-256-cfb8            
-aria-256-ctr              -aria-256-ecb              -aria-256-ofb             
-aria128                   -aria192                   -aria256                  
-bf                        -bf-cbc                    -bf-cfb                   
-bf-ecb                    -bf-ofb                    -blowfish                 
-camellia-128-cbc          -camellia-128-cfb          -camellia-128-cfb1        
-camellia-128-cfb8         -camellia-128-ctr          -camellia-128-ecb         
-camellia-128-ofb          -camellia-192-cbc          -camellia-192-cfb         
-camellia-192-cfb1         -camellia-192-cfb8         -camellia-192-ctr         
-camellia-192-ecb          -camellia-192-ofb          -camellia-256-cbc         
-camellia-256-cfb          -camellia-256-cfb1         -camellia-256-cfb8        
-camellia-256-ctr          -camellia-256-ecb          -camellia-256-ofb         
-camellia128               -camellia192               -camellia256              
-cast                      -cast-cbc                  -cast5-cbc                
-cast5-cfb                 -cast5-ecb                 -cast5-ofb                
-chacha20                  -des                       -des-cbc                  
-des-cfb                   -des-cfb1                  -des-cfb8                 
-des-ecb                   -des-ede                   -des-ede-cbc              
-des-ede-cfb               -des-ede-ecb               -des-ede-ofb              
-des-ede3                  -des-ede3-cbc              -des-ede3-cfb             
-des-ede3-cfb1             -des-ede3-cfb8             -des-ede3-ecb             
-des-ede3-ofb              -des-ofb                   -des3                     
-des3-wrap                 -desx                      -desx-cbc                 
-id-aes128-wrap            -id-aes128-wrap-pad        -id-aes192-wrap           
-id-aes192-wrap-pad        -id-aes256-wrap            -id-aes256-wrap-pad       
-id-smime-alg-CMS3DESwrap  -idea                      -idea-cbc                 
-idea-cfb                  -idea-ecb                  -idea-ofb                 
-rc2                       -rc2-128                   -rc2-40                   
-rc2-40-cbc                -rc2-64                    -rc2-64-cbc               
-rc2-cbc                   -rc2-cfb                   -rc2-ecb                  
-rc2-ofb                   -rc4                       -rc4-40                   
-seed                      -seed-cbc                  -seed-cfb                 
-seed-ecb                  -seed-ofb                  -sm4                      
-sm4-cbc                   -sm4-cfb                   -sm4-ctr                  
-sm4-ecb                   -sm4-ofb

PEM (PKCS#8)

把上面的 -nocrypt 移除掉就可以了

1
openssl ecparam -name secp256k1 -genkey -noout | openssl pkcs8 -topk8 -out encrypted-private.pkcs8.pem

會得到這樣的檔案

1
2
3
4
5
6
7
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIHsMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAh4naXiHkvzwQICCAAw
DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEDYFtaqCG+OV/mZzQxx4B1EEgZDy
9PILuEqPXLV9J1MVuGe3GvONFQpIDhed5drrBCZHH3UcaWxZ2a8pfd5V142AOWB1
8jgRJ1KcOXw5ecsrkmSlS9PfHOD1waj/mVQEK3X1HkywrmzgUykME1wpsy3Xxr1t
TS1+k60KHRgVEvvEx2pGI7qx/zKZceIpnh5dkGBxOET2f1O6TePA57UeQ5FVYdE=
-----END ENCRYPTED PRIVATE KEY-----

產生公鑰

PEM

從 PEM 私鑰

私鑰格式為 PEM 使用以下指令,無論有沒有密碼、PKCS#1 或 PKCS#8 都適用:

1
openssl ec -in private.pem -pubout -out public.pem

公鑰檔案大概如下

1
2
3
4
-----BEGIN PUBLIC KEY-----
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEtPaEJXHpn09OBCz34QDeEltOVhAgs+qy
B2MnyFr8t/lpmsgFyTKr80+pP7R3UV99tzMjSZ2DI/udIQOjKFdgEg==
-----END PUBLIC KEY-----

從 DER 私鑰

私鑰格式為 DER 使用以下指令:

1
openssl ec -in private.der -inform DER -pubout -out public.pem

DER

從 PEM 私鑰

1
openssl ec -in private.pem -pubout -out public.der -outform DER

從 DER 私鑰

1
openssl ec -in private.der -inform DER -pubout -out public.der -outform DER

延伸閱讀

OpenSSL 使用指令進行簽章和檢驗
OpenSSL 指令產生 RSA 私鑰和公鑰