OpenSSL 生成 SM2 密钥

openssl ecparam -name SM2 -genkey -out sm2_ec.key 
cat sm2_ec.key 
-----BEGIN EC PARAMETERS-----
BggqgRzPVQGCLQ==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIB9dGHE5+6AD9DGmA8g/cEqn8HYTMBhbM+g2XJ16RqZ1oAoGCCqBHM9V
AYItoUQDQgAEJg19rra1BeuYx9ZU1GbfD0ceE9X67/c2hdb6XZLQor5oNVa+o9HZ
WBioc1hNCC2avO1Dpg5ZAb2YsS71TT7Bsw==
-----END EC PRIVATE KEY-----

OpenSSL 根据SM2私钥生成公钥

openssl ec -in sm2_ec.key -pubout -out sm2_ec.pubkey 
read EC key
writing EC key
cat sm2_ec.pubkey 
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEJg19rra1BeuYx9ZU1GbfD0ceE9X6
7/c2hdb6XZLQor5oNVa+o9HZWBioc1hNCC2avO1Dpg5ZAb2YsS71TT7Bsw==
-----END PUBLIC KEY-----

OpenSSL SM3 计算文件Hash

echo "https://const.net.cn" > sign.data 
openssl dgst -SM3 sign.data 
SM3(sign.data)= 8c13610aeb3040b2899ac224ae7db0710030803c424f776e7241340c66a6d553

OpenSSL 使用　SM2 签名文件

openssl dgst -SM3 -sign sm2_ec.key -out sm2_ec.sig sign.data 
Error setting context
140524048778560:error:100C508A:elliptic curve routines:pkey_ec_ctrl:invalid digest type:../crypto/ec/ec_pmeth.c:331:

在当前版本(OpenSSL 1.1.1f)还不支持命令行使用SM2结合SM3签名。将hash算法换成sha256试试。
OpenSSL 使用　SM2 结合　sha256签名

openssl dgst -sha256 -sign sm2_ec.key -out sm2_ec.sig sign.data 
root@hesy-ThinkPad-P15v-Gen-1:/home/hesy/2021/asn1/src/sm# hexdump -C sm2_ec.sig 
00000000  30 46 02 21 00 d7 52 c2  63 a3 12 ff ef af 69 8e  |0F.!..R.c.....i.|
00000010  8a 35 17 9f f2 0c e2 b1  80 fb dd a1 38 a3 59 14  |.5..........8.Y.|
00000020  5a 18 33 ba 43 02 21 00  9d 10 91 a7 5f a4 cf bb  |Z.3.C.!....._...|
00000030  7b 75 c0 27 17 d5 2d 55  09 cc 10 49 29 f8 bc 0d  |{u.'..-U...I)...|
00000040  10 d6 02 db b1 e4 7c 7a                           |......|z|
00000048

OpenSSL 使用　SM2 结合　sha256 验签

openssl dgst -sha256 -verify sm2_ec.pubkey -signature sm2_ec.sig sign.data 
Verified OK

OpenSSL 使用　SM2 结合　SM3 验签

openssl dgst -SM3 -verify sm2_ec.pubkey -signature sm2_ec.sig sign.data 
Error setting context
140471948707136:error:100C508A:elliptic curve routines:pkey_ec_ctrl:invalid digest type:../crypto/ec/ec_pmeth.c:331:

同上面一样的原因，官方没实现，命令行用不了。

hexdump 查看二进制文件

echo "https://const.net.cn" > bin.data
hesy@hesy-ThinkPad-P15v-Gen-1:~/2021/linux$ hexdump -C bin.data 
00000000  68 74 74 70 73 3a 2f 2f  63 6f 6e 73 74 2e 6e 65  |https://const.ne|
00000010  74 2e 63 6e 0a                                    |t.cn.|
00000015

hexdump 自定义格式显示二进制文件

hexdump -e '4/1 "%02X " "\n"' bin.data 
68 74 74 70
73 3A 2F 2F
63 6F 6E 73
74 2E 6E 65
74 2E 63 6E
0A         
hexdump -e '8/1 "%02X " "\n"' bin.data 
68 74 74 70 73 3A 2F 2F
63 6F 6E 73 74 2E 6E 65
74 2E 63 6E 0A         
hexdump -e '16/1 "%02X " "\n"' bin.data 
68 74 74 70 73 3A 2F 2F 63 6F 6E 73 74 2E 6E 65
74 2E 63 6E 0A                                 
hexdump -e '16/1 "%_p " "\n"' bin.data 
h t t p s : / / c o n s t . n e
t . c n .           
hexdump -e '16/1 "%03d " "\n"' bin.data 
104 116 116 112 115 058 047 047 099 111 110 115 116 046 110 101
116 046 099 110 010 

hexdump 将二进制文件转为十六进制文件

hexdump -e '16/1 "%02X " "\n"' bin.data > hex.data
xxd -r -p hex.data bin.data.1
md5sum *
84d86c7c482190d90838c5de11d99d06  bin.data
84d86c7c482190d90838c5de11d99d06  bin.data.1
a100e4d2a6bcf2faceb56f106dfb1c6b  hex.data

xxd 查看二进制文件

xxd -c 4 -p bin.data 
68747470
733a2f2f
636f6e73
742e6e65
742e636e
0a
xxd -c 8 -p bin.data 
68747470733a2f2f
636f6e73742e6e65
742e636e0a
xxd -c 16 -p bin.data 
68747470733a2f2f636f6e73742e6e65
742e636e0a

xxd 将十六进制文件转为二进制文件

xxd -r -p input.txt output.bin    
xxd -c 16 -p bin.data > hex.data
xxd -r -p hex.data bin.data.1
md5sum *
84d86c7c482190d90838c5de11d99d06  bin.data
84d86c7c482190d90838c5de11d99d06  bin.data.1
2d8c913c2685ef14e39fa97a28c3ad79  hex.data

                        

用户名ubuntu
最终命令

sudo usermod -aG www-data ubuntu

添加用户到组命令：sudo usermod -aG 组名 用户名

usermod -h
Usage: usermod [options] LOGIN

Options:
  -b, --badnames                allow bad names
  -c, --comment COMMENT         new value of the GECOS field
  -d, --home HOME_DIR           new home directory for the user account
  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
  -f, --inactive INACTIVE       set password inactive after expiration
                                to INACTIVE
  -g, --gid GROUP               force use GROUP as new primary group
  -G, --groups GROUPS           new list of supplementary GROUPS
  -a, --append                  append the user to the supplemental GROUPS
                                mentioned by the -G option without removing
                                the user from other groups
  -h, --help                    display this help message and exit
  -l, --login NEW_LOGIN         new value of the login name
  -L, --lock                    lock the user account
  -m, --move-home               move contents of the home directory to the
                                new location (use only with -d)
  -o, --non-unique              allow using duplicate (non-unique) UID
  -p, --password PASSWORD       use encrypted password for the new password
  -R, --root CHROOT_DIR         directory to chroot into
  -P, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files
  -s, --shell SHELL             new login shell for the user account
  -u, --uid UID                 new UID for the user account
  -U, --unlock                  unlock the user account
  -v, --add-subuids FIRST-LAST  add range of subordinate uids
  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
  -w, --add-subgids FIRST-LAST  add range of subordinate gids
  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account

sudo nmcli radio wifi off

也可以简化为

sudo nmcli r wifi off

查看wifi的开关状态

nmcli r wifi 

enabled

查看命令用法

nmcli r help

用法：nmcli radio { 命令 | help }

命令 := { all | wifi | wwan }

all | wifi | wwan [ on | off ]

查看nmcli 用法

nmcli help

Usage: nmcli [OPTIONS] OBJECT { COMMAND | help }

OPTIONS
-a, --ask ask for missing parameters
-c, --colors auto|yes|no whether to use colors in output
-e, --escape yes|no escape columns separators in values
-f, --fields <field,...>|all|common specify fields to output
-g, --get-values <field,...>|all|common shortcut for -m tabular -t -f
-h, --help print this help
-m, --mode tabular|multiline output mode
-o, --overview overview mode
-p, --pretty pretty output
-s, --show-secrets allow displaying passwords
-t, --terse terse output
-v, --version show program version
-w, --wait <seconds> set timeout waiting for finishing operations

OBJECT
g[eneral] NetworkManager's general status and operations
n[etworking] overall networking control
r[adio] NetworkManager radio switches
c[onnection] NetworkManager's connections
d[evice] devices managed by NetworkManager
a[gent] NetworkManager secret agent or polkit agent
m[onitor] monitor NetworkManager changes

要关闭所有网络

nmcli n help

用法：nmcli networking { 命令 | help }

命令 := { [ on | off | connectivity ] }

on

off

connectivity [check]

完全启用/禁用网络

nmcli networking off

仅用于WiFi

nmcli radio wifi off

在两种情况下都on可以重新启用。

首先使用查到无线网卡的名字

ifconfig -a

wlp0s20f3

iwlist 常用命令：
查询帮助信息

iwlist --help 

Usage: iwlist [interface] scanning [essid NNN] [last]

          [interface] frequency 
          [interface] channel 
          [interface] bitrate 
          [interface] rate 
          [interface] encryption 
          [interface] keys 
          [interface] power 
          [interface] txpower 
          [interface] retry 
          [interface] ap 
          [interface] accesspoints 
          [interface] peers 
          [interface] event 
          [interface] auth 
          [interface] wpakeys 
          [interface] genie 
          [interface] modulation 

查询版本信息

 iwlist --version 

iwlist Wireless-Tools version 30

      Compatible with Wireless Extension v11 to v22.

Kernel Currently compiled with Wireless Extension v22.

wlp0s20f3 Recommend Wireless Extension v21 or later,

      Currently compiled with Wireless Extension v22.

搜索wifi热点网络

iwlist wlp0s20f3 scan 

wlp0s20f3 Scan completed :

      Cell 01 - Address: CC:F9:57:D0:F5:85
                Channel:6
                Frequency:2.437 GHz (Channel 6)
                Quality=53/70  Signal level=-57 dBm  
                Encryption key:on
                ESSID:"xxxxxxxxxxxxxxxx"
                Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s
                          9 Mb/s; 12 Mb/s; 18 Mb/s
                Bit Rates:24 Mb/s; 36 Mb/s; 48 Mb/s; 54 Mb/s
                Mode:Master

查询频道信息

iwlist wlp0s20f3 frequen

wlp0s20f3 32 channels in total; available frequencies :

      Channel 01 : 2.412 GHz
      Channel 02 : 2.417 GHz
      Channel 03 : 2.422 GHz
      Channel 04 : 2.427 GHz
      Channel 05 : 2.432 GHz
      Channel 06 : 2.437 GHz
      Channel 07 : 2.442 GHz
      Channel 08 : 2.447 GHz
      Channel 09 : 2.452 GHz
      Channel 10 : 2.457 GHz
      Channel 11 : 2.462 GHz
      Channel 12 : 2.467 GHz
      Channel 13 : 2.472 GHz
      Channel 36 : 5.18 GHz
      Channel 40 : 5.2 GHz
      Channel 44 : 5.22 GHz
      Channel 48 : 5.24 GHz
      Channel 52 : 5.26 GHz
      Channel 56 : 5.28 GHz
      Channel 60 : 5.3 GHz
      Channel 64 : 5.32 GHz
      Channel 100 : 5.5 GHz
      Channel 104 : 5.52 GHz
      Channel 108 : 5.54 GHz
      Channel 112 : 5.56 GHz
      Channel 116 : 5.58 GHz
      Channel 120 : 5.6 GHz
      Channel 124 : 5.62 GHz
      Channel 128 : 5.64 GHz
      Channel 132 : 5.66 GHz
      Channel 136 : 5.68 GHz
      Channel 140 : 5.7 GHz
      Current Frequency:2.437 GHz (Channel 6)
 

查询连接速度

iwlist wlp0s20f3 rate 

wlp0s20f3 unknown bit-rate information.

      Current Bit Rate:39 Mb/s
    

查询热点信息

iwlist wlp0s20f3 ap 

wlp0s20f3 Interface doesn't have a list of Peers/Access-Points
查询重接次数

iwlist wlp0s20f3 retry     

wlp0s20f3 Fixed limit ; min limit:0

                        max limit:255
      Current mode:on
              short limit:7
               long limit:4

查询电源模式

iwlist wlp0s20f3 power

 

wlp0s20f3 Current mode:on
查询功耗

iwlist wlp0s20f3 txpower

wlp0s20f3 unknown transmit-power information.

      Current Tx-Power=22 dBm      (158 mW)