RSA 签名在线工具

RSA加密算法是一种非对称加密算法,在公开密钥加密和电子商业中被广泛使用。RSA是由罗纳德·李维斯特、阿迪·萨莫尔和伦纳德·阿德曼在1977年一起提出的。当时他们三人都在麻省理工学院工作。RSA 就是他们三人姓氏开头字母拼在一起组成的。

PEM(Privacy Enhanced Mail)一般为文本格式,以 “-----BEGIN ***-----”开头,以 “-----END ***-----结尾”,中间的内容是Base64编码。这种格式可以保存证书和私钥,为了区分证书与私钥,一般会将PEM格式的私钥后缀改为.key.
PEM Filename Extensions
PEM files are usually seen with the extensions .crt, .pem, .cer, and .key (for private keys), but you may also see them with different extensions. For example, the SSL.com CA bundle file available from the download table in a certificate order has the extension .ca-bundle

DER (Distinguished Encoding Rules) is a binary encoding for X.509 certificates and private keys. Unlike PEM, DER-encoded files do not contain plain text statements such as -----BEGIN CERTIFICATE-----. DER files are most commonly seen in Java contexts.
DER Filename Extensions
DER-encoded files are usually found with the extensions .der and .cer

示例PEM密钥数据

-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDJTwCsWHU4MTzHkZOiG2otXsG3kEHPh5C68M7CQf1f+DK/NRD/
pEj9kk98+hx2hQKlAIKHe3JFT6TXNONVeJGMX+8o1i5V7VSFiedmgbFAJdn3Ginv
0xQJuon0WUjymY66bD4c5xEXZWNTDmI2sPcZ0/3NgShBEGmCw6j+7EdQSwIDAQAB
AoGAJIjYAG9VZstY0odTGdqL3IwT8DKYHwfldmf5vjuntmEfJKCG4z53mL2S+4WQ
4Nmm7zc2eUwoIvgfXIdWss5c66A3NBUPg1Q3XcWVTvx50pLtcTH9uVPWOYc5ZF68
kJdobmZgsfqrgkBpDSeWkDwih0H5P3SoVlX/6p16PACWy/ECQQD6r96HRIaJrcmS
6K+E5K5+ADgEfn4tiT7tAZ8MCAp84CYgJtCnGTlqc+MCx874UQ8x4SGff5qh0iyo
fL8eOsTnAkEAzZM5r7wK+NZCHyJudUUe62QNs1StD5OLXRL+/WyoJRjdwspzkLw6
MD4M+wlBOOl3UN8gaVjc4QwnBp8GBKiI/QJAJ8EmH/ts/n5x3ftKgl+lkFPGjmfk
6KHAOeOs7kKEL0N4qFafdjBY25nfITzAhL6OE1HpfBrHUew7qsiFomyddwJAMZrj
Apq3cxAQaH7gdH+3VEmSXMGD+Qw7Rrw8t14uvLThXg2IEVa6G8X9T94N1PPRDLyq
j4EX214ZVKmuxBT+6QJBAPqAe2riAeNzYNmy4efed7bktAkZdvEu80mWsJ51BeX4
37xs3pWLoWwZomSgLd+ACl+AaJJS6CgTAyNUlWCbX+M=
-----END RSA PRIVATE KEY-----

待签名数据(HexString)

E4 B4 09 19 76 F1 2E F3 49 96 B0 9E 75 05 E5 F8
DF BC 6C DE 95 8B A1 6C 19 A2 64 A0 2D DF 80 0A
5F 80 68 92 52 E8 28 13 03 23 54 95 60 9B 5F E3

签名结果(HexString)

2E 61 DB 7A DC C4 E8 68 11 46 5C DD 92 1F 4D 65
77 57 0E AD 1C 98 18 62 FB 36 80 68 FE A4 0D 72
B2 60 C7 84 B1 DC 40 C9 2C 14 58 F1 FA FC 9C 41
FF 1E BC EB E2 4D BA A3 2E BD 4A 09 9D BA 9B F2
10 69 A4 0B 68 76 DB 8E A3 49 D8 23 3C 3F 8E 45
5A 54 D0 E8 43 EB 21 67 E5 34 7C EE 7A B5 07 61
FA 71 9A 29 6F 6D BD 57 CF 89 AB E5 BB C1 33 FB
15 46 4E 61 44 A3 AB FA DA D6 AB 46 49 2C 7C B0
openssl RSA sign 命令 
openssl dgst -sha256 -sign key.pem -out sig file

dgst -sign creates a hash, ASN1 encodes it, and then signs the ASN1 encoded hash, whereas rsautl -sign just signs the input without hashing or ASN1 encoding. Both methods include the input data in the output, together with the signature, rather than producing only a signature as output.