Analysis of DSA and RSA asymmetric encryption for OpenSSL under Linux

In the day-to-day system management work, need to do some encryption and decryption work, through the OpenSSL toolkit will be able to complete our many needs!
1. OpenSSL RSA encryption and decryption
RSA is an asymmetric encryption method based on the product of large primes in number theory, which is encrypted by using the public key method.
The public key is used for encryption, which is disclosed to all; The private key is used for decryption, only the receiver of the cipher
Generate a key (private key)

The code is as follows:

[Root@hunterfu ~]# OpenSSL genrsa-out private.key 1024

Note: It should be noted that this file contains both the public key and the key, which means that the file can be used for encryption or decryption, followed by 1024 of the length of the build key.
Extracting public key via key file Private.key

The code is as follows:

[Root@hunterfu ~]# OpenSSL rsa-in private.key-pubout-out pub.key

Use public key to encrypt information

The code is as follows:

[Root@hunterfu ~]# echo-n "123456" | OpenSSL Rsautl-encrypt-inkey Pub.key-pubin >encode.result

Decrypting information with the private key

The code is as follows:

[ROOT@HUNTERFU ~] #cat Encode.result | OpenSSL Rsautl-decrypt-inkey Private.key
123456

At this point, a RSA encryption decryption process has been completed!

2. OpenSSL DSA signature and verification
In contrast to the RSA encryption and decryption process, in DSA digital signature and authentication, the sender uses his or her private key to sign the file or message, and the recipient receives the message using the sender's public key to verify the authenticity of the signature
DSA is only an algorithm, and RSA is different because it can not be used for encryption and decryption, nor for key exchange, only for signature, it is much faster than RSA.
Generate a key (private key)

The code is as follows:

[Root@hunterfu ~]# OpenSSL dsaparam-out dsaparam.pem 1024
[Root@hunterfu ~]# OpenSSL gendsa-out Privkey.pem Dsaparam.pem

Generate Public key

The code is as follows:

[Root@hunterfu ~]# OpenSSL dsa-in privkey.pem-out pubkey.pem-pubout
[Root@hunterfu ~]# rm-fr Dsaparam.pem

Sign with private key

The code is as follows:

[Root@hunterfu ~]# echo-n "123456" | OpenSSL dgst-dss1-sign Privkey.pem > Sign.result

Using Public key authentication

The code is as follows:

[Root@hunterfu ~]# echo-n "123456" | OpenSSL dgst-dss1-verify pubkey.pem-signature Sign.result
Verified OK

At this point, a DSA signature and verification process is complete!

3. Summary and matters needing attention
Note: Because the information is encrypted or signed, it becomes unreadable mode, in order to facilitate the terminal view and transmission use (URL submission data, need to do urlencode operations), you can use Base64 to encode
OpenSSL enc-base64-a: Use base64 encoding for encrypted information
OpenSSL enc-d-base64-a: Using base64 to reverse encode information
In Java, this private key needs to be converted into a format to use:

The code is as follows:

[Root@hunterfu ~]# OpenSSL pkcs8-topk8-nocrypt-in private.key-outform pem-out