本文共 1764 字，大约阅读时间需要 5 分钟。

openssl  rsautl -in hello.txt  -out hello.sign -inkey rsa_public_key.pem  -pubin  -sign

A private key is needed for this operation

看来只能使用私钥进行签名。

1.generate private key.

openssl genrsa  -out rsa_private_key.pem -----BEGIN RSA PRIVATE KEY----- MIICXgIBAAKBgQDhjXipVKSfMPCzJQnr9I3W96w4TS11WSKppUBSaT5zJF+sPJlW Q1i438ONj9JiQKbTw8TPtxTMRQIC7zuPCrRzlc6JTGk82dYXcFJJZCksLggzjijr gk1Bj7CpKcPdhVH/RBoS5jRxo2yYuKf/Mav+c4N2/s/oIlB+7RGO5hxHoQIDAQAB AoGBAJN9diSMM+XhE9ShaL6BuWqTpGtglFRDCDaU193L8klKxMEVE1PkUBT8RZzB KlqTWkPppT4Kwy/cBDe1BmZAIsSj98ej5/fiNqwFrwgsnseoCiDtUYfJ2ITUHsin 1TzjoOMqJFEnqjR2DbSVYkJvy8Fa13xONmL+Kklo0sm+pFNBAkEA+amdXEsG8Qfm bv16M5Dyj0vWh/NbG36rx7KXouy/Me7mNRarUKCCQXaOyEKkcBAojO7xspSKe9+9 oaElCRs4mQJBAOdHLsjnSMdtbFPEX60XY93dzdDR9YbmxjYsJPkiavG/2gliHWLL O3SP3jSfKA1Abp53qUROhaPsg2nFpFSkxEkCQDSXCwO+9iZdoKeuk0g7dyzCL92R YJapFyxIrXJvZlLxXOK/9LRWKzn47Fi42QSWEsSlLJqOeaFgXwSl+jQx3LkCQQCt +Ju2wFO8wBDmiic2OwwCTuCNHgLFMT8UbOx7A2rS4vAOcuGL+TiGG9qYVsh3/2m2 hmirWy2n+zd3DxboHPERAkEAoMRXmOoOX/hhdxifIrEjDVoumhd0HEUVJZPm49jX fjiYjb7CilSVpQUAh4OuLaa4Hj46f+dUh1RYviNTBJKC3w== -----END RSA PRIVATE KEY----- 2.generate public key. openssl  rsa -in rsa_private_key.pem  -pubout  -out rsa_public_key.pem -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhjXipVKSfMPCzJQnr9I3W96w4 TS11WSKppUBSaT5zJF+sPJlWQ1i438ONj9JiQKbTw8TPtxTMRQIC7zuPCrRzlc6J TGk82dYXcFJJZCksLggzjijrgk1Bj7CpKcPdhVH/RBoS5jRxo2yYuKf/Mav+c4N2 /s/oIlB+7RGO5hxHoQIDAQAB -----END PUBLIC KEY----- 3.prepare the original device machine number. cat machine_no_original.txt 00:00:00:00:00:00C8:0A:A9:2F:BE:7B00:26:C7:24:28:F4 4.use public key to encrypt the original machine no in user side. openssl rsautl -in machine_no_original.txt -out machine_no_pubenc.txt  -inkey rsa_public_key.pem  -pubin -encrypt `