OpenSSL "pkey -text" - Print DSA Key in Text

Q

How to print private key contents in text format using OpenSSL "pkey" command?

✍: FYIcenter.com

A

If you want to see contents of a private key in text format, you can use the OpenSSL "pkey -text" command as shown below:

C:\Users\fyicenter>\local\openssl\openssl.exe

OpenSSL> pkey -in my_dsa.key -text -noout
Private-Key: (1024 bit)
priv:
    00:ca:37:76:d8:2f:ac:52:b2:a8:62:b5:00:e7:59:
    8b:45:d6:f7:2e:df
pub:
    00:8c:f6:fa:ab:a2:92:ce:45:5f:61:cb:ed:8d:2c:
    a7:17:87:90:5d:85:12:df:c5:de:d1:77:7c:ae:78:
    7f:25:f3:ec:6b:44:a6:a7:da:2d:8b:84:93:2c:42:
    4e:86:b5:9e:91:bf:55:ee:43:77:91:8a:ac:1a:b3:
    bb:ca:1a:15:15:bd:6f:19:09:fa:51:d5:41:85:fa:
    0d:1d:06:0b:36:30:ff:c3:82:0f:87:e4:e0:2f:92:
    fa:b8:7b:aa:b2:42:39:04:eb:2b:6f:c7:75:43:e8:
    c6:f6:3f:62:b9:30:b5:75:7b:bc:d4:d8:80:a8:6e:
    ab:49:45:d8:de:77:c5:65:7a
P:
    00:9e:2f:66:92:7d:1f:a8:89:47:f5:14:d6:02:5b:
    1d:34:7a:8a:7f:28:6b:8b:d7:d5:57:6f:8f:f5:79:
    dd:0d:54:da:54:b4:55:d9:00:67:26:50:89:67:ce:
    f5:04:ce:e6:83:34:63:84:bb:0e:d4:d7:dd:42:22:
    b9:2b:8a:55:63:03:e7:9a:62:5a:e4:e0:0d:e9:9f:
    e1:9b:15:01:dc:5c:43:a4:4a:09:84:b0:88:ed:28:
    dc:ef:bb:47:05:f6:68:4c:db:fc:a6:8c:aa:98:68:
    1e:dc:11:3d:68:71:a7:93:1b:cf:d9:33:0c:3f:53:
    fb:14:00:ce:c7:ec:ba:11:95
Q:
    00:d6:40:3c:ce:84:7d:fc:db:88:0e:cd:3b:39:d3:
    fb:e9:45:f7:52:79
G:
    00:98:1d:a4:54:20:6a:a2:8b:9d:9f:fc:d4:d1:d1:
    5e:5d:8f:11:0f:63:a8:a1:b2:9b:bd:d9:c5:7b:29:
    7c:a8:6d:c1:b2:42:e9:fb:5a:b3:1c:45:53:f7:32:
    3c:fb:a0:e6:26:74:b1:73:1c:a3:b9:3f:bf:64:ed:
    49:9d:44:97:f4:63:4f:7d:6c:00:e2:48:67:b5:ea:
    da:e9:c2:de:f2:a9:b7:7c:98:96:45:db:1e:9f:95:
    d9:14:56:2a:be:3f:00:e9:ee:71:ea:a7:55:09:e8:
    4b:19:cd:59:2e:7d:1e:c1:3b:4b:0d:86:29:4c:cf:
    d0:a8:56:08:ed:7c:4a:0d:a1

This test tells us that a DSA key (private key and public key pair) is made of:

priv, also called X: The private key, a secret integer,
pub, also called Y: The public key, Y = (G**X mod P).
P: The first prime number of 2048 bits.
Q: The second prime number, where (P-1) is multiple of Q.
G: An integer between 1 and P, and generated by (h**((p–1)/q) mod p), 
   where is h is any number.

Options used in this command are:

  • "-in my_dsa.key" - Read the private key file
  • "-text" - Print out key information in text format.
  • "-noout" - Do not include the key itself in the output.

 

OpenSSL "pkey -pubout" - Extract DSA Public Key

OpenSSL "genpkey -paramfile" - Generate DSA Key

OpenSSL "genpkey" Command for DSA Keys

⇑⇑ OpenSSL Tutorials

2017-10-16, 1334👍, 0💬