rsa.1s

openssl rsa [options]

-in file
    Specifies the input file containing the RSA key. Defaults to standard input if not specified.

-out file
    Specifies the output file for the processed key. Defaults to standard output if not specified.

-pubin
    Indicates that the input file contains a public key rather than a private key.

-pubout
    Outputs the public key from the private key or a public key input.

-text
    Prints the public and private key components in human-readable form.

-noout
    Prevents output of the encoded version of the key. Useful when only information like '-text' or '-modulus' is desired.

-check
    Performs an extensive check of the private key for consistency.

-modulus
    Prints the modulus value of the RSA key.

-passin arg
    Specifies the passphrase source for the input key.

-passout arg
    Specifies the passphrase source for encrypting the output key.

-des | -des3 | -aes128 | ...
    Encrypts the output private key using the specified symmetric cipher (e.g., DES, Triple DES, AES).

rsa.1s specifically refers to the documentation for the openssl rsa command, a powerful utility within the OpenSSL toolkit. This command is primarily used for processing RSA private and public keys. It allows users to read, convert, and output RSA keys in various formats (e.g., PEM, DER, PKCS#1, PKCS#8).

Key functionalities include extracting the public key from a private key, encrypting/decrypting a private key with a passphrase, checking the consistency of a private key, and displaying key components in human-readable text. It's a fundamental tool for developers and system administrators working with secure communications, digital signatures, and certificate management, enabling precise control over RSA key operations.

rsa.1s (the openssl rsa command) handles sensitive cryptographic material.

Key Security: Always protect private keys with strong, unique passphrases. Avoid storing passphrases directly in scripts or command line history.
File Permissions: Ensure proper file permissions on key files to prevent unauthorized access. Private keys should typically be readable only by the owner.
Complexity: Misuse of options or incorrect understanding of key formats can lead to unusable keys or security vulnerabilities. Always back up keys before performing irreversible operations.

The openssl rsa command is crucial for converting RSA keys between various formats, including PEM (Privacy-Enhanced Mail, a common ASCII Base64 encoded format), DER (Distinguished Encoding Rules, a binary format), PKCS#1 (RSA private key format defined by RSA Laboratories), and PKCS#8 (a standard for storing private keys in an encrypted or unencrypted form). Understanding these formats is essential when interacting with different cryptographic systems or applications.

A common use case is extracting the public key from an existing RSA private key. The public key can then be shared with others for encryption or signature verification without exposing the sensitive private key. This is typically done using the -pubout option.

The rsa.1s command is an integral part of the OpenSSL project, a widely used open-source cryptography library. OpenSSL itself has a long history, originating from SSLeay in the mid-1990s. The rsa command has evolved alongside the OpenSSL toolkit, continuously updated to support new cryptographic standards, improve security features, and address vulnerabilities. Its development reflects the ongoing need for robust tools to manage the foundational RSA algorithm in secure communication protocols like TLS/SSL.

openssl(1), openssl genrsa(1), openssl req(1), openssl x509(1), openssl pkcs8(1)