{"id":4443,"date":"2020-11-27T18:09:18","date_gmt":"2020-11-27T10:09:18","guid":{"rendered":"https:\/\/yanjingang.com\/blog\/?p=4443"},"modified":"2020-11-27T18:09:18","modified_gmt":"2020-11-27T10:09:18","slug":"%e5%a6%82%e4%bd%95%e4%bd%bf%e7%94%a8ca%e8%af%81%e4%b9%a6%e5%85%ac%e9%92%a5%e5%8a%a0%e5%af%86%e3%80%81%e7%a7%81%e9%92%a5%e8%a7%a3%e5%af%86%e6%96%87%e4%bb%b6","status":"publish","type":"post","link":"https:\/\/yanjingang.com\/blog\/?p=4443","title":{"rendered":"\u5982\u4f55\u4f7f\u7528CA\u8bc1\u4e66\u516c\u94a5\u52a0\u5bc6\u3001\u79c1\u94a5\u89e3\u5bc6\u6587\u4ef6"},"content":{"rendered":"

\b\u5728\u65e5\u5e38\u5f00\u53d1\u65f6\u603b\u662f\u4f1a\u9047\u5230\u6d89\u53ca\u52a0\u89e3\u5bc6\u7684\u573a\u666f\uff0c\u901a\u5e38\u7b80\u5355\u7684\u5b57\u7b26\u4e32\u52a0\u89e3\u5bc6\u6211\u4eec\u4f1a\u76f4\u63a5\u4f7f\u7528AES\u5bf9\u79f0\u52a0\u5bc6\uff08\u5bc6\u94a5\u957f\u5ea6>=128bits\uff09\u6765\u5b9e\u73b0\uff0c\u672c\u6587\u4e3b\u8981\u8bb2\u89e3\u5982\u4f55\u4f7f\u7528CA\u8bc1\u4e66\u5b9e\u73b0\u5bf9\u5927\u6587\u4ef6\u7684\u52a0\u89e3\u5bc6\u3002<\/p>\n

\u4e00\u3001\u4f7f\u7528CA\u516c\u94a5\u52a0\u5bc6\u3001\u79c1\u94a5\u89e3\u5bc6\u6587\u4ef6<\/h1>\n

1.\u751f\u6210\u516c\u79c1\u94a5\u5bf9\u8bc1\u4e66\u6587\u4ef6<\/span><\/p>\n

\u9996\u5148\u6211\u4eec\u9700\u8981\u4e00\u5957CA\u8bc1\u4e66\u516c\u79c1\u94a5\u5bf9\uff08\u79c1\u94a5ca.key\u81ea\u5df1\u4fdd\u7ba1\u3001\u516c\u94a5ca.crt\u53ef\u516c\u5f00\u7528\u4e8e\u52a0\u5bc6\uff09\uff1a<\/p>\n

CA_DN='\/CN=YAN DevRootCA\/O=YanJingang.com\/OU=YAN-CA\/countryName=CN\/stateOrProvinceName=Beijing\/subjectAltName=yanjingang.com'\r\nopenssl req -x509 -nodes -days 365 -newkey rsa:2048  -keyout .\/ca\/root\/ca.key  -out .\/ca\/root\/ca.crt -subj \"${CA_DN}\"\r\n<\/code><\/pre>\n
2.\u4f7f\u7528\u516c\u94a5\u52a0\u5bc6\u6587\u4ef6data.tar.gz<\/code><\/span><\/p>\n
openssl smime -encrypt -aes256  -in  data.tar.gz  -binary  -outform DEM  -out data.encrypt.tar.gz  .\/ca\/root\/ca.crt<\/code><\/pre>\n
3.\u4f7f\u7528\u79c1\u94a5\u89e3\u5bc6\u6587\u4ef6data.tar.gz<\/code><\/span><\/p>\n
openssl smime -decrypt -inkey .\/ca\/root\/ca.key -in data.encrypt.tar.gz  -binary -inform DEM  -out data.decrypt.tar.gz<\/code><\/pre>\n
\u8bc1\u4e66\u7684\u79c1\u94a5\u4e00\u5b9a\u8981\u4fdd\u7ba1\u597d\uff0c\u53ea\u8981\u6ca1\u6709\u79c1\u94a5\u5c31\u65e0\u6cd5\u89e3\u5bc6\u8fd9\u4e2a\u6587\u4ef6\u3002<\/p>\n
 <\/p>\n
\u4e8c\u3001\u4f7f\u7528\u5bc6\u7801\u6587\u4ef6\u52a0\u89e3\u5bc6\u6587\u4ef6<\/h1>\n
1.\u751f\u6210\u5bc6\u7801\u6587\u4ef6<\/p>\n
openssl rand -base64 4096 -out .\/ca\/key.p<\/code><\/pre>\n
2.\u4f7f\u7528\u5bc6\u7801\u6587\u4ef6\u52a0\u5bc6\u6587\u4ef6<\/span><\/p>\n
openssl enc -e -aes-256-cbc -in data.tar.gz -out data.encrypt.keyp.tar.gz -pass file:.\/ca\/key.p\r\n<\/code><\/pre>\n
3.\u4f7f\u7528\u5bc6\u7801\u6587\u4ef6\u89e3\u5bc6\u6587\u4ef6<\/span><\/p>\n
openssl enc -d -aes-256-cbc -in data.encrypt.keyp.tar.gz -out data.decrypt.keyp.tar.gz -pass file:.\/ca\/key.p<\/code><\/pre>\n
\u540c\u6837\uff0c\u5bc6\u7801\u6587\u4ef6\u9700\u8981\u4fdd\u5b58\u597d\u3002<\/p>\n
 <\/p>\n
\u4e09\u3001\u8f93\u5165\u5bc6\u7801\u52a0\u5bc6\u6216\u89e3\u5bc6\u6587\u4ef6<\/h1>\n
1.\u8f93\u5165\u5bc6\u7801\u52a0\u5bc6<\/p>\n
openssl enc -e -aes-256-cbc -in data.tar.gz -out data.encrypt.passwd.tar.gz<\/code><\/pre>\n
2.\u8f93\u5165\u5bc6\u7801\u89e3\u5bc6<\/p>\n
openssl enc -d -aes-256-cbc -in data.encrypt.passwd.tar.gz -out data.decrypt.passwd.tar.gz\r\n<\/code><\/pre>\n
 <\/p>\n
yan 20.11.27<\/p>\n","protected":false},"excerpt":{"rendered":"
\b\u5728\u65e5\u5e38\u5f00\u53d1\u65f6\u603b\u662f\u4f1a\u9047\u5230\u6d89\u53ca\u52a0\u89e3\u5bc6\u7684\u573a\u666f\uff0c\u901a\u5e38\u7b80\u5355\u7684\u5b57\u7b26\u4e32\u52a0\u89e3\u5bc6\u6211\u4eec\u4f1a\u76f4\u63a5\u4f7f\u7528AES\u5bf9\u79f0\u52a0\u5bc6\uff08\u5bc6\u94a5\u957f\u5ea6> […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[928],"tags":[965,1030,1029,1031],"_links":{"self":[{"href":"https:\/\/yanjingang.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4443"}],"collection":[{"href":"https:\/\/yanjingang.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/yanjingang.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/yanjingang.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/yanjingang.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4443"}],"version-history":[{"count":0,"href":"https:\/\/yanjingang.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4443\/revisions"}],"wp:attachment":[{"href":"https:\/\/yanjingang.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4443"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/yanjingang.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4443"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/yanjingang.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4443"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}