使用 openssl 為比特幣生成公鑰/私鑰

我想了解比特幣是如何工作的，我不相信工具或比特幣平台。

我在網際網路上讀過這個。你能確認我這條線正在安全地生成比特幣公鑰/私鑰嗎？

openssl ecparam -genkey -name secp256k1 -rand /dev/urandom -out tmp_private.txt
openssl ec -in tmp_private.txt -outform DER \
   | tail -c +8 | head -c 32 | xxd -p -c 32 > private.txt
openssl ec -in tmp_private.txt -pubout -outform DER \
   | tail -c 65 | xxd -p -c 65 > public.txt
rm tmp_private.txt

我知道將私鑰儲存在基本的明文文件中並不是一件好事，我只想知道生成密鑰的方式是否好。

是否有可以從 public.txt 文件生成比特幣地址的 openssl 命令？

是的，它的隨機性是值得信賴的，所以它是安全的。

我看到的唯一問題是“rm”沒有從硬碟中刪除所有痕跡。可以恢復私鑰。擦除這些秘密的迂腐方法是使用覆蓋文件 35 次的 Gutmann 方法。

要獲取地址，您需要使用類似<https://bitcoin.stackexchange.com/a/67093>

大多數openssl命令行實用程序編寫和讀取的格式，雖然它本質上是文本的，但具體是PEM並且通常相應地命名，而不是’text’或’txt’，它可以是（並且經常是）數以萬計的其他格式不是PEM 在這裡無法使用。

您可以使用 openssl 做的其他一些事情可能會有所幫助：

# instead of head/tail/etc you can use asn1parse -strparse to extract the private and public values
# but as raw/binary not hex:
$ openssl asn1parse <privpem -strparse 5 -out privraw >&/dev/null; od -Ax -tx1 privraw
000000 23 34 02 73 64 bb 35 79 f0 f5 25 76 f5 f9 5f df
000010 ff aa 94 d3 24 21 da c9 e3 2d 33 95 8b 8d 4f 1d
000020
$ openssl asn1parse <privpem -strparse 50 -out pubraw >&/dev/null; od -Ax -tx1 pubraw
000000 04 f8 04 f9 ea 79 7e 9b 07 89 e7 37 f2 76 c4 86
000010 16 17 f9 70 4e c4 67 ce 6e 64 ca 3a 5a bf 4d cb
000020 98 e1 11 0b 7a ec 40 f3 ea 32 d4 e9 6c 16 6e 14
000030 e3 77 15 1a 2e c2 81 a6 ed de f5 5c ed cb 10 26
000040 09
000041
# (the >&/dev/null discards error messages because the contents of these fields are not ASN.1)
# (or you can omit it and just ignore the messages)

# openssl ec -text directly displays (all) the fields of the PEM file, 
# with the two you want in hex:
$ openssl ec <privpem -noout -text
read EC key
Private-Key: (256 bit)
priv:
   23:34:02:73:64:bb:35:79:f0:f5:25:76:f5:f9:5f:
   df:ff:aa:94:d3:24:21:da:c9:e3:2d:33:95:8b:8d:
   4f:1d
pub:
   04:f8:04:f9:ea:79:7e:9b:07:89:e7:37:f2:76:c4:
   86:16:17:f9:70:4e:c4:67:ce:6e:64:ca:3a:5a:bf:
   4d:cb:98:e1:11:0b:7a:ec:40:f3:ea:32:d4:e9:6c:
   16:6e:14:e3:77:15:1a:2e:c2:81:a6:ed:de:f5:5c:
   ed:cb:10:26:09
ASN1 OID: secp256k1
# you can then postprocess this data as desired, 
# excluding the first line which is on stderr and not easily pipable, e.g.:
$ openssl ec <privpem -noout -text 2>/dev/null | sed -n 3,5p | tr -d ' :\n'; echo
2334027364bb3579f0f52576f5f95fdfffaa94d32421dac9e32d33958b8d4f1d
$ openssl ec <privpem -noout -text 2>/dev/null | sed -n 7,11p | tr -d ' :\n'; echo
04f804f9ea797e9b0789e737f276c4861617f9704ec467ce6e64ca3a5abf4dcb98e1110b7aec40f3ea32d4e96c166e14e377151a2ec281a6eddef55cedcb102609

# given the _binary_ publickey, as from asn1parse above, 
# openssl can compute the address in _hex_ or binary 
# but not base58check (or bech32) as often wanted:
$ openssl sha256 <pubraw -binary | openssl ripemd160
(stdin)= 149a326797fdfd3790fba8f82571fd5f569341cc
# for binary output add -binary to the second subcommand,
# and redirect to a file >outfile because it isn't displayable

# by default openssl creates an EC key in uncompressed form, but you can specify, 
# or subsequently convert to, compressed; the asn1parse output depends on its input.
# The ec -text output can be converted in the same operation, e.g:
$ openssl ec <privpem -conv_form compressed -noout -text
read EC key
Private-Key: (256 bit)
priv:
   23:34:02:73:64:bb:35:79:f0:f5:25:76:f5:f9:5f:
   df:ff:aa:94:d3:24:21:da:c9:e3:2d:33:95:8b:8d:
   4f:1d
pub:
   03:f8:04:f9:ea:79:7e:9b:07:89:e7:37:f2:76:c4:
   86:16:17:f9:70:4e:c4:67:ce:6e:64:ca:3a:5a:bf:
   4d:cb:98
ASN1 OID: secp256k1
# shows the compressed pubkey regardless of whether the file was compressed
# and now you would select lines 7-9 instead of 7-11.

引用自：https://bitcoin.stackexchange.com/questions/95670