openssl 签名和验证签名 举例







set -e
set -x

# Generate 1024 bits rsa private key and output to file "test.key".
# This private key was encrypted by AES256 with the password "hukeping".
openssl genrsa -aes256 -passout pass:hukeping  -out test.key 1024
# Generate public key from the private key file "test.key" and output it to public key file ""
# Since the private key has been encrypted, so we need to pass in the password to decrypt it.
openssl rsa -passin pass:hukeping -in test.key -pubout -out
# Encrypt the plain message from "plain.txt" and output to cipher file "cipher.txt" with public key.
# NB., if encrypt with public key, the option "-pubin" should be provided,
# if encrypt with private key, the password should be provided if needed.
# As per the manual of openssl,
# -encrypt encrypt with public key
# -decrypt decrypt with private key
# So even we use private key file "test.key" to encrypt the message, openssl only use the public part of "test.key"
openssl rsautl -encrypt -pubin -inkey -in plain.txt -out cipher.txt
openssl rsautl -encrypt -passin pass:hukeping -inkey test.key -in plain.txt -out cipher_by_private_key_file.txt

# Decrypt the cipher message from "cipher.txt" and output the decrypted message into "decrypt.txt" with private key.
# Since the private key has been encrypted, so we need to pass in the password to decrypt it.
openssl rsautl -decrypt -inkey test.key -passin pass:hukeping -in cipher.txt -out decrypt.txt
openssl rsautl -decrypt -inkey test.key -passin pass:hukeping -in cipher_by_private_key_file.txt -out decrypt_also_by_private_key_file.txt

# Sign the digest of message with sha256 as the digest algorithm and output the signature to "plain.sig"
openssl dgst -sign test.key -passin pass:hukeping -sha256 -out plain.sig plain.txt

# Verify the signature with the public key from public key file "",
# Please be note that, the signature is of the digest of the message from file "plain.txt".
openssl dgst -verify -sha256 -signature plain.sig plain.txt
# Since the public key can be retrieved from private key file,
# so openssl also support verify signature via private key file.
openssl dgst -prverify test.key -passin pass:hukeping -sha256 -signature plain.sig plain.txt


godef: tag stack empty

Recently I configure my mac with vim-go and gotags which could jump to a tag definition with the CTRL-]  and jump back with CTRL-t .

But when I jump back , I end up with an error “godef stack empty” , fortunately you could fix this by add the follow line to your  ~/.vimrc

let g:go_def_mapping_enabled=0

Fail when go get

One may comes across some error on install yaml.v2 using `go get`, like:

$ go get
package unrecognized import path ""

Usually it’s a network error, please try:

$ go get -v
https fetch failed.
import "": https fetch: Get x509: certificate signed by unknown authority
package unrecognized import path ""

If this is what you get, then just  type:

$ go get -insecure

And that’s all you need, enjoy 🙂

Tips for cron

Hi there,

We all know that if one wants to schedule jobs (commands or shell scripts) to run periodically at certain times or dates, he can use `cron`.

If you `man cron` you would like to get:

Cron – daemon to execute scheduled commands.

And here are some tips for newcomes:

1. Use absolute path instead of relative path. For example:

*/5 * * * * /home/ubuntu/cron/

And what in the should also use the absolute path.


2.  I haven’t thought about yet 🙂


A special commit message


commit 01a2ffca9aa958c9093f5419aec59b98d9dff3ab
Author: HuKeping <>
Date: Mon Nov 23 18:41:21 2015 +0800

Remove test user

Say goodbye to tester0~tester99999, we appreciate what you’ve done.

Signed-off-by: Hu Keping <>

diff –git a/user/user.go b/user/user.go