OpenSSL
Version vom 7. Dezember 2021, 13:38 Uhr von Geist (Diskussion | Beiträge)
Inhaltsverzeichnis
- 1 OpenSSL Version 1.1.1
- 2 Types of encryption
- 3 Key length & keyspace
- 4 Classification of symmetric algorithms
- 5 Terminology of asymmetric encryption
- 6 Symmetric encryption/decryption with gpg
- 7 Symmetric encryption with openssl
- 8 Symmetric decryption with openssl
- 9 Asymmetric encryption with openssl
OpenSSL Version 1.1.1
Encryption for - data - communication - traffic - secret - signing plain --> cipher
Terminology Plain text (human readable) Cipher text (not human readable) Encryption (process) Symmetric encryption (type of encryption) Asymmetric encryption (type of encryption) Symmetric key (symmetric encryption) AES - Advanced Encryption Standard (algorithm for encryption)
Types of encryption
Symmetric encryption ==> Same key for encrypt/decrypt Algorithms examples: - AES - DES - Triple DES - Serpent - Twofish
Asymmetric encryption ==> Different key for encrypt/decrypt Algorithms examples: - RSA - DSA - PGP - SHA-1 - SHA-2 - SHA-24 - SHA-256 - SHA-512
Key length & keyspace
Binary System -> 0|1 1 Bit -> 0|1 # on|off # true|false # 128-bit key Key length = Key space =
Classification of symmetric algorithms
Stream ciphers -> RC4, A5/1, E0 Block ciphers -> AES, DES, SHA, IDEA, SERPENT, TWOFISH
$ whereis openssl $ which openssl $ openssl rsautl
$ openssl version $ openssl help $ openssl help list $ openssl list -help Valid options are: -help Display this summary -1 List in one column -commands List of standard commands -digest-commands List of message digest commands -digest-algorithms List of message digest algorithms -cipher-commands List of cipher commands -cipher-algorithms List of cipher algorithms -public-key-algorithms List of public key algorithms -public-key-methods List of public key methods -disabled List of disabled features -missing-help List missing detailed help strings -options val List options for specified command
Terminology of asymmetric encryption
Asymmetric key/keys (1 for encryption, 1 for decryption) Public key, part of asymmetric key, for encryption
Symmetric encryption/decryption with gpg
$ gpg --symmetric --cipher-algo AES256 --output file.gpg file.txt $ gpg --decrypt --output file.txt file.gpg
Symmetric encryption with openssl
$ openssl enc -aes-256-cbc -in sslmessage -out sslmessage.enc $ openssl enc -aes-256-cbc -salt -pbkdf2 -in msg.txt -out msg.txt.enc
Symmetric decryption with openssl
$ openssl enc -aes-256-cbc -d -in sslmessage -pass pass:test $ openssl aes-256-cbc -d -salt -pbkdf2 -in msg.txt.enc -out msg.read $ openssl aes-256-cbc -d -salt -pbkdf2 -in msg.txt.enc -out msg.read -pass pass:test
Asymmetric encryption with openssl
Generate a private key
$ openssl genrsa -out key1.pem 512 $ openssl genrsa -out key1.pem 4096
Generate a public key from private key
$ openssl rsa -in key1.pem -outform PEM -pubout -out key1.pub $ openssl rsa -in key1.pem -text $ openssl rsa -in key1.pem -noout
Encrypt
$ openssl rsa -in key1.pem -des3 -out key1.enc $ openssl genrsa -des3 -out key1.enc