Skip to content
/ crypto101 Public

Set of openssl commands to generate key, certificate, encrypt and decrypt.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jerrymannel/crypto101

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
Cryprography101.pdf
Cryprography101.pdf
 
 
Cryprography101.pptx
Cryprography101.pptx
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.txt
index.txt
 
 
nginx.sh
nginx.sh
 
 
openssl.cnf
openssl.cnf
 
 
reset.sh
reset.sh
 
 
serial.txt
serial.txt
 
 
server_ssl
server_ssl
 
 

Repository files navigation

CRYPTO-101 / OpenSSL 101

This file has

  • Set of openssl commands to generate key and certificate.
  • Perform encryption and decryption using it.

Generate a KEY

openssl genrsa -out server_2048.key 2048
openssl genrsa -out server_4096.key 4096
openssl genrsa -out server.key 2048
openssl genrsa -out ca.key 2048

Generate a CSR from KEY

openssl req -out server.csr -key server.key -new

Generate CSR and KEY (single command)

openssl req -out server.csr -new -newkey rsa:2048 -nodes -keyout server.key
openssl req -out ca.csr -new -newkey rsa:2048 -nodes -keyout ca.key
IN
KERALA
COCHIN
SECURE CAPIOT
SECURE DIVISION
odp.SECURE.com
secure@capiot.

Display information within CSR

openssl req -in server.csr -verify -noout -text
openssl req -in ca.csr -noout -text

Generate a CERT from CSR and self-sign it with the key

openssl x509 -signkey server.key -in server.csr -req -days 365 -out server.crt
openssl x509 -signkey ca.key -in ca.csr -req -days 365 -out ca.crt

Generate a CERT from CSR and CA sign it

openssl ca -config openssl.cnf -policy signing_policy -extensions signing_req -out server_ca.crt -infiles server.csr
OR
openssl x509 -req -in server.csr -CA server_ca.crt -CAkey server_ca.key -CAcreateserial -out server.crt -days 500 -sha256

Display information within CERT

openssl x509 -in server.crt -text -noout
openssl x509 -in server_ca.crt -text -noout

Encrypting a file

Generate a random key to encrypt

openssl rand -base64 32 > key.bin

Encrypt the file

openssl enc -aes-256-cbc -salt -in README.md -out README.md.enc -pass file:./key.bin

Check file

file README.md
file README.md.enc

Get the public key

openssl rsa -in server.key -out server.pub.pem -outform PEM -pubout

Verify

openssl rsa -inform PEM -pubin -in server.pub.pem -text -noout

Encrypt the random key with the public keyfile

openssl rsautl -encrypt -inkey server.pub.pem -pubin -in key.bin -out key.bin.enc

Check file

file key.bin
file key.bin.enc

Decrypt the random key with our private key file

openssl rsautl -decrypt -inkey server.key -in key.bin.enc -out key.bin.out

Decrypt the large file with the random key

openssl enc -d -aes-256-cbc -in README.md.enc -out README.md.out -pass file:./key.bin.out

Check

md5sum README.md
md5sum README.md.out

Hashing

  • md5sum
  • shasum -a 256

About

Set of openssl commands to generate key, certificate, encrypt and decrypt.

Topics

encryption certificate openssl key sign certificate-authority encrypt decrypt decryption ca public-key-cryptography symmetric-key-cryptography asymmetric-cryptography

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages