Study OpenSSL (integrated with HSM)

Create RSA key:


openssl genrsa 2048 -out key.pem
openssl rsa -in key.pem -pubout -out pub-key.pem

Encrypt the plain file with the public RSA key:


openssl rsautl -encrypt -in plain.file -inkey pub-key.pem -pubin -out plain.file.rsa.enc

Decrypt (with RSA private key) the encrypted file by RSA public key:


openssl rsautl -decrypt -in plain.file.rsa.enc -inkey key.pem -out plain.file.rsa.dec

Create AES key:


touch anyfile
openssl aes-256-cbc -nosalt -P -pass pass:PASSWORD -in anyfile > aes.out
aeskey=`cat aes.out | grep key | cut -d = -f 2`
aesiv=`cat aes.out | grep iv | cut -d = -f 2`

Encrypt the plain file with the AES key:


openssl enc -aes-256-cbc -in plain.file -K $aeskey -iv $aesiv -out plain.file.aes.enc

Decrypt the encrypted file with AES key to get a plain file:


openssl enc -aes-256-cbc -d -in plain.file.aes.enc -K $aeskey -iv $aesiv -out plain.file.aes.dec

Study OpenSSL (integrated with HSM)

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally