ICS Labsheet 06
ICS Labsheet 06
$ openssl enc
<cipher algorithm>
e/d
in <input_file_name>
out
<output_file_name>
md [md5/sha/sha1]
● OpenSSL result could be used to encrypt/decrypt files using private keys and public
keys
Encryption
$ openssl rsautl
encrypt
pubin
inkey <public_key>.<keyformat>
keyform
<keyformat>
in <file_to_encrypt>
out <file_encrypted>
Decryption
$ openssl rsautl
decrypt
inkey <private_key>.<keyformat>
keyform
<keyformat> in <file_encrypted>
out <file_decrypted>
Signing RSA/DSA
$ openssl rsautl
sign
inkey <private_key>.<keyformat>
keyform
<keyformat>
in <file_to_sign>
out <file_signed>
Verifying RSA/DSA
$ openssl rsautl
verify
pubin
inkey <public_key>.<keyformat>
keyform
<keyformat>
in <file_signed>
● If you would like to protect the private key with a password you should use an
additional parameter
$ openssl genrsa
<cipher algorithm>
out <private_key>.pem<key_length>
● Now we have a private key. We derive the public key from the private key.
$ openssl rsa
in <private_key>.pem
pubout
out <public_key>.pem
Sri Lanka Institute of Information Technology
Introduction to Cyber Security - IE2022
Lab Sheet 6
Year 2, Semester 1
● The whole thing could be done in a single step also. Then you will only be able to
generate a single key from the parameters generated.
$ openssl dsaparam
noout
out <private_key>.pem
genkey <key_length>
● Now we have a private key. We derive the public key from the private key.
$ openssl dsa
in <private_key>.pem
pubout
out <public_key>.pem
$ openssl <algorithm>
in <private_key_encrypted>.pem
out
<private_key_plain>.pem <algorithm> = rsa or dsa