0% found this document useful (0 votes)
153 views4 pages

OpenSSL Lab Manual Version2-Unlocked

OpenSSL is an open-source toolkit for secure communications that contains cryptographic algorithms and protocols like SSL/TLS. It provides APIs for security solutions and is widely used by servers and network programs. OpenSSL can generate keys, encrypt/decrypt files, verify file integrity, and more using commands like openssl genrsa, openssl enc, and openssl sha256.

Uploaded by

zoeyshaa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
153 views4 pages

OpenSSL Lab Manual Version2-Unlocked

OpenSSL is an open-source toolkit for secure communications that contains cryptographic algorithms and protocols like SSL/TLS. It provides APIs for security solutions and is widely used by servers and network programs. OpenSSL can generate keys, encrypt/decrypt files, verify file integrity, and more using commands like openssl genrsa, openssl enc, and openssl sha256.

Uploaded by

zoeyshaa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

OpenSSL

• Contains implementation of for various cryptographic operations and algorithms


• Is open-source means it is free to download and utilize it for commercial and non-
commercial use
• Available for almost all operating systems
• Has implementation for SSL and TLS protocols. You can use openssl to generate keys
and signatures for your communication on the web.
• Contains APIs that can be used for writing your own security solutions
• Widely used by web servers and other network security programs. Popular web
servers such as apache, nginx and tomcat have builtin support for openssl.
• It has two main libraries: LIBSSL and LIBCRYPTO

Where to download from

• https://slproweb.com/

OpenSSL basic commands

• Check version of OpenSSL


openssl version
• To view summary help information
openssl version -help
• To list the available commands
openssl list -commands
• To list the lists of digest commands
openssl list –digest-algorithms
• To list the lists of all cipher algorithms
openssl list –cipher-algorithms
• To list the lists of all public key algorithms
openssl list –public-key-algorithms
• To get more usage about a command
openssl list –options aes-256-cbc

Verifying integrity using OpenSSL

• Verifying Integrity of a file with openssl (first download the file/folder you need
to check the integrity and its checksum value). Eg from openssl.org
openssl sha1 [the file to be checked]
openssl sha256 [the file to be checked]
• To generate your own check sum for your file
openssl sha256 –hex –out [filetobegenerated]
[targetfiletogeneratefor]

Ensuring confidentiality with OpenSSL

• To generate a random secret key


openssl rand –hex 10 (generates 10 key random key)
openssl rand –hex 16 (generates 16 key random key)
• If you need to export the key to a file
openssl rand –hex –out encryption.key 32
• To generate rsa for symmetric cryptography
openssl genrsa
• Genrsa generates 2048 size key. If you need to modify and specify the key size
openssl genrsa 1024
• You can also store the key to external file. Eg. key.pri
openssl genrsa –out key.pri
• You can specify the key size while exporting to a file
openssl genrsa –out key.pri 2048
• You can examine the rsa key as follows. This will display the two prime numbers,
coefficient, modulus and exponents information
openssl rsa –in key.pri –noout -text
• You can generate the public key for the rsa as follows
openssl rsa –in key.pri –pubout –out key.pub
Encryption using openssl

DES, & RSA with OpenSSL

Symmetric encryption with openSSL

Basic commands:

• To encrypt a file with openssl using a DES encryption:

openssl enc –des3 –in file –out file2

• The result is in the file file2.

• To decrypt the same file:

openssl> enc –des3 –d –in file2 –out filedecrypted

(here, file and filedecrypted should contain the same content)

Create and print keys:

• This command encrypt with DES3, the file file1 to the file file2, using the key
key and the initialization vector vector.

Openssl enc –des3 –in file1 –out file2 –k key – iv vector

Remarks:

• You can use directly openssl des3 (instead of openssl enc –des3)

You can use base64 instead of des3.

RSA with openSSL

Generating key pairs

• To create a pair of keys, the genrsa command is used:

Openssl genrsa

• Here, size is the size

• To save this key in keyfile.pem, use the option:

keyfile.pem

openssl genrsa -out keyfile.pem size

Visualizing RSA keys


• The command rsa allows to visualize the content of a file (PEM format) containing
a RSA key pairs.

Openssl rsa –in keyfile.pem –text –noout

• The option –text pair.

• The option –noout command rsa.

You might also like