Saturday, August 13, 2016

OpenSSL Short Info

Encryption/Decryption
How do I base64-encode something?
# send encoded contents of file.txt to stdout
openssl enc -base64 -in file.txt
# same, but write contents to file.txt.enc
openssl enc -base64 -in file.txt -out file.txt.enc
$ echo "encode me" | openssl enc -base64 ZW5jb2RlIG1lCg==
$ echo -n "encode me" | openssl enc -base64 ZW5jb2RlIG1l
$ echo "ZW5jb2RlIG1lCg==" | openssl enc -base64 -d encode me
How do I simply encrypt a file?
# or get a long list, one cipher per line How do I simply encrypt a file?
# or get a long list, one cipher per line
openssl list-cipher-commands
# encrypt file.txt to file.enc using 256-bit AES in CBC mode
openssl enc -aes-256-cbc -salt -in file.txt -out file.enc
# the same, only the output is base64 encoded for, e.g., e-mail
openssl enc -aes-256-cbc -a -salt -in file.txt -out file.enc
# decrypt binary file.enc
openssl enc -d -aes-256-cbc -in file.enc
# decrypt base64-encoded version
openssl enc -d -aes-256-cbc -a -in file.enc
Keys
How do I generate an RSA key?
# default 1024-bit key, sent to standard output openssl genrsa
# 2048-bit key, saved to file named mykey.pem
openssl genrsa -out mykey.pem 2048
# same as above, but encrypted with a passphrase
openssl genrsa -des3 -out mykey.pem 2048
How do I generate a public RSA key?
openssl rsa -in mykey.pem -pubout
Random data
How do I generate random data?
# write 128 random bytes of base64-encoded data to stdout
openssl rand -base64 128
# write 1024 bytes of binary random data to a file
openssl rand -out random-data.bin 1024
# seed openssl with semi-random bytes from browser cache
cd $(find ~/.mozilla/firefox -type d -name Cache)
openssl rand -rand $(find . -type f -printf '%f:') -base64 1024
# get 32 bytes from /dev/urandom and base64 encode them
head -c 32 /dev/urandom | openssl enc -base64



No comments:

Post a Comment