alexxuyang/openssl.sh

## openssl.sh
# openssl version
openssl version

# openssl commands
openssl list-standard-commands
# ca - create certificate authorities
# dgst - compute hash functions
# enc - encrypt/decrypt using secret key algorithms (it is possible to generate using a password or directly a secret key stored in a file)
# genrsa - generate a pair of public/private key for the RSA algorithm
# password - generation of “hashed passwords”
# pkcs12 - manage information according to the PKCS #12 standard
# pkcs7 - manage information according to the PKCS #7 standard
# rand - Generation of pseudo-random bit strings
# rsa - RSA data management
# rsautl - To encrypt/decrypt or sign/verify signature with RSA
# verify - Checkings for X509
# x509 - Data managing for X509

# encode with base64
cat document.txt | openssl enc -base64 -e
# decode with base64
cat document.txt | openssl enc -base64 -d

# cipher file simetrically
cat document.txt | openssl enc -des -e -k myPassword -out document.txt.sec
# in human readable format
cat document.txt | openssl enc -des -base64 -e -k myPassword -out document.txt.sec
# uncipher
cat document.txt.sec | openssl enc -des -d -k myPassword

# compress with zlib
cat document.txt | openssl zlib -e
# uncompress with zlib
cat document.txt | openssl zlib -d

# hash with sha256
cat document.txt | openssl dgst -sha256
# separated with colon
cat document.txt | openssl dgst -sha256 -c
# in coreutils format
cat document.txt | openssl dgst -sha256 -r
# as a binary file
cat document.txt | openssl dgst -sha256 -binary

# generate private EC key
openssl ecparam -name secp256k1 -genkey -noout -out privkey.pem
# generate corresponding EC public key
openssl ec -in privkey.pem -pubout -out pubkey.pem
# signing
openssl dgst -sha256 -sign privkey.pem -out document.txt.sig document.txt
# verifing signature
openssl dgst -sha256 -verify pubkey.pem -signature document.txt.sig document.txt

# generate private RSA key
openssl genrsa -des3 -out privkey.pem 4096
# generate public RSA key
openssl rsa -in privkey.pem -pubout -out pubkey.pem
# encrypt file
openssl rsautl -encrypt -pubin -inkey pubkey.pem -in document.txt -out document.txt.sec
# decrypt file
openssl rsautl -decrypt -inkey privkey.pem -in document.txt.sec
# signing
openssl dgst -sha256 -sign privkey.pem -out document.txt.sig document.txt
# verifing signature
openssl dgst -sha256 -verify pubkey.pem -signature document.txt.sig document.txt
# convert ssh privkey to openssl pem privkey
openssl rsa -in ~/.ssh/id_rsa -outform pem -out id_rsa.pem
	# openssl version
	openssl version

	# openssl commands
	openssl list-standard-commands
	# ca - create certificate authorities
	# dgst - compute hash functions
	# enc - encrypt/decrypt using secret key algorithms (it is possible to generate using a password or directly a secret key stored in a file)
	# genrsa - generate a pair of public/private key for the RSA algorithm
	# password - generation of “hashed passwords”
	# pkcs12 - manage information according to the PKCS #12 standard
	# pkcs7 - manage information according to the PKCS #7 standard
	# rand - Generation of pseudo-random bit strings
	# rsa - RSA data management
	# rsautl - To encrypt/decrypt or sign/verify signature with RSA
	# verify - Checkings for X509
	# x509 - Data managing for X509

	# encode with base64
	cat document.txt \| openssl enc -base64 -e
	# decode with base64
	cat document.txt \| openssl enc -base64 -d

	# cipher file simetrically
	cat document.txt \| openssl enc -des -e -k myPassword -out document.txt.sec
	# in human readable format
	cat document.txt \| openssl enc -des -base64 -e -k myPassword -out document.txt.sec
	# uncipher
	cat document.txt.sec \| openssl enc -des -d -k myPassword

	# compress with zlib
	cat document.txt \| openssl zlib -e
	# uncompress with zlib
	cat document.txt \| openssl zlib -d

	# hash with sha256
	cat document.txt \| openssl dgst -sha256
	# separated with colon
	cat document.txt \| openssl dgst -sha256 -c
	# in coreutils format
	cat document.txt \| openssl dgst -sha256 -r
	# as a binary file
	cat document.txt \| openssl dgst -sha256 -binary

	# generate private EC key
	openssl ecparam -name secp256k1 -genkey -noout -out privkey.pem
	# generate corresponding EC public key
	openssl ec -in privkey.pem -pubout -out pubkey.pem
	# signing
	openssl dgst -sha256 -sign privkey.pem -out document.txt.sig document.txt
	# verifing signature
	openssl dgst -sha256 -verify pubkey.pem -signature document.txt.sig document.txt

	# generate private RSA key
	openssl genrsa -des3 -out privkey.pem 4096
	# generate public RSA key
	openssl rsa -in privkey.pem -pubout -out pubkey.pem
	# encrypt file
	openssl rsautl -encrypt -pubin -inkey pubkey.pem -in document.txt -out document.txt.sec
	# decrypt file
	openssl rsautl -decrypt -inkey privkey.pem -in document.txt.sec
	# signing
	openssl dgst -sha256 -sign privkey.pem -out document.txt.sig document.txt
	# verifing signature
	openssl dgst -sha256 -verify pubkey.pem -signature document.txt.sig document.txt
	# convert ssh privkey to openssl pem privkey
	openssl rsa -in ~/.ssh/id_rsa -outform pem -out id_rsa.pem