Public Key Crytopgraphy
##########
1. Diffie-Hellman (DH)
2. Digital Signature Algorithm (DSA)
3. RSA (Riverst,Shamir,Adleman)
4. S/MIME
1. Diffie-Hellman
#openssl dhparam -out dhparam.pem -2 1024
#openssl dhparam -in dhparam.pem -noout -C
2. DSA
#openssl dsaparam -out dsaparam.pem 1024
#openssl gendsa -out dsaprivatekey.pem -des3 desparam.pem
#openssl dsa -in dsaprivatekey.pem -pbout -out dsapublickey.pem
#openssl dsa -in dsaprivatekey.pem -out dsaprivatekey.pem -des3 \
-passin pass:oldpasswd -passout pass:newpasswd
3. RSA
#openssl genrsa -out rsaprivatekey.pem -passout pass:open123 -des3 1024
#openssl rsa -in rsaprivatekey.pem -passin pass:open123 -pubout \
-out rsapublickey.pem
#openssl rsautl -encrypt -pubin -inkey rsapublickey.pem -in plaintxt \
-out cipher.txt
#openssl reautl -decrypt -inkey rsaprivatkey.pem -in cipher.txt -out plaintxt
#openssl rsautl -sign -inkey rsaprivatekey.pem -in plain.txt \
-out signature.bin
#openssl rsautl -verify -publin -inkey rsapublickey.pem -in \
signature.bin -out plain.txt
4. S/MIME
#openssl smine -encrypt -in mail.txt -des3 -out mail.enccert.pem
#openssl smine -decrypt -in mail.enc -recip cert.pem -inkey key.pem \
-out mail.sgn
#openssl smine -sign -in mail.txt -signer cert.pem -inkey key.pem \
-out mail.sgn
#openssl smine -verify -in mail.sgn -out mail.txt
#openssl dhparam -out dhparam.pem -2 1024
[shan@ipc4 openssl]$ more dhparam.pem
-----BEGIN DH PARAMETERS-----
MIGHAoGBAM34BWAn2CV8+utL5S9EOew5RYScXu5FjvyisMs/Eyn698FKgu20tonA
O9q9462n3lT6bzsMIOkfn2VnKWO8oqk9gOAkTICgVATiS59NFvN21t8okNHXR4TJ
2rWmhBRcBhZQgGZw0jPlHDE6FEfjqrAoHuu5SvJXZu4L6KV1n7H7AgEC
-----END DH PARAMETERS-----
Reads a set of Diffie-Hellman paramenters from the file dhparam.pem and writes
a C code respresentation of the parameters to stout.
[shan@ipc4 openssl]$ openssl dhparam -in dhparam.pem -noout -C
#ifndef HEADER_DH_H
#include
#endif
DH *get_dh1024()
{
static unsigned char dh1024_p[]={
0xCD,0xF8,0x05,0x60,0x27,0xD8,0x25,0x7C,0xFA,0xEB,0x4B,0xE5,
0x2F,0x44,0x39,0xEC,0x39,0x45,0x84,0x9C,0x5E,0xEE,0x45,0x8E,
0xFC,0xA2,0xB0,0xCB,0x3F,0x13,0x29,0xFA,0xF7,0xC1,0x4A,0x82,
0xED,0xB4,0xB6,0x89,0xC0,0x3B,0xDA,0xBD,0xE3,0xAD,0xA7,0xDE,
0x54,0xFA,0x6F,0x3B,0x0C,0x20,0xE9,0x1F,0x9F,0x65,0x67,0x29,
0x63,0xBC,0xA2,0xA9,0x3D,0x80,0xE0,0x24,0x4C,0x80,0xA0,0x54,
0x04,0xE2,0x4B,0x9F,0x4D,0x16,0xF3,0x76,0xD6,0xDF,0x28,0x90,
0xD1,0xD7,0x47,0x84,0xC9,0xDA,0xB5,0xA6,0x84,0x14,0x5C,0x06,
0x16,0x50,0x80,0x66,0x70,0xD2,0x33,0xE5,0x1C,0x31,0x3A,0x14,
0x47,0xE3,0xAA,0xB0,0x28,0x1E,0xEB,0xB9,0x4A,0xF2,0x57,0x66,
0xEE,0x0B,0xE8,0xA5,0x75,0x9F,0xB1,0xFB,
};
static unsigned char dh1024_g[]={
0x02,
};
DH *dh;
if ((dh=DH_new()) == NULL) return(NULL);
dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
if ((dh->p == NULL) || (dh->g == NULL))
{ DH_free(dh); return(NULL); }
return(dh);
}
DSA
[shan@ipc4 openssl]$ openssl dsaparam -out dsaparam.pem 1024
Generating DSA parameters, 1024 bit long prime
This could take some time
....+.......+++++++++++++++++++++++++++++++++++++++++++++++++++*
.+...+..+....+.+.................................+......+.......+.....+.....+...
...+.+..................+..............................+....++++++++++++++++++++
+++++++++++++++++++++++++++++++*
[shan@ipc4 openssl]$ openssl gendsa -out dsaprivatekey.pem -des3 dsaparam.pem
Generating DSA key, 1024 bits
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
[shan@ipc4 openssl]$
[shan@ipc4 openssl]$ openssl dsa -in dsaprivatekey.pem -pubout -out
dsapublickey.pem
read DSA key
Enter PEM pass phrase:
writing DSA key
[shan@ipc4 openssl]$ ls
dhparam.pem dsaparam.pem dsaprivatekey.pem dsapublickey.pem openssl.txt
[shan@ipc4 openssl]$ cat dsa*pem
-----BEGIN DSA PARAMETERS-----
MIIBHgKBgQC5Xhv0mFXaAYPwHVU/NKuYwkwd13cYttAoKlqoong7AB9wyCY1f4v5
g7OFoiKSZwZbnZdF6E5yId5VF8VR6usU0jNkef96X9tnwHM4SBjd7sZJsrgB4VFb
cK+BinOhRiplnA2j3iPwK0+UpS9lqwflVPBtZp77qdhr+sCqH40OHQIVAIHQo2SJ
3cyL99bjvxgHuV4yYNJdAoGAYi3X8zyjO5kb23TZEO365NLNd76gxgPjftwCleHk
VileZ5oRr7Ysfd13icvrAHp/STyszTUezWhDSoi5c/sZqK5CkYTyWGxBA2Q4pJzr
o96NAuDx+HY/mzDPiYxW8+vgcFKjK8ZtRPVdYm7/pzOPAsK7uTYl7dsvczAzq4sy
xOQ=
-----END DSA PARAMETERS-----
-----BEGIN DSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,90B967D1B13289CA
jVh7gsM6R6HRSu8yRKP10UOQ5fJGBZTFMc1BbVZqAcT8GRYBuMhJ3MsL35g2chuT
+W3n0KxhGmU9RH+hSMyrPrVWy82FAXdWUjipDyCm/3nfrrvTunE2RCy242axBH9n
JqxFRLDnTgfcgMw3fxK9QGfbKn2+IxG4kQmxJaWbzH9ooCJPuNIllztyRHCGNNyr
9ognjrdFiVh506Yz7xOjPtvnzMry0rZ6B97LjqH0MixMS4HFGUgBeuv06fulBgte
GDIdSYqqYmfhweOFEVpW4WJqV7heJVDDSkjYcVFv0ITfUa3LIZl8HUIf06sog91m
ENWqKfoky5fFRVN3urmcGmOgXs3UdAiIdHop6tWXFskTQ8+FlI5BSDLM8wwqNsAN
hVENfZeSqHL5Qbiq0J1TyjTHO4NcOrrub57wm3tfIXofEIdWbR0Qp+hoGUOZZZ0g
2ODcE6Y/oSTOhTNYVPBSL9MKZO8NmO2kjgllEJdMiJRFr1eGvlMBq3OP+9E+Oadk
tnqjW7ITfjSByGe7V33JR6iuogBCGBFsNB9DhGGshw7KJjy4Swlf119Ba9W1v6Wl
YhwpIyw1YHhY6IVjqtoFmQ==
-----END DSA PRIVATE KEY-----
-----BEGIN PUBLIC KEY-----
MIIBtzCCASsGByqGSM44BAEwggEeAoGBALleG/SYVdoBg/AdVT80q5jCTB3Xdxi2
0CgqWqiieDsAH3DIJjV/i/mDs4WiIpJnBludl0XoTnIh3lUXxVHq6xTSM2R5/3pf
22fAczhIGN3uxkmyuAHhUVtwr4GKc6FGKmWcDaPeI/ArT5SlL2WrB+VU8G1mnvup
2Gv6wKofjQ4dAhUAgdCjZIndzIv31uO/GAe5XjJg0l0CgYBiLdfzPKM7mRvbdNkQ
7frk0s13vqDGA+N+3AKV4eRWKV5nmhGvtix93XeJy+sAen9JPKzNNR7NaENKiLlz
+xmorkKRhPJYbEEDZDiknOuj3o0C4PH4dj+bMM+JjFbz6+BwUqMrxm1E9V1ibv+n
M48Cwru5NiXt2y9zMDOrizLE5AOBhQACgYEAhSOzZHU0XD3InVY1GzMsrmCcR0SC
PYFRtdchZqXpT/D30aul/9k4I57g6Bo4wo0pDcaNcZmaqQCzW8x5jvIeQ3jtXBsb
Dl8oLkl+XubhitHsZSJLblf8/g/+bB19iTOj1EMf3g449o/gn+p52HNhc8NszaxQ
yOkeP1KaA7kKDkU=
-----END PUBLIC KEY-----
[:wopenssl dsa -in dsaprivatekey.com -out dsaprivatekey.pem -des3
-passin pass:letmein -passout pass:letmein01
726 openssl dsa -in dsaprivatekey.pem -out dsaprivatekey.pem -des3
-passin pass:letmein -passout pass:letmein01
727 ls
728 openssl genrsa -out rsaprivatekey.pem -passout pass:letmein -des3
1024
729 openssl rsa -in rsaprivatekey.pem -passin pass:letmein -pubout -out
rsapublickey.pem
730 openssl rsautl -encrypt -pubin -inkey rsapublickey.pem -in
openssl.txt -out openssl.txt.cip
