DEV Community

Kishan B
Kishan B

Posted on • Originally published at kishaningithub.github.io

Openssl by Example

Table of contents

Symmetric key

Encryption

$ echo "top secret text" | openssl enc -aes-256-cbc -base64
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
<< encrypted text >>
Enter fullscreen mode Exit fullscreen mode

Decryption

$ echo "<< encrypted text >>" | openssl enc -d -aes-256-cbc -base64
enter aes-256-cbc decryption password:
top secret text
Enter fullscreen mode Exit fullscreen mode

Asymmetric key

Key Generation

Public key

openssl genrsa -out private.pem 2048
Enter fullscreen mode Exit fullscreen mode

Private key

openssl rsa -in private.pem -pubout -out public.pem
Enter fullscreen mode Exit fullscreen mode

Encryption

openssl rsautl -encrypt -in secret-transmission.txt -out secret-transmission.txt.enc -inkey public.pem -pubin
Enter fullscreen mode Exit fullscreen mode

Decryption

openssl rsautl -decrypt -in secret-transmission.txt.enc -out secret-transmission.txt -inkey private.pem
Enter fullscreen mode Exit fullscreen mode

Sending signed messages

openssl rsautl -sign -in secret-transmission.txt -out secret-transmission.txt.enc.signed -inkey private.pem
Enter fullscreen mode Exit fullscreen mode

Reading signed messages

openssl rsautl -verify -in secret-transmission.txt.enc.signed -out secret-transmission.txt -inkey public.pem -pubin
Enter fullscreen mode Exit fullscreen mode

Encrypting private key

Never store private key in clear text format!

openssl rsa -in private.pem -des3 -out private-enc.pem
Enter fullscreen mode Exit fullscreen mode

Others

Find openssl version

$ openssl version
LibreSSL 2.6.4
Enter fullscreen mode Exit fullscreen mode

List ciphers

openssl list-cipher-commands
Enter fullscreen mode Exit fullscreen mode

Discussion (0)