Level 1: RSA encryption and decryption
Use the OpenSSL command line to implement RSA encryption and decryption of text files.
- Create a clear text file hello.txt with the content GuetPython
- Use genrsa to generate a 1024-bit plaintext rsa private key privacy.pem, that is, an unencrypted private key.
- Use rsa to output the public key file public.pem
- Use the public key file public.pem to encrypt hello.txt to hello.en
- Use private key privacy.pem to decrypt hello.en to hello.de
- The test file will use the cat command to output the contents of hello.de to check whether it is decrypted correctly.
echo GuetPython > hello.txt openssl genrsa -out privacy.pem 1024 openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout openssl rsautl -encrypt -pubin -inkey public.pem -in hello.txt -out hello.en openssl rsautl -decrypt -inkey privacy.pem -in hello.en -out hello.de
Here are the steps to implement RSA encryption and decryption of text files using the OpenSSL command line:
-
Create a clear text file
hello.txt
with the content “GuetPython”. You can create and save this file using any text editor.echo GuetPython > hello.txt
-
Use the
genrsa
command to generate a 1024-bit unencrypted RSA private keyprivacy.pem
.
openssl genrsa -out privacy.pem 1024
This will generate an unencrypted RSA private key privacy.pem
file.
- Extract the public key from the private key and save it as a
public.pem
file, using thersa
command.
openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout
This will extract the public key from the private key file and save it as a public.pem
file.
- Use the public key file
public.pem
to encrypt thehello.txt
file, and save the encryption result ashello.en
, usingrsautl
command.
openssl rsautl -encrypt -pubin -inkey public.pem -in hello.txt -out hello.en
This will encrypt the hello.txt
file using the public key and save the encryption result as a hello.en
file.
- Use the private key file
privacy.pem
to decrypt thehello.en
file, and save the decryption result ashello.de
, usingrsautl
command.
openssl rsautl -decrypt -inkey privacy.pem -in hello.en -out hello.de
This will decrypt the hello.en
file using the private key and save the decrypted result as a hello.de
file.
Please make sure that when executing the above command, you are in the correct working directory and have OpenSSL added to your system’s environment variables.
After completing these steps, you will have the required files: hello.txt
(clear text file), privacy.pem
(1024-bit RSA private key file), public .pem
(RSA public key file), hello.en
(ciphertext file), and hello.de
(decryption file).
Level 2: RSA signature authentication
Use the OpenSSL command line to implement the file signature and verification process using the RSA algorithm
- Create a clear text file hello.txt with the content GuetPython
- Use genrsa to generate 1024bit plaintext rsa private key privacy.pem, that is, an unencrypted private key
- Use rsa to output the public key file public.pem
- Sign hello.txt as hello.sig using private key privacy.pem
- Use the public key file public.pem to verify the signature hello.sigt as hello.ver
- The test file will use the cat command to output the contents of hello.ver to check whether the signature is correct.
echo GuetPython > hello.txt openssl genrsa -out privacy.pem 1024 openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout openssl rsautl -sign -inkey privacy.pem -in hello.txt -out hello.sig openssl rsautl -verify -inkey public.pem -pubin -in hello.sig -out hello.ver cat hello.ver
Here are the steps to implement the RSA signing and verification process for files using the OpenSSL command line:
-
Create a clear text file
hello.txt
with the content “GuetPython”. You can create and save this file using any text editor. -
Use the
genrsa
command to generate a 1024-bit unencrypted RSA private keyprivacy.pem
.
openssl genrsa -out privacy.pem 1024
This will generate an unencrypted RSA private key privacy.pem
file.
- Extract the public key from the private key and save it as a
public.pem
file, using thersa
command.
openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout
This will extract the public key from the private key file and save it as a public.pem
file.
- Use the private key file
privacy.pem
to sign thehello.txt
file, and save the signature result ashello.sig
, usingrsautl
command.
openssl rsautl -sign -inkey privacy.pem -in hello.txt -out hello.sig
This will sign the hello.txt
file using the private key and save the signing result as a hello.sig
file.
- Use the public key file
public.pem
to verify thehello.sig
file, and save the verification result ashello.ver
, usingrsautl
command.
openssl rsautl -verify -inkey public.pem -pubin -in hello.sig -out hello.ver
This will verify the hello.sig
file using the public key and save the verification results as a hello.ver
file.
- Use the
cat
command to output the contents of thehello.ver
file to verify that the signature is correct.
cat hello.ver
This will display the contents of the hello.ver
file in the command line window.
Please make sure that when executing the above command, you are in the correct working directory and have OpenSSL added to your system’s environment variables.
After completing these steps, you will have the required files: hello.txt
(clear text file), privacy.pem
(1024-bit RSA private key file), public .pem
(RSA public key file), hello.sig
(signature file), and hello.ver
(verify signature file).
Level 3: Practical RSA signature verification
Use the OpenSSL command line to implement the signing and verification process of the file digest using the RSA algorithm. Compared with the process of directly performing signature verification on files, the speed of signature verification can be improved.
1. Create a plain text file hello.txt with the content GuetPython
2. Use genrsa to generate a 1024-bit plaintext rsa private key privacy.pem, that is, an unencrypted private key.
3. Use rsa to output the public key file public.pem
4. Use dgst digest algorithm sha256 and private key privacy.pem to implement signature hello.txt as hello.sha256
5. Use the dgst digest algorithm sha256 and the public key file public.pem to verify the signature hello.sha256, and output the verification result Verified OK to the result.txt file
6. The test file will use the cat command to output the contents of result.txt to check whether the signature is correct.
echo GuetPython > hello.txt openssl genrsa -out privacy.pem 1024 openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout openssl dgst -sha256 -sign privacy.pem -out hello.sha256 hello.txt openssl dgst -sha256 -verify public.pem -signature hello.sha256 hello.txt > result.txt cat result.txt
The following are the steps to implement the RSA signing and verification process of a file digest using the OpenSSL command line:
- Create a clear text file
hello.txt
with the content “GuetPython”. You can create and save this file using any text editor.
echo GuetPython > hello.txt
? 2. Use the genrsa
command to generate a 1024-bit unencrypted RSA private key privacy.pem
.
openssl genrsa -out privacy.pem 1024
This will generate an unencrypted RSA private key privacy.pem
file.
- Extract the public key from the private key and save it as a
public.pem
file, using thersa
command.
openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout
This will extract the public key from the private key file and save it as a public.pem
file.
- Use the
dgst
command combined with the SHA256 digest algorithm and the private key fileprivacy.pem
to sign thehello.txt
file, and save the signature result ashello.sha256
.
openssl dgst -sha256 -sign privacy.pem -out hello.sha256 hello.txt
This will sign the hello.txt
file using the SHA256 digest algorithm and the private key, and save the signed result as a hello.sha256
file.
- Use the
dgst
command in combination with the SHA256 digest algorithm and the public key filepublic.pem
to verify thehello.sha256
file, and output the verification results toresult.txt
file.
openssl dgst -sha256 -verify public.pem -signature hello.sha256 hello.txt > result.txt
This will verify the hello.sha256
file using the SHA256 digest algorithm and the public key, and output the verification results to the result.txt
file.
- Use the
cat
command to output the contents of theresult.txt
file to check whether the verification signature is correct.
cat result.txt
This will display the contents of the result.txt
file in the command line window and, if the verification passes, will display “Verified OK”.
Please make sure that when executing the above command, you are in the correct working directory and have OpenSSL added to your system’s environment variables.
After completing these steps, you will have the required files: hello.txt
(clear text file), privacy.pem
(1024-bit RSA private key file), public .pem
(RSA public key file), hello.sha256
(signature file), and result.txt
(verification result file).