Touge-Using RAS encryption and decryption in openssl

Level 1: RSA encryption and decryption

Use the OpenSSL command line to implement RSA encryption and decryption of text files.

  1. Create a clear text file hello.txt with the content GuetPython
  2. Use genrsa to generate a 1024-bit plaintext rsa private key privacy.pem, that is, an unencrypted private key.
  3. Use rsa to output the public key file public.pem
  4. Use the public key file public.pem to encrypt hello.txt to hello.en
  5. Use private key privacy.pem to decrypt hello.en to hello.de
  6. The test file will use the cat command to output the contents of hello.de to check whether it is decrypted correctly.
echo GuetPython > hello.txt
openssl genrsa -out privacy.pem 1024
openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout
openssl rsautl -encrypt -pubin -inkey public.pem -in hello.txt -out hello.en
openssl rsautl -decrypt -inkey privacy.pem -in hello.en -out hello.de

Here are the steps to implement RSA encryption and decryption of text files using the OpenSSL command line:

  1. Create a clear text file hello.txt with the content “GuetPython”. You can create and save this file using any text editor.

    echo GuetPython > hello.txt

  2. Use the genrsa command to generate a 1024-bit unencrypted RSA private key privacy.pem.

openssl genrsa -out privacy.pem 1024

This will generate an unencrypted RSA private key privacy.pem file.

  1. Extract the public key from the private key and save it as a public.pem file, using the rsa command.
openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout

This will extract the public key from the private key file and save it as a public.pem file.

  1. Use the public key file public.pem to encrypt the hello.txt file, and save the encryption result as hello.en, using rsautl command.
openssl rsautl -encrypt -pubin -inkey public.pem -in hello.txt -out hello.en

This will encrypt the hello.txt file using the public key and save the encryption result as a hello.en file.

  1. Use the private key file privacy.pem to decrypt the hello.en file, and save the decryption result as hello.de, using rsautl command.
openssl rsautl -decrypt -inkey privacy.pem -in hello.en -out hello.de

This will decrypt the hello.en file using the private key and save the decrypted result as a hello.de file.

Please make sure that when executing the above command, you are in the correct working directory and have OpenSSL added to your system’s environment variables.

After completing these steps, you will have the required files: hello.txt (clear text file), privacy.pem (1024-bit RSA private key file), public .pem (RSA public key file), hello.en (ciphertext file), and hello.de (decryption file).

Level 2: RSA signature authentication

Use the OpenSSL command line to implement the file signature and verification process using the RSA algorithm

  1. Create a clear text file hello.txt with the content GuetPython
  2. Use genrsa to generate 1024bit plaintext rsa private key privacy.pem, that is, an unencrypted private key
  3. Use rsa to output the public key file public.pem
  4. Sign hello.txt as hello.sig using private key privacy.pem
  5. Use the public key file public.pem to verify the signature hello.sigt as hello.ver
  6. The test file will use the cat command to output the contents of hello.ver to check whether the signature is correct.
echo GuetPython > hello.txt
openssl genrsa -out privacy.pem 1024
openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout
openssl rsautl -sign -inkey privacy.pem -in hello.txt -out hello.sig
openssl rsautl -verify -inkey public.pem -pubin -in hello.sig -out hello.ver
cat hello.ver

Here are the steps to implement the RSA signing and verification process for files using the OpenSSL command line:

  1. Create a clear text file hello.txt with the content “GuetPython”. You can create and save this file using any text editor.

  2. Use the genrsa command to generate a 1024-bit unencrypted RSA private key privacy.pem.

openssl genrsa -out privacy.pem 1024

This will generate an unencrypted RSA private key privacy.pem file.

  1. Extract the public key from the private key and save it as a public.pem file, using the rsa command.
openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout

This will extract the public key from the private key file and save it as a public.pem file.

  1. Use the private key file privacy.pem to sign the hello.txt file, and save the signature result as hello.sig, using rsautl command.
openssl rsautl -sign -inkey privacy.pem -in hello.txt -out hello.sig

This will sign the hello.txt file using the private key and save the signing result as a hello.sig file.

  1. Use the public key file public.pem to verify the hello.sig file, and save the verification result as hello.ver, using rsautl command.
openssl rsautl -verify -inkey public.pem -pubin -in hello.sig -out hello.ver

This will verify the hello.sig file using the public key and save the verification results as a hello.ver file.

  1. Use the cat command to output the contents of the hello.ver file to verify that the signature is correct.
cat hello.ver

This will display the contents of the hello.ver file in the command line window.

Please make sure that when executing the above command, you are in the correct working directory and have OpenSSL added to your system’s environment variables.

After completing these steps, you will have the required files: hello.txt (clear text file), privacy.pem (1024-bit RSA private key file), public .pem (RSA public key file), hello.sig (signature file), and hello.ver (verify signature file).

Level 3: Practical RSA signature verification

Use the OpenSSL command line to implement the signing and verification process of the file digest using the RSA algorithm. Compared with the process of directly performing signature verification on files, the speed of signature verification can be improved.
1. Create a plain text file hello.txt with the content GuetPython
2. Use genrsa to generate a 1024-bit plaintext rsa private key privacy.pem, that is, an unencrypted private key.
3. Use rsa to output the public key file public.pem
4. Use dgst digest algorithm sha256 and private key privacy.pem to implement signature hello.txt as hello.sha256
5. Use the dgst digest algorithm sha256 and the public key file public.pem to verify the signature hello.sha256, and output the verification result Verified OK to the result.txt file
6. The test file will use the cat command to output the contents of result.txt to check whether the signature is correct.

echo GuetPython > hello.txt
openssl genrsa -out privacy.pem 1024
openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout
openssl dgst -sha256 -sign privacy.pem -out hello.sha256 hello.txt
openssl dgst -sha256 -verify public.pem -signature hello.sha256 hello.txt > result.txt
cat result.txt

The following are the steps to implement the RSA signing and verification process of a file digest using the OpenSSL command line:

  1. Create a clear text file hello.txt with the content “GuetPython”. You can create and save this file using any text editor.
echo GuetPython > hello.txt

? 2. Use the genrsa command to generate a 1024-bit unencrypted RSA private key privacy.pem.

openssl genrsa -out privacy.pem 1024

This will generate an unencrypted RSA private key privacy.pem file.

  1. Extract the public key from the private key and save it as a public.pem file, using the rsa command.
openssl rsa -in privacy.pem -out public.pem -outform PEM -pubout

This will extract the public key from the private key file and save it as a public.pem file.

  1. Use the dgst command combined with the SHA256 digest algorithm and the private key file privacy.pem to sign the hello.txt file, and save the signature result as hello.sha256.
openssl dgst -sha256 -sign privacy.pem -out hello.sha256 hello.txt

This will sign the hello.txt file using the SHA256 digest algorithm and the private key, and save the signed result as a hello.sha256 file.

  1. Use the dgst command in combination with the SHA256 digest algorithm and the public key file public.pem to verify the hello.sha256 file, and output the verification results to result.txt file.
openssl dgst -sha256 -verify public.pem -signature hello.sha256 hello.txt > result.txt

This will verify the hello.sha256 file using the SHA256 digest algorithm and the public key, and output the verification results to the result.txt file.

  1. Use the cat command to output the contents of the result.txt file to check whether the verification signature is correct.
cat result.txt

This will display the contents of the result.txt file in the command line window and, if the verification passes, will display “Verified OK”.

Please make sure that when executing the above command, you are in the correct working directory and have OpenSSL added to your system’s environment variables.

After completing these steps, you will have the required files: hello.txt (clear text file), privacy.pem (1024-bit RSA private key file), public .pem (RSA public key file), hello.sha256 (signature file), and result.txt (verification result file).