|
|
@@ -5,34 +5,72 @@ tags: [crypto]
|
|
|
---
|
|
|
# Openssl cheatsheet
|
|
|
|
|
|
+## Generation
|
|
|
|
|
|
-## View Certificate File (x509):
|
|
|
+### Generate Private Key:
|
|
|
+
|
|
|
+```
|
|
|
+openssl genrsa -out server.key 4096
|
|
|
+```
|
|
|
+
|
|
|
+## Conversions / Extractions
|
|
|
+
|
|
|
+### Extract Certificate from PKCS12
|
|
|
+
|
|
|
+```
|
|
|
+openssl pkcs12 -nokeys -in certificate.[pfx/p12] -out certificate.crt
|
|
|
+```
|
|
|
+
|
|
|
+### Extract Private Key from PKCS12
|
|
|
+
|
|
|
+```
|
|
|
+openssl pkcs12 -nocerts -in certificate.[pfx/p12] -out private.key
|
|
|
+```
|
|
|
+
|
|
|
+### Remove Password from Private Key
|
|
|
+
|
|
|
+```
|
|
|
+openssl rsa -in -in private.key -out private.nopw.key
|
|
|
+```
|
|
|
+
|
|
|
+### PEM to DER: RSA Key
|
|
|
+
|
|
|
+```
|
|
|
+openssl rsa -inform PEM -outform DER -text -in mykey.pem -out mykey.der
|
|
|
+```
|
|
|
+
|
|
|
+### PEM to DER: X509
|
|
|
+
|
|
|
+```
|
|
|
+openssl x509 -inform DER -outform PEM -text -in mykey.der -out mykey.pem
|
|
|
+```
|
|
|
+
|
|
|
+
|
|
|
+## View
|
|
|
+
|
|
|
+### View Certificate File (x509):
|
|
|
|
|
|
```
|
|
|
openssl x509 -pubkey -noout -in <file>
|
|
|
```
|
|
|
|
|
|
-## View Public Key File:
|
|
|
+### View Public Key File:
|
|
|
|
|
|
```
|
|
|
openssl rsa -noout -text -pubin < key.pub
|
|
|
```
|
|
|
|
|
|
-## View Private Key File:
|
|
|
+### View Private Key File:
|
|
|
|
|
|
```
|
|
|
openssl rsa -noout -text -in key.pub
|
|
|
```
|
|
|
|
|
|
-## Generate Private Key:
|
|
|
|
|
|
-```
|
|
|
-openssl genrsa -out server.key 4096
|
|
|
-```
|
|
|
+## Encryption/Decryption
|
|
|
|
|
|
-## Decrypt File using RSA Private Key
|
|
|
+### Decrypt File using RSA Private Key
|
|
|
|
|
|
```
|
|
|
openssl rsautl -decrypt -inkey pkey.pem -in flag.enc -out out.dec
|
|
|
```
|
|
|
-
|
Marius Schwarz