noobdummy / blog

MIT License
0 stars 0 forks source link

openssl #13

Open noobdummy opened 3 years ago

noobdummy commented 3 years ago
Standard commands
asn1parse         ca                ciphers           cms               
crl               crl2pkcs7         dgst              dhparam           
dsa               dsaparam          ec                ecparam           
enc               engine            errstr            gendsa            
genpkey           genrsa            help              list              
nseq              ocsp              passwd            pkcs12            
pkcs7             pkcs8             pkey              pkeyparam         
pkeyutl           prime             rand              rehash            
req               rsa               rsautl            s_client          
s_server          s_time            sess_id           smime             
speed             spkac             srp               storeutl          
ts                verify            version           x509              

Message Digest commands (see the `dgst' command for more details)
blake2b512        blake2s256        gost              md4               
md5               rmd160            sha1              sha224            
sha256            sha3-224          sha3-256          sha3-384          
sha3-512          sha384            sha512            sha512-224        
sha512-256        shake128          shake256          sm3               

Cipher commands (see the `enc' command for more details)
aes-128-cbc       aes-128-ecb       aes-192-cbc       aes-192-ecb       
aes-256-cbc       aes-256-ecb       aria-128-cbc      aria-128-cfb      
aria-128-cfb1     aria-128-cfb8     aria-128-ctr      aria-128-ecb      
aria-128-ofb      aria-192-cbc      aria-192-cfb      aria-192-cfb1     
aria-192-cfb8     aria-192-ctr      aria-192-ecb      aria-192-ofb      
aria-256-cbc      aria-256-cfb      aria-256-cfb1     aria-256-cfb8     
aria-256-ctr      aria-256-ecb      aria-256-ofb      base64            
bf                bf-cbc            bf-cfb            bf-ecb            
bf-ofb            camellia-128-cbc  camellia-128-ecb  camellia-192-cbc  
camellia-192-ecb  camellia-256-cbc  camellia-256-ecb  cast              
cast-cbc          cast5-cbc         cast5-cfb         cast5-ecb         
cast5-ofb         des               des-cbc           des-cfb           
des-ecb           des-ede           des-ede-cbc       des-ede-cfb       
des-ede-ofb       des-ede3          des-ede3-cbc      des-ede3-cfb      
des-ede3-ofb      des-ofb           des3              desx              
rc2               rc2-40-cbc        rc2-64-cbc        rc2-cbc           
rc2-cfb           rc2-ecb           rc2-ofb           rc4               
rc4-40            seed              seed-cbc          seed-cfb          
seed-ecb          seed-ofb          sm4-cbc           sm4-cfb           
sm4-ctr           sm4-ecb           sm4-ofb           

asn1parse

prime

noobdummy commented 3 years ago
# openssl asn1parse -help
Usage: asn1parse [options]
Valid options are:
 -help            Display this summary
 -inform PEM|DER  input format - one of DER PEM
 -in infile       input file
 -out outfile     output file (output format is always DER)
 -i               indents the output
 -noout           do not produce any output
 -offset +int     offset into file
 -length +int     length of section in file
 -oid infile      file of extra oid definitions
 -dump            unknown data in hex form
 -dlimit +int     dump the first arg bytes of unknown data in hex form
 -strparse +int   offset; a series of these can be used to 'dig'
                  into multiple ASN1 blob wrappings
 -genstr val      string to generate ASN1 structure from
 -genconf val     file to generate ASN1 structure from
                  (-inform  will be ignored)
 -strictpem       do not attempt base64 decode outside PEM markers
 -item val        item to parse and print
noobdummy commented 3 years ago
# openssl genrsa -out private512.pem 512
Generating RSA private key, 512 bit long modulus (2 primes)
....+++++++++++++++++++++++++++
....+++++++++++++++++++++++++++
e is 65537 (0x010001)
# cat private512.pem 
-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBAK7fgV/nBzzGX5JO8JEImJraG+525MLarmDB+1OkC0Pv+mom+5Lq
i66ZZOYEfpYnCw5G/Z5KGf4g4vhRpSDAqX0CAwEAAQJAVX1wuxivohd8y4MJ+m1Q
ZYuxUgAPz+6mhyjuHDK7SydsVDVBf8IADNSC8zqjs5Ctoy3qARVfRmek4I3TdWgF
4QIhAOJhdLxqhuNgo7OOkaUnnp9lWa/f7kl0o1Nzy9RjxSj1AiEAxcDRtvaxoMFN
e8bma8mqsniAZycTdbzN+OxySX5BSWkCICb4g/ITnJjz//pfJq95vJLQDbp7IDhA
/gTVwFcVvdEpAiAyYpCMZ4qWhOnzEZh/+iAN3PoKTkB9DSAFvmjYJN0JkQIhAK2j
jObHmrG/NO+zd2aC4tysqQkNdRyTgrIbftcX58UF
-----END RSA PRIVATE KEY-----
noobdummy commented 3 years ago
# openssl asn1parse -dump -inform PEM -in private512.pem
    0:d=0  hl=4 l= 314 cons: SEQUENCE          
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=2 l=  65 prim: INTEGER           :AEDF815FE7073CC65F924EF09108989ADA1BEE76E4C2DAAE60C1FB53A40B43EFFA6A26FB92EA8BAE9964E6047E96270B0E46FD9E4A19FE20E2F851A520C0A97D
   74:d=1  hl=2 l=   3 prim: INTEGER           :010001
   79:d=1  hl=2 l=  64 prim: INTEGER           :557D70BB18AFA2177CCB8309FA6D50658BB152000FCFEEA68728EE1C32BB4B276C5435417FC2000CD482F33AA3B390ADA32DEA01155F4667A4E08DD3756805E1
  145:d=1  hl=2 l=  33 prim: INTEGER           :E26174BC6A86E360A3B38E91A5279E9F6559AFDFEE4974A35373CBD463C528F5
  180:d=1  hl=2 l=  33 prim: INTEGER           :C5C0D1B6F6B1A0C14D7BC6E66BC9AAB2788067271375BCCDF8EC72497E414969
  215:d=1  hl=2 l=  32 prim: INTEGER           :26F883F2139C98F3FFFA5F26AF79BC92D00DBA7B203840FE04D5C05715BDD129
  249:d=1  hl=2 l=  32 prim: INTEGER           :3262908C678A9684E9F311987FFA200DDCFA0A4E407D0D2005BE68D824DD0991
  283:d=1  hl=2 l=  33 prim: INTEGER           :ADA38CE6C79AB1BF34EFB3776682E2DCACA9090D751C9382B21B7ED717E7C505
noobdummy commented 3 years ago

https://www.openssl.org/docs/manmaster/man1/openssl-asn1parse.html

# openssl asn1parse -genstr 'UTF8:Hello World'
    0:d=0  hl=2 l=  11 prim: UTF8STRING        :Hello World
# openssl asn1parse -genstr 'UTF8:Hello World' -noout -out utf8.der
# hexdump -C utf8.der                                
00000000  0c 0b 48 65 6c 6c 6f 20  57 6f 72 6c 64           |..Hello World|
0000000d
# cat asn1.cnf 
asn1=SEQUENCE:seq_sect

[seq_sect]

field1=BOOL:TRUE
field2=EXP:0, UTF8:some random string
openssl asn1parse -genconf asn1.cnf -noout -out asn1.der
# hexdump -C asn1.der 
00000000  30 19 01 01 ff a0 14 0c  12 73 6f 6d 65 20 72 61  |0........some ra|
00000010  6e 64 6f 6d 20 73 74 72  69 6e 67                 |ndom string|
0000001b
noobdummy commented 3 years ago
# openssl prime -help    
Usage: prime [options] [number...]
  number Number to check for primality
 -help         Display this summary
 -hex          Hex output
 -generate     Generate a prime
 -bits +int    Size of number in bits
 -safe         When used with -generate, generate a safe prime
 -checks +int  Number of checks
noobdummy commented 3 years ago

https://www.openssl.org/docs/manmaster/man1/openssl-prime.html

# openssl prime -generate -bits 8
211
# openssl prime -generate -bits 8 -safe
227
# openssl prime -generate -bits 8 -safe -hex
E3