acherunilam · December 21, 2016 22:55
diff --git a/crypto.sh b/crypto.sh
 ## Asymmetric Encryption ##
 # generate RSA-2048 private key
 openssl genrsa -aes256 -passout pass:passphrase -out private_key.pem 2048
 # generate corresponding public key
 openssl rsa -in private_key.pem -passin pass:passphrase -pubout -out public_key.pem
 # encrypt using public key
 openssl rsautl -encrypt -pubin -inkey public_key.pem -in message.txt -out message.txt.encrypted
 # decrypt using private key
 openssl rsautl -decrypt -inkey private_key.pem -passin pass:passphrase -in message.txt.encrypted -out message.txt.decrypted

 ## Digital Signature ##
 # compute SHA-256 for a file
 openssl dgst -sha256 message.txt
 # digitally sign the file
 openssl dgst -sha256 -sign private_key.pem -passin pass:passphrase -out message.txt.signature message.txt
 # convert binary signature to ASCII
 openssl base64 -in message.txt.signature -out message.txt.signature_ascii
 # convert ASCII signature to binary
 openssl base64 -d -in message.txt.signature_ascii -out message.txt.signature
 # verify the signature
 openssl dgst -sha256 -verify public_key.pem -signature message.txt.signature message.txt

 ## Symmetric Encryption ##
 # encode password to base64 string
 openssl base64 <<< "password"
 # decode base64 string to password
 openssl base64 -d <<< "cGFzc3dvcmQK"
 # generate random ASCII string of length 30
 openssl rand -base64 30 -out aes_password
 # encrypt using AES-256 to get plaintext
 openssl enc -aes-256-cbc -in message.txt -out message.txt.encrypted -a -pass file:aes_password
 # decrypt plaintext cipher using AES-256
 openssl enc -aes-256-cbc -in message.txt.encrypted -out message.txt.decrypted -a -d -pass file:aes_password
	## Asymmetric Encryption ##
	# generate RSA-2048 private key
	openssl genrsa -aes256 -passout pass:passphrase -out private_key.pem 2048
	# generate corresponding public key
	openssl rsa -in private_key.pem -passin pass:passphrase -pubout -out public_key.pem
	# encrypt using public key
	openssl rsautl -encrypt -pubin -inkey public_key.pem -in message.txt -out message.txt.encrypted
	# decrypt using private key
	openssl rsautl -decrypt -inkey private_key.pem -passin pass:passphrase -in message.txt.encrypted -out message.txt.decrypted

	## Digital Signature ##
	# compute SHA-256 for a file
	openssl dgst -sha256 message.txt
	# digitally sign the file
	openssl dgst -sha256 -sign private_key.pem -passin pass:passphrase -out message.txt.signature message.txt
	# convert binary signature to ASCII
	openssl base64 -in message.txt.signature -out message.txt.signature_ascii
	# convert ASCII signature to binary
	openssl base64 -d -in message.txt.signature_ascii -out message.txt.signature
	# verify the signature
	openssl dgst -sha256 -verify public_key.pem -signature message.txt.signature message.txt

	## Symmetric Encryption ##
	# encode password to base64 string
	openssl base64 <<< "password"
	# decode base64 string to password
	openssl base64 -d <<< "cGFzc3dvcmQK"
	# generate random ASCII string of length 30
	openssl rand -base64 30 -out aes_password
	# encrypt using AES-256 to get plaintext
	openssl enc -aes-256-cbc -in message.txt -out message.txt.encrypted -a -pass file:aes_password
	# decrypt plaintext cipher using AES-256
	openssl enc -aes-256-cbc -in message.txt.encrypted -out message.txt.decrypted -a -d -pass file:aes_password