Skip to content

Instantly share code, notes, and snippets.

@placek
Last active December 11, 2022 09:58
Show Gist options
  • Save placek/a0fea1b8f637e2bef357 to your computer and use it in GitHub Desktop.
Save placek/a0fea1b8f637e2bef357 to your computer and use it in GitHub Desktop.
OpenSSL cheat sheet
# openssl version
openssl version
# openssl commands
openssl list-standard-commands
# ca - create certificate authorities
# dgst - compute hash functions
# enc - encrypt/decrypt using secret key algorithms (it is possible to generate using a password or directly a secret key stored in a file)
# genrsa - generate a pair of public/private key for the RSA algorithm
# password - generation of “hashed passwords”
# pkcs12 - manage information according to the PKCS #12 standard
# pkcs7 - manage information according to the PKCS #7 standard
# rand - Generation of pseudo-random bit strings
# rsa - RSA data management
# rsautl - To encrypt/decrypt or sign/verify signature with RSA
# verify - Checkings for X509
# x509 - Data managing for X509
# encode with base64
cat document.txt | openssl enc -base64 -e
# decode with base64
cat document.txt | openssl enc -base64 -d
# cipher file simetrically
cat document.txt | openssl enc -des -e -k myPassword -out document.txt.sec
# in human readable format
cat document.txt | openssl enc -des -base64 -e -k myPassword -out document.txt.sec
# uncipher
cat document.txt.sec | openssl enc -des -d -k myPassword
# compress with zlib
cat document.txt | openssl zlib -e
# uncompress with zlib
cat document.txt | openssl zlib -d
# hash with sha256
cat document.txt | openssl dgst -sha256
# separated with colon
cat document.txt | openssl dgst -sha256 -c
# in coreutils format
cat document.txt | openssl dgst -sha256 -r
# as a binary file
cat document.txt | openssl dgst -sha256 -binary
# generate private EC key
openssl ecparam -name secp256k1 -genkey -noout -out privkey.pem
# generate corresponding EC public key
openssl ec -in privkey.pem -pubout -out pubkey.pem
# signing
openssl dgst -sha256 -sign privkey.pem -out document.txt.sig document.txt
# verifing signature
openssl dgst -sha256 -verify pubkey.pem -signature document.txt.sig document.txt
# generate private RSA key
openssl genrsa -des3 -out privkey.pem 4096
# generate public RSA key
openssl rsa -in privkey.pem -pubout -out pubkey.pem
# encrypt file
openssl rsautl -encrypt -pubin -inkey pubkey.pem -in document.txt -out document.txt.sec
# decrypt file
openssl rsautl -decrypt -inkey privkey.pem -in document.txt.sec
# signing
openssl dgst -sha256 -sign privkey.pem -out document.txt.sig document.txt
# verifing signature
openssl dgst -sha256 -verify pubkey.pem -signature document.txt.sig document.txt
# convert ssh privkey to openssl pem privkey
openssl rsa -in ~/.ssh/id_rsa -outform pem -out id_rsa.pem
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment