Created
April 21, 2013 07:09
-
-
Save ql-owo-lp/5428755 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| cp /usr/lib/ssl/openssl.cnf . | |
| chmod 755 ./openssl.cnf | |
| dir="./demoCA" | |
| certs=$dir/certs # Where the issued certs are kept | |
| crl_dir=$dir/crl # Where the issued crl are kept | |
| new_certs_dir=$dir/newcerts # default place for new certs. | |
| database=$dir/index.txt # database index file. | |
| serial=$dir/serial # The current serial number | |
| mkdir -p $certs | |
| mkdir -p $crl_dir | |
| mkdir -p $new_certs_dir | |
| touch $database | |
| echo 1000 > $serial | |
| echo "Now generating CA certificate.." | |
| openssl req -new -x509 -keyout ca.key -out ca.crt -config openssl.cnf | |
| echo "Now generating CSR.." | |
| openssl genrsa -des3 -out server.key 1024 | |
| openssl req -new -key server.key -out server.csr -config openssl.cnf | |
| echo "Now sign the certificate..." | |
| openssl ca -in server.csr -out server.crt -cert ca.crt -keyfile ca.key -config openssl.cnf | |
| # Combine the secret key and certificate into one file | |
| cp server.key server.pem | |
| cat server.crt >> server.pem | |
| # Launch the web server using server.pem | |
| openssl s_server -cert server.pem -www | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # generate public / private key | |
| openssl genrsa -out private.pem 1024 | |
| openssl rsa -in private.pem -out public.pem -outform PEM -pubout | |
| # now do the test | |
| MAX=1000 | |
| echo "Encrypt message.txt with RSA for $MAX times." | |
| time for (( i = 0; i < MAX ; i ++ )) | |
| do | |
| openssl rsautl -encrypt -inkey public.pem -pubin -in message.txt -out message_enc.txt | |
| done | |
| echo "Decrypt message_enc.txt with RSA for $MAX times." | |
| time for (( i = 0; i < MAX ; i ++ )) | |
| do | |
| openssl rsautl -decrypt -inkey private.pem -in message_enc.txt -out message_decry.txt | |
| done | |
| echo "Encrypt message.txt with AES for $MAX times." | |
| time for (( i = 0; i < MAX ; i ++ )) | |
| do | |
| openssl enc -aes-128-cbc -e -in message.txt -out message_enc.txt -K 00112233445566778889aabbccddeeff -iv 0102030405060708 | |
| done | |
| echo "Decrypt message_enc.txt with AES for $MAX times." | |
| time for (( i = 0; i < MAX ; i ++ )) | |
| do | |
| openssl enc -aes-128-cbc -d -in message_enc.txt -out message.txt -K 00112233445566778889aabbccddeeff -iv 0102030405060708 | |
| done | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # generate public / private key | |
| openssl genrsa -out private.pem 1024 | |
| openssl rsa -in private.pem -out public.pem -outform PEM -pubout | |
| # generate hash | |
| echo 'CIS644 - Lab 7' > example.txt | |
| openssl dgst -sha256 < example.txt > example.hash | |
| # sign example | |
| openssl rsautl -sign -inkey private.pem -keyform PEM -in example.hash > example.sha256 | |
| # verify example signature | |
| openssl rsautl -verify -inkey public.pem -keyform PEM -pubin -in example.sha256 > example.sha256.verified | |
| echo 'verifying signature of original example.txt' | |
| diff -s example.sha256.verified example.hash | |
| # Now change the example.txt's content by appending a character | |
| echo 'CIS644 - Lab 7!' > example.changed.txt | |
| # generate new hash | |
| openssl dgst -sha256 < example.changed.txt > example.changed.hash | |
| echo 'verifying signature of modified example.txt' | |
| diff -s example.sha256.verified example.changed.hash |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment