Openssl暗号解読アプリケーション
5611 ワード
1、対称暗号化
(1)fstabを現在のディレクトリにコピーし、暗号化プロセスをテストする
[root@centos7 ~]# cp/etc/fstab ./
fstabをfstabに暗号化する.ciphertextファイル(機密パスワードの設定)
[root@centos7 ~]# openssl enc -e -des3 -a -salt -in fstab -out fstab.ciphertext
enter des-ede3-cbc encryption password:
Verifying - enter des-ede3-cbc encryption password:
暗号化ファイルの表示
[root@centos7 ~]# cat fstab.ciphertext
U2FsdGVkX187Ty1Sik0fuKuo3+XUxha/qfCFRuWWvvLE1eSw5yAtB/oqAGxhiUVn
GxtSKEj6Rg5l2gDWfMrdJDCjWHdHIB8/B+NDC/WTIj00kIGwY1h6DxDjFFePpXHm
Ido2oC6I+PvKujOz4u7xzAT0UTYsL9fr+EBTIXyVfMGlVN/QLrWnJPUHmf5kDQQi
bTLV82M7vgh5CBLu2jSYGRA5TlsP+TNuNZiTWrjbnPVp4tgs6h/ABH4wYZ0lFQFy
bUbEczgQourfxelzD5cXVY8kYHrZSSVTnicBA6S3LdcBxjvnVtz4BdCRZZlZG/Z1
TeV46HptpIB8tnroZU8EzYuJECF1OND4aUTHhCxuAu3RJjaKOO20L2Ts4u7T8fuy
jeA2gi9oijNhPgRo1fZwyNkKLR/GUBunJbcNiqhqIbcy5RxfwAREqwwuC2u+95mA
IFFeMujjg+XoSA4rDJJwmkPEBsp2dLZaX54gHqxEKLeUDUUpMOp6pyJxyfRtGfBq
JUSHKYmA1bKX5wWK0t0uaiY2HH6TPg8doueYRgaa5Xj4BAlmGevWnJ0nB3DfdK6y
PE+0A1hRbbvFCVjk4K7oaHEI5kgKFnpIgZcP2TglOHMEbvbwfuGgZF5NE7VfHgn8
LUWmE8kzCpVttNPKRmU52IVokJSMaaxEo4CP6O1VpYySioS9rpJmmaqRJMQYCSI1
ndWB6gqcsYtRz+KH32B9f6qLH/mqFhjLs3bkpCIyzck=
元のファイルを削除
[root@centos7 ~]# rm fstab
rm:通常ファイル「fstab」を削除しますか?y
テスト復号(暗号化されたパスワードを入力)
[root@centos7 ~]# openssl enc -d -des3 -a -salt -out fstab -in fstab.ciphertext
enter des-ede3-cbc decryption password:
[root@centos7 ~]# cat fstab
2、一方向暗号化
ファイルフィーチャーコードの計算
方法1
[root@centos7 ~]# md5sum fstab
8c2acfcfde2a825c2b176315cc9916aa fstab
方法2
[root@centos7 ~]# openssl dgst -md5 fstab
MD5(fstab)= 8c2acfcfde2a825c2b176315cc9916aa
3、乱数を生成
方法1
[root@centos7 ~]# openssl rand -base64 10
BhI3talqVWOVMg==
方法2
[root@centos7 ~]# openssl rand -hex 10
b343e42cc7d625a2de67
4,パスワードの生成
[root@centos7 ~]# openssl passwd -1 -salt suijishu
Password:
$1$suijishu$kTzp8EjARddLA5r/pbxLW/
5、パスワードをランダムに生成
[root@centos7 ~]# openssl passwd -1 -salt $(openssl rand -hex 4)
Password:
$1$e32e29ac$tlPp6ZD0FuhXTt.pfh.jg0
[root@centos7 ~]# openssl passwd -1 -salt $(openssl rand -hex 4)
$1$297fe332$vd0iYQhqU8EClbKhW.yah.
6,鍵の生成(1024ビット)および公開鍵の抽出
[root@centos7 ~]# openssl genrsa 1024
Generating RSA private key, 1024 bit long modulus
...............++++++
..............................++++++
e is 65537 (0x10001)
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDMVUCBrwsPEmLlbui9vDmyEpYO3BGqDrjtSFzKHPQIKhhlCYu0
4zDTwuwJ5G/Na14SCt6HkRBOJHvlwugQl6q9reK8ITZnTu+IUNFSih/fpYQyrC9z
NkTTjHlwGy+C5yTgSruAzwAmyTMWKl86cGkwKGHJGAr1q+JrCXHL90Ys8wIDAQAB
AoGAZwwbcwtu/VPdci2jzIQPaMG80ZOkiOnR00CqIvfFDhUEpnfQ8BGffzwPQ9Hj
nGooT9sRbLb4zR/TKAVKeYuze/t0t4iQU8Y+/v5yKU0PXzR97rBFVewNMLxejdPK
HZnBUqfI5MzMvns5zlF7G406sO9CTrd+GWFHlP9dJj4MjOECQQD7BLSictRQvQyn
1lJ58DFliPGpeiADcXouOdS+RwmNBcbRUPbgwjTlZX7cJUS17YrNUqIPTNtrSINN
qUK0Kl4DAkEA0GNcucNorpjuq9Bss40lE4k+t1/V0z5zAHRmP6dEvLVImv8yFxCZ
lRsDC3LAGl8oBEaKnvZYKPg6opnrHlt6UQJAPxRGpFAA5K0tQfwMy9G9SAuq1vD2
nIbmsjkcKhjF4Kdj9/PFpmOHUWI5B+9hneosqD4stXWV6hbV0C1Jsua2qwJBAIrq
Md4DzbzWZgRTJKNs69JiI1TKphf0AWXEMoUsVD4X+xaYGCQYBMnI//aZwEXUOTDg
dXgScCKflzbdtEbAZIECQBKuJukydxWHuoawcpLYtS2/Is+p5aOcu5WCrHUVb2Sq
+kcbv0WKS+NbwWk7LgawhE661k9HYfv7o
鍵をファイルに保存する方法
メソッド1、リダイレクト
[root@centos7 ~]# openssl genrsa 1024 >/tmp/key.private
Generating RSA private key, 1024 bit long modulus
............................................++++++
......++++++
e is 65537 (0x10001
方法2,-out
[root@centos7 ~]# openssl genrsa -out/tmp/key.private1 1024
Generating RSA private key, 1024 bit long modulus
.................++++++
........++++++
e is 65537 (0x10001)
権限の完了と鍵の設定の生成
[root@centos7 ~]# (umask 077; openssl genrsa -out/tmp/key.private2 2048)
Generating RSA private key, 2048 bit long modulus
...........+++
.........................+++
e is 65537 (0x10001)
[root@centos7 ~]# ls/tmp -al | grep key
-rw-r--r--.1 root root 887 10月31 22:13 key.private
-rw-r--r--.1 root root 887 10月31 22:14 key.private1
-rw-------.1 root root 1675 10月31 22:16 key.private2
公開鍵の提出:
[root@centos7 ~]# openssl rsa -in/tmp/key.private2 -pubout
writing RSA key
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0JvDHV1FiRcDWdUkoJW
cvRz7MkmNT132Wv9c10jNsA6wKi/eXrEjvMk26O7/xIPAADKXeiCid9pg4GLABOW
+L9QNaOcPNMXvXFFoRiJv+6HHtBuD7eGyIu1qTZhAy+oDPtBryQzH9z3M6vlhuTb
58AhLqTksNaGAjkKbKzjW7jSHNHEH+ftOrSrbsQgyE8Q5aAriMdrQhTW/2Ufpp/q
7g1g4WyQrT/dXAuejo6D8+EoGSJkROCRJKbF3fIZWGG1rD7UzfZVtunsRjW+DKDc
uHbo0MUk/eGSQT1OVvHLMYi/rdZJ0v2pcLafvYOx/+hmRBz+ez4XAathaCsT2leI
bQIDAQAB
-----END PUBLIC KEY-----
(1)fstabを現在のディレクトリにコピーし、暗号化プロセスをテストする
[root@centos7 ~]# cp/etc/fstab ./
fstabをfstabに暗号化する.ciphertextファイル(機密パスワードの設定)
[root@centos7 ~]# openssl enc -e -des3 -a -salt -in fstab -out fstab.ciphertext
enter des-ede3-cbc encryption password:
Verifying - enter des-ede3-cbc encryption password:
暗号化ファイルの表示
[root@centos7 ~]# cat fstab.ciphertext
U2FsdGVkX187Ty1Sik0fuKuo3+XUxha/qfCFRuWWvvLE1eSw5yAtB/oqAGxhiUVn
GxtSKEj6Rg5l2gDWfMrdJDCjWHdHIB8/B+NDC/WTIj00kIGwY1h6DxDjFFePpXHm
Ido2oC6I+PvKujOz4u7xzAT0UTYsL9fr+EBTIXyVfMGlVN/QLrWnJPUHmf5kDQQi
bTLV82M7vgh5CBLu2jSYGRA5TlsP+TNuNZiTWrjbnPVp4tgs6h/ABH4wYZ0lFQFy
bUbEczgQourfxelzD5cXVY8kYHrZSSVTnicBA6S3LdcBxjvnVtz4BdCRZZlZG/Z1
TeV46HptpIB8tnroZU8EzYuJECF1OND4aUTHhCxuAu3RJjaKOO20L2Ts4u7T8fuy
jeA2gi9oijNhPgRo1fZwyNkKLR/GUBunJbcNiqhqIbcy5RxfwAREqwwuC2u+95mA
IFFeMujjg+XoSA4rDJJwmkPEBsp2dLZaX54gHqxEKLeUDUUpMOp6pyJxyfRtGfBq
JUSHKYmA1bKX5wWK0t0uaiY2HH6TPg8doueYRgaa5Xj4BAlmGevWnJ0nB3DfdK6y
PE+0A1hRbbvFCVjk4K7oaHEI5kgKFnpIgZcP2TglOHMEbvbwfuGgZF5NE7VfHgn8
LUWmE8kzCpVttNPKRmU52IVokJSMaaxEo4CP6O1VpYySioS9rpJmmaqRJMQYCSI1
ndWB6gqcsYtRz+KH32B9f6qLH/mqFhjLs3bkpCIyzck=
元のファイルを削除
[root@centos7 ~]# rm fstab
rm:通常ファイル「fstab」を削除しますか?y
テスト復号(暗号化されたパスワードを入力)
[root@centos7 ~]# openssl enc -d -des3 -a -salt -out fstab -in fstab.ciphertext
enter des-ede3-cbc decryption password:
[root@centos7 ~]# cat fstab
#
# /etc/fstab
# Created by anaconda on Wed Oct 24 06:00:20 2018
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=1357b48c-e338-4292-a617-994e50b64e94 /boot xfs defaults 0 0
/dev/mapper/centos-home /home xfs defaults 0 0
/dev/mapper/centos-swap swap swap defaults 0 0
2、一方向暗号化
ファイルフィーチャーコードの計算
方法1
[root@centos7 ~]# md5sum fstab
8c2acfcfde2a825c2b176315cc9916aa fstab
方法2
[root@centos7 ~]# openssl dgst -md5 fstab
MD5(fstab)= 8c2acfcfde2a825c2b176315cc9916aa
3、乱数を生成
方法1
[root@centos7 ~]# openssl rand -base64 10
BhI3talqVWOVMg==
方法2
[root@centos7 ~]# openssl rand -hex 10
b343e42cc7d625a2de67
4,パスワードの生成
[root@centos7 ~]# openssl passwd -1 -salt suijishu
Password:
$1$suijishu$kTzp8EjARddLA5r/pbxLW/
5、パスワードをランダムに生成
[root@centos7 ~]# openssl passwd -1 -salt $(openssl rand -hex 4)
Password:
$1$e32e29ac$tlPp6ZD0FuhXTt.pfh.jg0
[root@centos7 ~]# openssl passwd -1 -salt $(openssl rand -hex 4)
$1$297fe332$vd0iYQhqU8EClbKhW.yah.
6,鍵の生成(1024ビット)および公開鍵の抽出
[root@centos7 ~]# openssl genrsa 1024
Generating RSA private key, 1024 bit long modulus
...............++++++
..............................++++++
e is 65537 (0x10001)
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDMVUCBrwsPEmLlbui9vDmyEpYO3BGqDrjtSFzKHPQIKhhlCYu0
4zDTwuwJ5G/Na14SCt6HkRBOJHvlwugQl6q9reK8ITZnTu+IUNFSih/fpYQyrC9z
NkTTjHlwGy+C5yTgSruAzwAmyTMWKl86cGkwKGHJGAr1q+JrCXHL90Ys8wIDAQAB
AoGAZwwbcwtu/VPdci2jzIQPaMG80ZOkiOnR00CqIvfFDhUEpnfQ8BGffzwPQ9Hj
nGooT9sRbLb4zR/TKAVKeYuze/t0t4iQU8Y+/v5yKU0PXzR97rBFVewNMLxejdPK
HZnBUqfI5MzMvns5zlF7G406sO9CTrd+GWFHlP9dJj4MjOECQQD7BLSictRQvQyn
1lJ58DFliPGpeiADcXouOdS+RwmNBcbRUPbgwjTlZX7cJUS17YrNUqIPTNtrSINN
qUK0Kl4DAkEA0GNcucNorpjuq9Bss40lE4k+t1/V0z5zAHRmP6dEvLVImv8yFxCZ
lRsDC3LAGl8oBEaKnvZYKPg6opnrHlt6UQJAPxRGpFAA5K0tQfwMy9G9SAuq1vD2
nIbmsjkcKhjF4Kdj9/PFpmOHUWI5B+9hneosqD4stXWV6hbV0C1Jsua2qwJBAIrq
Md4DzbzWZgRTJKNs69JiI1TKphf0AWXEMoUsVD4X+xaYGCQYBMnI//aZwEXUOTDg
dXgScCKflzbdtEbAZIECQBKuJukydxWHuoawcpLYtS2/Is+p5aOcu5WCrHUVb2Sq
+kcbv0WKS+NbwWk7LgawhE661k9HYfv7o
鍵をファイルに保存する方法
メソッド1、リダイレクト
[root@centos7 ~]# openssl genrsa 1024 >/tmp/key.private
Generating RSA private key, 1024 bit long modulus
............................................++++++
......++++++
e is 65537 (0x10001
方法2,-out
[root@centos7 ~]# openssl genrsa -out/tmp/key.private1 1024
Generating RSA private key, 1024 bit long modulus
.................++++++
........++++++
e is 65537 (0x10001)
権限の完了と鍵の設定の生成
[root@centos7 ~]# (umask 077; openssl genrsa -out/tmp/key.private2 2048)
Generating RSA private key, 2048 bit long modulus
...........+++
.........................+++
e is 65537 (0x10001)
[root@centos7 ~]# ls/tmp -al | grep key
-rw-r--r--.1 root root 887 10月31 22:13 key.private
-rw-r--r--.1 root root 887 10月31 22:14 key.private1
-rw-------.1 root root 1675 10月31 22:16 key.private2
公開鍵の提出:
[root@centos7 ~]# openssl rsa -in/tmp/key.private2 -pubout
writing RSA key
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0JvDHV1FiRcDWdUkoJW
cvRz7MkmNT132Wv9c10jNsA6wKi/eXrEjvMk26O7/xIPAADKXeiCid9pg4GLABOW
+L9QNaOcPNMXvXFFoRiJv+6HHtBuD7eGyIu1qTZhAy+oDPtBryQzH9z3M6vlhuTb
58AhLqTksNaGAjkKbKzjW7jSHNHEH+ftOrSrbsQgyE8Q5aAriMdrQhTW/2Ufpp/q
7g1g4WyQrT/dXAuejo6D8+EoGSJkROCRJKbF3fIZWGG1rD7UzfZVtunsRjW+DKDc
uHbo0MUk/eGSQT1OVvHLMYi/rdZJ0v2pcLafvYOx/+hmRBz+ez4XAathaCsT2leI
bQIDAQAB
-----END PUBLIC KEY-----