OpenSSLWiki - User contributions [en]

Mailing Lists

2013-07-06T13:32:45Z

Frukto: link to mailing lists page added

There are four mailing lists, see [http://www.openssl.org/support/community.html mailing lists].

Main Page

2013-07-06T13:27:21Z

Frukto: OpenSSL Quick Links: 'Mailing Lists' added

If this is your first visit or to get an account please see the [[Welcome]] page. Your participation and [[Contributions]] are valued.

This wiki is intended as a place for collecting, organizing, and refining useful information about OpenSSL that is currently strewn among multiple locations and formats.

== OpenSSL Quick Links ==

<TABLE border=0>
<TR>
<TD>[[OpenSSL Overview]]</TD>
<TD>[[Image:HTAB.png]][[Image:HTAB.png]]</TD>
<TD>[[Compilation and Installation]]</TD>
<TD>[[Image:HTAB.png]][[Image:HTAB.png]]</TD>
<TD>[[Internals]]</TD>
<TD>[[Image:HTAB.png]][[Image:HTAB.png]]</TD>
<TD>[[Mailing Lists]] </TD>
</TR>
<TR>
<TD>[[libcrypto API]]</TD>
<TD>[[Image:HTAB.png]][[Image:HTAB.png]]</TD>
<TD>[[libssl API]]</TD>
<TD>[[Image:HTAB.png]][[Image:HTAB.png]]</TD>
<TD>[[Examples]] </TD>
</TR>
<TR>
<TD>[[License]] </TD>
<TD>[[Image:HTAB.png]][[Image:HTAB.png]]</TD>
<TD>[[Command Line Utilities]]</TD>
<TD>[[Image:HTAB.png]][[Image:HTAB.png]]</TD>
<TD>[[Related Links]]</TD>
</TR>
</TABLE>

== Administrivia ==
Site guidelines, legal and admininstrative issues.
:* [[Basic rules]], [[Commercial Product Disclaimer]], [[Contributions]], [[Copyright]], [[License]]
:* Using This Wiki
:: [http://meta.wikimedia.org/wiki/Help:Contents Wiki User's Guide], [http://www.mediawiki.org/wiki/Manual:Configuration_settings Configuration settings list], [http://www.mediawiki.org/wiki/Manual:FAQ MediaWiki FAQ], [https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce MediaWiki Mailing List]

== Reference ==
This section contains the automagically generated man pages from the OpenSSL git repository, and similar "man" style reference documentation. The man pages are automatically imported from the OpenSSL git repository and local wiki modifications are submitted as patches.
:* OpenSSL Manual Pages
::* [[Manual:Openssl(1)]], [[Manual:Ssl(3)]], [[Manual:Crypto(3)]], [[Documentation Index]]
:: If you wish to edit any of the Manual page content please refer to the [[Guidelines for Manual Page Authors]] page.
:* [[API]], [[Libcrypto API]], [[Libssl API]]
:* [[FIPS mode()]], [[FIPS_mode_set()]]

== Usage and Programming ==
This section has discussions of practical issues in using OpenSSL
:* Building from Source
:: Where to find it, the different versions, how to build and install it.
:* [[OpenSSL Overview]]
:* [[Versioning]]
:* [[Compilation and Installation]]
:* [[EVP]]
:: Programming techniques and example code
:: Use of EVP is preferred for most applications and circumstances
::* [[EVP Asymmetric Encryption and Decryption of an Envelope]]
::* [[EVP Authenticated Encryption and Decryption]]
::* [[EVP Symmetric Encryption and Decryption]]
::* [[EVP Key and Parameter Generation]]
::* [[EVP Key Agreement]]
::* [[EVP Message Digests]]
::* [[EVP Key Derivation]]
::* [[EVP Signing and Verifying|EVP Signing and Verifying (including MAC codes)]]
:* Low Level APIs
:: More specialized non-EVP usage
::* [[Diffie-Hellman parameters]]

== Concepts and Theory ==
Discussions of basic cryptographic theory and concepts
Discussions of common operational issues
:* [[Base64]]
:* [[FIPS 140-2]]
:* [[Random Numbers]]
:* [[Diffie Hellman]]
:* [[Elliptic Curve Diffie Hellman]]
:* [[Elliptic Curve Cryptography]]

== Internals and Development ==
This section is for internal details of primary interest to OpenSSL maintainers and power users
:* [[Internals]]
:* [[Code Quality]]
:* [[Static and Dynamic Analysis]]

Compilation and Installation

2013-07-06T13:13:58Z

Frukto: cleaned up 'getting source code' additional links and explanation added.

== Get source code ==

The OpenSSL source code can be downloaded from [http://www.openssl.org/source/ www.openssl.org/source/] or any suitable [http://www.openssl.org/source/mirror.html ftp mirror]. There are various versions including stable as well as unstable versions.

The source code is manged via Git, the repository is

: git://git.openssl.org/openssl.git

The source is also available via a [https://github.com/openssl/openssl GitHub] mirror. This repository is updated every 15 minutes.

If you don't know what Git is or how to use it, see the introduction at the [http://git-scm.com/documentation Git documentation] page. Once you installed git you can use
<pre>
$ git clone git://git.openssl.org/openssl.git
</pre>

in an empty directory to download the latest (development) version. There are other branches available as well.

== Compilation ==

once you untarred source ( or got it from a source control ) best is to look at README provided in it.

cat README

where you will understand that you have to read another file INSTALL :

cat INSTALL

Depending on your platform you will have to pick up the right INSTALL by example INSTALL.W64.
Default is for Unix based systems.

==== Quick ====

<pre>./config <nowiki><options ...></nowiki>
make depend
make
make test
make install</pre>

Various options can be found examining the <tt>Configure</tt> file (there is a well commented block at its top). OpenSSL ships with SSLv2, SSLv3 and Compression enabled by default (see <tt>my $disabled</tt>), so you might want to use <tt>-no-ssl2</tt>, <tt>-no-ssl3</tt>, and <tt>-no-comp</tt>.

== Platfom specific ==

=== Linux ===

==== Intel ====

==== ARM ====

=== Windows ===

==== W32 / Windows NT - Windows 9x ====

type INSTALL.W32

* you need Perl for Win32. Unless you will build on Cygwin, you will need ActiveState Perl, available from http://www.activestate.com/ActivePerl.
* one of the following C compilers:
** Visual C++
** Borland C
** GNU C (Cygwin or MinGW)
* Netwide Assembler, a.k.a. NASM, available from http://nasm.sourceforge.net/ is required if you intend to utilize assembler modules. Note that NASM is now the only supported assembler.

==== W64 ====

type INSTALL.W64

basically some specific 64bits information, default Windows build information is still in INSTALL.W32

==== Windows CE ====

=== Mac ===

=== More ===

==== VAX/VMS ====

I you wonder what are files ending with .com like test/testca.com those are VAX/VMX scripts.
This code is still maintained.

==== OS/2 ====

==== NetWare ====

5.x 6.x

[[Category:Shell level]]
[[Category:Installation]]
[[Category:Compilation]]

Talk:Enc

2013-07-06T12:07:24Z

Frukto: /* Zlib compression */

==Rarely Used -K option==

"This is rarely used, normally you specify a password from which a key is derived."

Is this true? Does it not depend fairly heavily on your use case? Just not sure what the basis for this statement is.

--[[User:Matt|Matt]] 21:39, 27 June 2013 (UTC)

Probably you are right. Its a biased statement. I'll change it.

--[[User:Frukto|Frukto]] 07:27, 28 June 2013 (UTC)

==Zlib compression==

"Use this flag to enable zlib-compression. After a file is encrypted (and maybe base64 encoded) it will be compressed via zlib. Vice versa while decrypting, zlib will be applied first."

I think this happens the other way around. Doesn't compression occur '''before''' encryption, or '''after''' decryption? It doesn't make sense to do it the other way around - after encryption the data will appear indistinguishable from random data, and therefore should not have any appreciable ability to be compressed.

--[[User:Matt|Matt]] 12:17, 5 July 2013 (UTC)

Yes, i had the same question. But i tried it and it works actually like this: encryption -> base64 -> zlib

encrypt + unzip:

$ openssl enc -des -in message.plain -a -out message.enc -nosalt -z

$ printf "\x1f\x8b\x08\x00\x00\x00\x00\x00" |cat - message.enc | gzip -dc

gives the same as:

$ openssl enc -des -in message.plain -a -out message.enc -nosalt

--[[User:Frukto|Frukto]] 14:05, 5 July 2013 (UTC)

Interesting. I checked the source code and you appear to be right. The manual page however says this about -z:
"Compress or decompress clear text using zlib before encryption or after decryption. This option exists only if OpenSSL with compiled with zlib or zlib-dynamic option. "

--[[User:Matt|Matt]] 11:41, 6 July 2013 (UTC)

Maybe, I should file a bug? I mean as you pointed out, the point of encryption is, in some sense, to maximize entropy. It does not make sense to compress afterwards. I don't know what was intended, but as you cite (actually i didn't check) the man page, it is a bug? But obviously nobody is using it, it would have been noticed immediately.

--[[User:Frukto|Frukto]] 12:07, 6 July 2013 (UTC)

==Block size vs Key size==

I changed references to block size to key size as I think that is what you meant. AES-256 has a 256-bit key. The block size is always 128 bits for AES.

--[[User:Matt|Matt]] 11:41, 6 July 2013 (UTC)

Yes sure, thx.

--[[User:Frukto|Frukto]] 11:57, 6 July 2013 (UTC)

Talk:Enc

2013-07-06T12:06:58Z

Frukto: /* Zlib compression */

==Rarely Used -K option==

"This is rarely used, normally you specify a password from which a key is derived."

Is this true? Does it not depend fairly heavily on your use case? Just not sure what the basis for this statement is.

--[[User:Matt|Matt]] 21:39, 27 June 2013 (UTC)

Probably you are right. Its a biased statement. I'll change it.

--[[User:Frukto|Frukto]] 07:27, 28 June 2013 (UTC)

==Zlib compression==

"Use this flag to enable zlib-compression. After a file is encrypted (and maybe base64 encoded) it will be compressed via zlib. Vice versa while decrypting, zlib will be applied first."

I think this happens the other way around. Doesn't compression occur '''before''' encryption, or '''after''' decryption? It doesn't make sense to do it the other way around - after encryption the data will appear indistinguishable from random data, and therefore should not have any appreciable ability to be compressed.

--[[User:Matt|Matt]] 12:17, 5 July 2013 (UTC)

Yes, i had the same question. But i tried it and it works actually like this: encryption -> base64 -> zlib

encrypt + unzip:

$ openssl enc -des -in message.plain -a -out message.enc -nosalt -z

$ printf "\x1f\x8b\x08\x00\x00\x00\x00\x00" |cat - message.enc | gzip -dc

gives the same as:

$ openssl enc -des -in message.plain -a -out message.enc -nosalt

--[[User:Frukto|Frukto]] 14:05, 5 July 2013 (UTC)

Interesting. I checked the source code and you appear to be right. The manual page however says this about -z:
"Compress or decompress clear text using zlib before encryption or after decryption. This option exists only if OpenSSL with compiled with zlib or zlib-dynamic option. "

--[[User:Matt|Matt]] 11:41, 6 July 2013 (UTC)

Maybe, I should file a bug? I mean as you pointed out, the point of encryption is, in some sense, to maximize entropy. It does not make sense to compress afterwards. I don't know what was intended, but as you cite (actually i didn't check) the man page, it is a bug? But obviously nobody is using it, it would have been noticed immediately.

==Block size vs Key size==

I changed references to block size to key size as I think that is what you meant. AES-256 has a 256-bit key. The block size is always 128 bits for AES.

--[[User:Matt|Matt]] 11:41, 6 July 2013 (UTC)

Yes sure, thx.

--[[User:Frukto|Frukto]] 11:57, 6 July 2013 (UTC)

Talk:Enc

2013-07-06T11:57:03Z

Frukto: /* Block size vs Key size */

==Rarely Used -K option==

"This is rarely used, normally you specify a password from which a key is derived."

Is this true? Does it not depend fairly heavily on your use case? Just not sure what the basis for this statement is.

--[[User:Matt|Matt]] 21:39, 27 June 2013 (UTC)

Probably you are right. Its a biased statement. I'll change it.

--[[User:Frukto|Frukto]] 07:27, 28 June 2013 (UTC)

==Zlib compression==

"Use this flag to enable zlib-compression. After a file is encrypted (and maybe base64 encoded) it will be compressed via zlib. Vice versa while decrypting, zlib will be applied first."

I think this happens the other way around. Doesn't compression occur '''before''' encryption, or '''after''' decryption? It doesn't make sense to do it the other way around - after encryption the data will appear indistinguishable from random data, and therefore should not have any appreciable ability to be compressed.

--[[User:Matt|Matt]] 12:17, 5 July 2013 (UTC)

Yes, i had the same question. But i tried it and it works actually like this: encryption -> base64 -> zlib

encrypt + unzip:

$ openssl enc -des -in message.plain -a -out message.enc -nosalt -z

$ printf "\x1f\x8b\x08\x00\x00\x00\x00\x00" |cat - message.enc | gzip -dc

gives the same as:

$ openssl enc -des -in message.plain -a -out message.enc -nosalt

--[[User:Frukto|Frukto]] 14:05, 5 July 2013 (UTC)

Interesting. I checked the source code and you appear to be right. The manual page however says this about -z:
"Compress or decompress clear text using zlib before encryption or after decryption. This option exists only if OpenSSL with compiled with zlib or zlib-dynamic option. "

--[[User:Matt|Matt]] 11:41, 6 July 2013 (UTC)

==Block size vs Key size==

I changed references to block size to key size as I think that is what you meant. AES-256 has a 256-bit key. The block size is always 128 bits for AES.

--[[User:Matt|Matt]] 11:41, 6 July 2013 (UTC)

Yes sure, thx.

--[[User:Frukto|Frukto]] 11:57, 6 July 2013 (UTC)

Enc

2013-07-06T11:22:49Z

Frukto: Completed (and reordered) the option list, added an 'enc -K' example.

This page describes the command line tools for encryption and decryption. [[enc|Enc]] is used for various block and stream ciphers using keys based on passwords or explicitly provided. It can also be used for Base64 encoding or decoding.

===Synopsis===

The basic usage is to specify a ciphername and various options describing the actual task.

<pre>
$ openssl enc -ciphername [options]
</pre>

You can obtain an incomplete help message by using an invalid option, eg. '''-help'''.

===Cipher alogorithms===

To get a list of available ciphers you can use the '''list-cipher-algorithms''' command
<pre>
$ openssl list-cipher-algorithms
</pre>

The output gives you a list of ciphers with its variations in [[block size]] and [[mode of operation]]. For example '''AES-256-CBC''' for [[AES]] with blocksize 256 in [[CBC|CBC-mode]]. Some ciphers also have short names, for example the one just mentioned is also known as '''aes256'''. These names are case insensitive. In addition '''none''' is a valid ciphername. This algorithms does nothing at all.
===Options===
The list of options is rather long.

;-in ''filename''
:This specifies the input file.

;-out ''filename''
:This specifies the output file. It will be created or overwritten if it already exists.

;-e or -d
: This specifies whether to encrypt ('''-e''') or to decrypt ('''-d'''). Encryption is the default. Of course you have to get all the other options right in order for it to function properly. In particular it is necessary to give the correct cipher-name as well as '''-a''', '''-A''' or '''-z''' options.

;-a, -A, -base64
: These flags tell OpenSSL to apply [[Base64]]-encoding before or after the cryptographic operation. The '''-a''' and '''-base64''' are equivalent. If you want to decode a base64 file it is necessary to use the '''-d''' option. By default the encoded file has a line break every 64 characters. To suppress this you can use ''in addition'' to '''-base64''' the '''-A''' flag. This will produce a file with no line breaks at all. You can use these flags just for [[#Base64 Encoding|encoding Base64]] without any ciphers involved.

;-bufsize ''n''
: Specify the buffer size. This concerns only internal buffers. It has nothing to do with the cryptographic algorithms in question.

;-debug
: Enable debugging output. This does not include any sensitive information. See also '''-P'''.

;-engine ''id''
: Specify an [[engine]] for example to use special hardware.

;-iv ''IV''
: This specifies the [[initialization vector]] ''IV'' as hexadecimal number. If not explicitly given it will be derived from the password. See key derivation for details.

;-k ''password'', -kfile ''filename''
: Both option are used to specify a password or a file containing the password which is used for key derivation. However '''they are deprecated'''. You should use the ''-pass'' option instead. The equivalents are '''-pass pass:'''''password'' and '''-pass: pass:'''''filename'' respectively.

;-K ''key''
: This option allows you to set the ''key'' used for encryption or decryption. This is the key directly used by the cipher algorithm. If no key is given OpenSSL will derive it from a password. This process is described in PKCS5#5 (RFC-2898).

;-md ''messagedigest''
: This specifies the message digest which is used for key derivation. It can take one of the values '''md2''', '''md5''', '''sha''' or '''sha1'''.

;-nopad
: This disables standard padding.

;-salt, -nosalt, -S ''salt''
: These options allow to switch [[Salt|salting]] on or off. With '''-S''' ''salt'' it is possible to explicitly give its value (in hexadecimal).

;-p, -P
: Additionally to any encryption tasks, this prints the key, initialization vector and salt value (if used). If '''-P''' is used just these values are printed, no encryption will take place.

;-pass ''arg''
: This specifies the password source. Possible values for ''arg'' are '''pass:'''''password''''' or '''pass:'''''filename''''', where ''password'' is your password and ''filename'' file containing the password.

;-z
: Use this flag to enable [http://www.zlib.net/ zlib-compression]. After a file is encrypted (and maybe base64 encoded) it will be compressed via zlib. Vice versa while decrypting, zlib will be applied first.

===Examples===
====Base64 Encoding====
To encode a file ''text.plain'' you can use
<pre>
$ openssl enc -base64 -in text.plain -out text.base64
</pre>

To decode a file the the decrypt option ('''-d''') has to be used

<pre>
$ openssl enc -d -base64 -in text.base64 -out text.plain
</pre>

====Encryption====

=====Basic Usage=====
The most basic way to encrypt a file is this
<pre>
$ openssl enc -aes256 -base64 -in some.secret -out some.secret.enc
enter aes-256-cbc encryption password :
Verifying - enter aes-256-cbc encryption password :
</pre>

It will encrypt the file ''some.secret'' using the [[AES|AES-cipher]] in [[CBC|CBC-mode]]. The result will be Base64 encoded and written to ''some.secret.enc''. OpenSSL will ask for password which is used to derive a key as well the initialization vector.
Since encryption is the default, it is not necessary to use the '''-e''' option.

=====Use a given Key=====

It also possible to specify the key directly. For most [[modes of operations]] (i.e. all non-ECB modes) it is then necessary to specify an initialization vector. Usually it is derived together with the key form a password. And as there is no password, also all salting options are obsolete.

The key and the IV are given in hex. Their length depending on the cipher and block size in question.

<pre>
$ openssl enc -des-ecb -K e0e0e0e0f1f1f1f1 -in mesg.plain -out mesg.enc
</pre>

The key above is one of 16 [http://en.wikipedia.org/wiki/Weak_key weak DES keys]. It should not be used in practice.

[[Category:Shell level]]

Talk:Enc

2013-07-05T14:05:13Z

Frukto: /* Zlib compression */

Enc

2013-07-05T11:29:56Z

Frukto: added some more options, still some are missing

This page describes the command line tools for encryption and decryption. [[enc|Enc]] is used for various block and stream ciphers using keys based on passwords or explicitly provided. It can also be used for Base64 encoding or decoding.

===Synopsis===

The basic usage is to specify a ciphername and various options describing the actual task.

<pre>
$ openssl enc -ciphername [options]
</pre>

You can obtain an incomplete help message by using an invalid option, eg. '''-help'''.

===Cipher alogorithms===

To get a list of available ciphers you can use the '''list-cipher-algorithms''' command
<pre>
$ openssl list-cipher-algorithms
</pre>

The output gives you a list of ciphers with its variations in block size an mode of operation. For example '''AES-256-CBC''' for [[AES]] with blocksize 256 in [[CBC|CBC-mode]]. Some ciphers also have short names, for example the one just mentioned is also known as '''aes256'''. These names are case insensitive. In addition '''none''' is a valid ciphername. This algorithms does nothing at all.
===Options===
The list of options is rather long.

;-in ''filename''
:This specifies the input file.

;-out ''filename''
:This specifies the output file. It will be created or overwritten if it already exists.

;-e or -d
: This specifies whether to encrypt ('''-e''') or to decrypt ('''-d'''). Encryption is the default. Of course you have to get all the other options right in order for it to function properly. In particular it is necessary to give the correct cipher-name as well as '''-a''', '''-A''' or '''-z''' options.

;-base64, -a, -A
: These flags tell OpenSSL to apply [[Base64]]-encoding before or after the cryptographic operation. The '''-a''' and '''-base64''' are equivalent. If you want to decode a base64 file it is necessary to use the '''-d''' option. By default the encoded file has a line break every 64 characters. To suppress this you can use ''in addition'' to '''-base64''' the '''-A''' flag. This will produce a file with no line breaks at all. You can use these flags just for [[#Base64 Encoding|encoding Base64]] without any ciphers involved.

;-pass ''arg''
: This specifies the password source. Possible values for ''arg'' are '''pass:'''''password''''' or '''pass:'''''filename''''', where ''password'' is your password and ''filename'' file containing the password.

;-k ''password'', -kfile ''filename''
: Both option are used to specify a password or a file containing the password which is used for key derivation. However '''they are deprecated'''. You should use the ''-pass'' option instead. The equivalents are '''-pass pass:'''''password'' and '''-pass: pass:'''''filename'' respectively.

;-K ''key''
: This option allows you to set the ''key'' used for encryption or decryption. This is the key directly used by the cipher algorithm. If no key is given OpenSSL will derive it from a password. This process is described in PKCS5#5 (RFC-2898).

;-md ''messagedigest''
: This specifies the message digest which is used for key derivation. It can take one of the values '''md2''', '''md5''', '''sha''' or '''sha1'''.

;-iv ''IV''
: This specifies the initialization vector ''IV'' as hexadecimal number. If not explicitly given it will be derived from the password. See key derivation for details.

;-salt, -nosalt, -S ''salt''
: These options allow to switch [[Salt|salting]] on or off. With '''-S''' ''salt'' it is possible to explicitly give its value (in hexadecimal).

;-p, -P
: Additionally to any encryption tasks, this prints the key, initialization vector and salt value (if used). If '''-P''' is used just these values are printed, no encryption will take place.

;-nopad
: This disables standard padding.

;-z
: Use this flag to enable [http://www.zlib.net/ zlib-compression]. After a file is encrypted (and maybe base64 encoded) it will be compressed via zlib. Vice versa while decrypting, zlib will be applied first.

===Examples===
====Base64 Encoding====
To encode a file ''text.plain'' you can use
<pre>
$ openssl enc -base64 -in text.plain -out text.base64
</pre>

To decode a file the the decrypt option ('''-d''') has to be used

<pre>
$ openssl enc -d -base64 -in text.base64 -out text.plain
</pre>

====Encryption====

The most basic way to encrypt a file is this
<pre>
$ openssl enc -des -base64 -in some.secret -out some.secret.enc
enter des-cbc encryption password :
Verifying - enter des-cbc encryption password :
</pre>

It will encrypt the file ''some.secret'' using the [[DES|DES-cipher]] in [[CBC|CBC-mode]]. The result will be base64 encoded and written to ''some.secret.enc''. OpenSSL will ask for password which is used to derive a key as well the [[initialization vector]].
Since encryption is the default, it is not necessary to use the '''-e''' option.

Enc

2013-06-28T07:47:37Z

Frukto:

Talk:Enc

2013-06-28T07:27:13Z

Frukto: /* Rarely Used -K option */

Enc

2013-06-27T18:13:23Z

Frukto:

Standard commands

2013-06-27T10:33:41Z

Frukto: page creation, a list of all standard commands

The OpenSSL [[standard commands]] can be listed via
<pre>
$ openssl list-standard-commands
</pre>

Besides there are also [[cipher commands]] and [[message-digest commands]]. You can use these like

<pre>
$ openssl command [options]
</pre>

The Options heavily depend on the command. Please consult the dedicated pages.

===List of standard commands===

*asn1parse
*ca
*ciphers
*cms
*crl
*crl2pkcs7
*dgst
*dh
*dhparam
*dsa
*dsaparam
*ec
*ecparam
*[[enc]] - encryption and decryption tasks with symmetric ciphers.
*engine
*errstr
*gendh
*gendsa
*genpkey
*genrsa
*nseq
*ocsp
*passwd
*pkcs12
*pkcs7
*pkcs8
*pkey
*pkeyparam
*pkeyutl
*prime
*rand
*req
*rsa
*rsautl
*s_client
*s_server
*s_time
*sess_id
*smime
*speed
*spkac
*srp
*ts
*verify
*version
*x509

User:Frukto

2013-06-27T08:25:38Z

Frukto:

I am math student in Berlin, Germany. I'm interested in cryptography, its theory as well its real world applications. OpenSSL is a great tool but its documentation is a huge mess (yet). I donate some (rare) spare time to this wiki and hope some day OpenSSL is an excellent piece of well documented software.

===Current Work===

At the moment i try to get the command line documentation right. I think this is one of the starting points to the world of OpenSSL. So its a good idea to do this properly not to scare off any interested newcomers.

User:Frukto

2013-06-27T08:19:28Z

Frukto: Created page with "I am math student in Berlin, Germany. I'm interested in cryptography, its theory as well its real world applications. OpenSSL is a great tool but its documentation is a huge mess…"

Enc

2013-06-27T08:10:51Z

Frukto: added some more options and first examples, still a lot to do

Enc

2013-06-26T17:18:17Z

Frukto: Page creation, its just the beginning. I started by listing some options. more will follow soon

Command Line Utilities

2013-06-26T16:57:31Z

Frukto: inserted link to the 'enc' page

[http://www.openssl.org/docs/apps/openssl.html OpenSSL site command line tools]

=== Getting started with your openssl toolkit ===

When installed on your system openssl binary (usually /usr/bin/openssl on linux) is an entry point for many functions. You call it following the pattern
<pre>
$ openssl command [ command_opts ] [ command_args ]
</pre>

Alternatively you can call it without arguments to enter the interactive mode with an 'OpenSSL>' prompt. Then you can directly type your commands. You can leave the interactive mode with Ctrl+C or Ctrl+D or by typing 'quit':
<pre>
OpenSSL> quit
</pre>

There are three different kinds of commands. These are [[standard commands]], [[cipher commands]], and [[message-digest commands]]. In the following an overview over some commands is given. These are grouped by purpose and not necessarily by the classification just mentioned.

=== Learn about your installation ===

==== List commands by type ====

You can get a list of available commands by calling

<pre>
$ openssl list-standard-commands
$ openssl list-cipher-commands
$ openssl list-message-digest-commands
</pre>

==== version ====

OpenSSL> version
OpenSSL 1.0.1e 11 Feb 2013

==== ciphers ====

returns SSL/TLS ciphers supported.

<pre>
OpenSSL> ciphers
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:PSK-3DES-EDE-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:PSK-AES128-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5
</pre>

openssl list-cipher-algorithms

openssl list-public-key-algorithms
<pre>
Name: OpenSSL RSA method
Type: Builtin Algorithm
OID: rsaEncryption
PEM string: RSA
Name: rsa
Type: Alias to rsaEncryption
Name: OpenSSL PKCS#3 DH method
Type: Builtin Algorithm
OID: dhKeyAgreement
PEM string: DH
Name: dsaWithSHA
Type: Alias to dsaEncryption
Name: dsaEncryption-old
Type: Alias to dsaEncryption
Name: dsaWithSHA1-old
Type: Alias to dsaEncryption
Name: dsaWithSHA1
Type: Alias to dsaEncryption
Name: OpenSSL DSA method
Type: Builtin Algorithm
OID: dsaEncryption
PEM string: DSA
Name: OpenSSL EC algorithm
Type: Builtin Algorithm
OID: id-ecPublicKey
PEM string: EC
Name: OpenSSL HMAC method
Type: Builtin Algorithm
OID: hmac
PEM string: HMAC
Name: OpenSSL CMAC method
Type: Builtin Algorithm
OID: cmac
PEM string: CMAC
</pre>

==== engine ====

OpenSSL> engine
(rsax) RSAX engine support
(dynamic) Dynamic engine loading support

==== speed ====

returns informations of toolkit performance on cryptographic functions computations.

( Ex: on Linux 3.1.0-1-amd64 #1 SMP x86_64 GNU/Linux, HP dv7 i7 4Gb )

<pre>
Doing md4 for 3s on 16 size blocks: 12430613 md4's in 3.00s
...
Doing md5 for 3s on 16 size blocks: 8943943 md5's in 2.99s
Doing md5 for 3s on 64 size blocks: 6560162 md5's in 3.00s
Doing md5 for 3s on 256 size blocks: 3674563 md5's in 3.00s
Doing md5 for 3s on 1024 size blocks: 1325803 md5's in 3.00s
Doing md5 for 3s on 8192 size blocks: 190271 md5's in 3.00s
Doing hmac(md5) for 3s on 16 size blocks: 7289025 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 64 size blocks: 5519732 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 256 size blocks: 3319123 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 1024 size blocks: 1275475 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 8192 size blocks: 187134 hmac(md5)'s in 3.00s
Doing sha1 for 3s on 16 size blocks: 10089842 sha1's in 2.99s
Doing sha1 for 3s on 64 size blocks: 7033355 sha1's in 3.00s
Doing sha1 for 3s on 256 size blocks: 3919372 sha1's in 3.00s
Doing sha1 for 3s on 1024 size blocks: 1374314 sha1's in 3.00s
Doing sha1 for 3s on 8192 size blocks: 198808 sha1's in 3.00s
Doing sha256 for 3s on 16 size blocks: 6462822 sha256's in 3.00s
Doing sha256 for 3s on 64 size blocks: 3504641 sha256's in 3.00s
Doing sha256 for 3s on 256 size blocks: 1486771 sha256's in 3.00s
Doing sha256 for 3s on 1024 size blocks: 440613 sha256's in 3.00s
Doing sha256 for 3s on 8192 size blocks: 58418 sha256's in 3.00s
Doing sha512 for 3s on 16 size blocks: 5040453 sha512's in 2.99s
Doing sha512 for 3s on 64 size blocks: 5089425 sha512's in 3.00s
Doing sha512 for 3s on 256 size blocks: 1865240 sha512's in 3.00s
Doing sha512 for 3s on 1024 size blocks: 643708 sha512's in 3.00s
Doing sha512 for 3s on 8192 size blocks: 90615 sha512's in 3.00s
...
Doing whirlpool for 3s on 8192 size blocks: 33204 whirlpool's in 3.00s
...
Doing rmd160 for 3s on 8192 size blocks: 66719 rmd160's in 3.00s
...
Doing rc4 for 3s on 8192 size blocks: 238972 rc4's in 3.00s
...
Doing des cbc for 3s on 8192 size blocks: 19837 des cbc's in 3.00s
...
Doing des ede3 for 3s on 8192 size blocks: 7706 des ede3's in 3.00s
...
Doing aes-128 cbc for 3s on 8192 size blocks: 35217 aes-128 cbc's in 3.00s
...
Doing aes-192 cbc for 3s on 8192 size blocks: 29225 aes-192 cbc's in 3.01s
...
Doing aes-256 cbc for 3s on 8192 size blocks: 24414 aes-256 cbc's in 3.00s
...
Doing aes-256 ige for 3s on 8192 size blocks: 23331 aes-256 ige's in 2.99s
...
</pre>

=== Basic encryption ===

The command for encryption operations is [[enc|openssl enc]]

==== Basic file ====

to cipher a file or data to protect and share it protected by a shared key.

symetric cipher :
[[AES]] [[Blowfish]] [[RC4]] [[3DES]] [[RC2]] [[DES]] [[CAST5]] [[SEED]]

block to stream conversion :
[[ECB]] [[CBC]] [[OFB]] [[CFB]] [[CTR]] [[XTS]] [[GCM]]

compression :
[[ZLIB]]

<pre>
Cipher commands (see the `enc' command for more details)
aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb
aes-256-cbc aes-256-ecb base64 bf
bf-cbc bf-cfb bf-ecb bf-ofb
camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb
camellia-256-cbc camellia-256-ecb cast cast-cbc
cast5-cbc cast5-cfb cast5-ecb cast5-ofb
des des-cbc des-cfb des-ecb
des-ede des-ede-cbc des-ede-cfb des-ede-ofb
des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb
des-ofb des3 desx rc2
rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb
rc2-ecb rc2-ofb rc4 rc4-40
seed seed-cbc seed-cfb seed-ecb
seed-ofb zlib
</pre>

<pre>
openssl enc --help
unknown option '--help'
options are
-in <file> input file
-out <file> output file
-pass <arg> pass phrase source
-e encrypt
-d decrypt
-a/-base64 base64 encode/decode, depending on encryption flag
-k passphrase is the next argument
-kfile passphrase is the first line of the file argument
-md the next argument is the md to use to create a key
from a passphrase. One of md2, md5, sha or sha1
-S salt in hex is the next argument
-K/-iv key/iv in hex is the next argument
-[pP] print the iv/key (then exit if -P)
-bufsize <n> buffer size
-nopad disable standard block padding
-engine e use engine e, possibly a hardware device.
Cipher Types
-aes-128-cbc -aes-128-cfb -aes-128-cfb1
-aes-128-cfb8 -aes-128-ctr -aes-128-ecb
-aes-128-gcm -aes-128-ofb -aes-128-xts
-aes-192-cbc -aes-192-cfb -aes-192-cfb1
-aes-192-cfb8 -aes-192-ctr -aes-192-ecb
-aes-192-gcm -aes-192-ofb -aes-256-cbc
-aes-256-cfb -aes-256-cfb1 -aes-256-cfb8
-aes-256-ctr -aes-256-ecb -aes-256-gcm
-aes-256-ofb -aes-256-xts -aes128
-aes192 -aes256 -bf
-bf-cbc -bf-cfb -bf-ecb
-bf-ofb -blowfish -camellia-128-cbc
-camellia-128-cfb -camellia-128-cfb1 -camellia-128-cfb8
-camellia-128-ecb -camellia-128-ofb -camellia-192-cbc
-camellia-192-cfb -camellia-192-cfb1 -camellia-192-cfb8
-camellia-192-ecb -camellia-192-ofb -camellia-256-cbc
-camellia-256-cfb -camellia-256-cfb1 -camellia-256-cfb8
-camellia-256-ecb -camellia-256-ofb -camellia128
-camellia192 -camellia256 -cast
-cast-cbc -cast5-cbc -cast5-cfb
-cast5-ecb -cast5-ofb -des
-des-cbc -des-cfb -des-cfb1
-des-cfb8 -des-ecb -des-ede
-des-ede-cbc -des-ede-cfb -des-ede-ofb
-des-ede3 -des-ede3-cbc -des-ede3-cfb
-des-ede3-cfb1 -des-ede3-cfb8 -des-ede3-ofb
-des-ofb -des3 -desx
-desx-cbc -id-aes128-GCM -id-aes192-GCM
-id-aes256-GCM -rc2 -rc2-40-cbc
-rc2-64-cbc -rc2-cbc -rc2-cfb
-rc2-ecb -rc2-ofb -rc4
-rc4-40 -rc4-hmac-md5 -seed
-seed-cbc -seed-cfb -seed-ecb
-seed-ofb
</pre>

==== Mail / SMIME ====

===== smime v2 pkcs7 1.5 =====

<pre>
openssl smime --help
Usage smime [options] cert.pem ...
where options are
-encrypt encrypt message
-decrypt decrypt encrypted message
-sign sign message
-verify verify signed message
-pk7out output PKCS#7 structure
-des3 encrypt with triple DES
-des encrypt with DES
-seed encrypt with SEED
-rc2-40 encrypt with RC2-40 (default)
-rc2-64 encrypt with RC2-64
-rc2-128 encrypt with RC2-128
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-nointern don't search certificates in message for signer
-nosigs don't verify message signature
-noverify don't verify signers certificate
-nocerts don't include signers certificate when signing
-nodetach use opaque signing
-noattr don't include any signed attributes
-binary don't translate message to text
-certfile file other certificates file
-signer file signer certificate file
-recip file recipient certificate file for decryption
-in file input file
-inform arg input format SMIME (default), PEM or DER
-inkey file input private key (if not signer or recipient)
-keyform arg input private key format (PEM or ENGINE)
-out file output file
-outform arg output format SMIME (default), PEM or DER
-content file supply or override content for detached signature
-to addr to address
-from ad from address
-subject s subject
-text include or delete text MIME headers
-CApath dir trusted certificates directory
-CAfile file trusted certificates file
-crl_check check revocation status of signer's certificate using CRLs
-crl_check_all check revocation status of signer's certificate chain using CRLs
-engine e use engine e, possibly a hardware device.
-passin arg input file pass phrase source
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
cert.pem recipient certificate(s) for encryption
</pre>

===== smime v3 cms =====

<pre>
openssl cms --help
Usage cms [options] cert.pem ...
where options are
-encrypt encrypt message
-decrypt decrypt encrypted message
-sign sign message
-verify verify signed message
-cmsout output CMS structure
-des3 encrypt with triple DES
-des encrypt with DES
-seed encrypt with SEED
-rc2-40 encrypt with RC2-40 (default)
-rc2-64 encrypt with RC2-64
-rc2-128 encrypt with RC2-128
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-nointern don't search certificates in message for signer
-nosigs don't verify message signature
-noverify don't verify signers certificate
-nocerts don't include signers certificate when signing
-nodetach use opaque signing
-noattr don't include any signed attributes
-binary don't translate message to text
-certfile file other certificates file
-certsout file certificate output file
-signer file signer certificate file
-recip file recipient certificate file for decryption
-keyid use subject key identifier
-in file input file
-inform arg input format SMIME (default), PEM or DER
-inkey file input private key (if not signer or recipient)
-keyform arg input private key format (PEM or ENGINE)
-out file output file
-outform arg output format SMIME (default), PEM or DER
-content file supply or override content for detached signature
-to addr to address
-from ad from address
-subject s subject
-text include or delete text MIME headers
-CApath dir trusted certificates directory
-CAfile file trusted certificates file
-crl_check check revocation status of signer's certificate using CRLs
-crl_check_all check revocation status of signer's certificate chain using CRLs
-engine e use engine e, possibly a hardware device.
-passin arg input file pass phrase source
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
cert.pem recipient certificate(s) for encryption
</pre>

=== Create / Handle Public Key Certificates ===

This requires you have a knowledge of what PKI is ( Certificate Authorities, Certificate Request, Certificate, Public Key, Private Key )

Classical use case is to obtain a valid Certificate for a Secured Web site ( https protocol ).
First you create a Private Key ( will be created together with Public key ).
Then create a Certificate Request for that private key with some informations for purpose of future Certificate.
Then send that Certificate Request to a Certificate Authority ( CA ) that will issue a Certificate that CA signed. For well known CA you need to pay.
Up to you to install your Private key together with the received Certificate on your system.

It exists graphical front-end to operate openssl wihtin a GUI : [http://xca.sourceforge.net/ XCA]

==== Key Generation ====

===== rsa / genrsa =====

RSA is the most common type of Public/Private Key.
Private Key part should never be disclosed while public key part is ... public.

<pre>
openssl genrsa --help
usage: genrsa [args] [numbits]
-des encrypt the generated key with DES in cbc mode
-des3 encrypt the generated key with DES in ede cbc mode (168 bit key)
-seed
encrypt PEM output with cbc seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-out file output the key to 'file
-passout arg output file pass phrase source
-f4 use F4 (0x10001) for the E value
-3 use 3 for the E value
-engine e use engine e, possibly a hardware device.
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
</pre>

<pre>
rsa help
unknown option help
rsa [options] <infile >outfile
where options are
-inform arg input format - one of DER NET PEM
-outform arg output format - one of DER NET PEM
-in arg input file
-sgckey Use IIS SGC key format
-passin arg input file pass phrase source
-out arg output file
-passout arg output file pass phrase source
-des encrypt PEM output with cbc des
-des3 encrypt PEM output with ede cbc des using 168 bit key
-seed encrypt PEM output with cbc seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-text print the key in text
-noout don't print key out
-modulus print the RSA key modulus
-check verify key consistency
-pubin expect a public key in input file
-pubout output a public key
-engine e use engine e, possibly a hardware device.
error in rsa
</pre>

===== dsa / gendsa=====

dsa is a less common Public/Private key scheme, but can be seen anyway, so ...

<pre>
openssl gendsa
usage: gendsa [args] dsaparam-file
-out file - output the key to 'file'
-des - encrypt the generated key with DES in cbc mode
-des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)
-seed
encrypt PEM output with cbc seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-engine e - use engine e, possibly a hardware device.
-rand file:file:...
- load the file (or the files in the directory) into
the random number generator
dsaparam-file
- a DSA parameter file as generated by the dsaparam command

</pre>

<pre>
OpenSSL> dsa help
unknown option help
dsa [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-passin arg input file pass phrase source
-out arg output file
-passout arg output file pass phrase source
-engine e use engine e, possibly a hardware device.
-des encrypt PEM output with cbc des
-des3 encrypt PEM output with ede cbc des using 168 bit key
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-seed encrypt PEM output with cbc seed
-text print the key in text
-noout don't print key out
-modulus print the DSA public value
error in dsa
</pre>

===== Elliptic Curves / ec ecparam =====

[[Elliptic_Curve_Cryptography]]

<pre>
openssl ecparam --help
unknown option --help
ecparam [options] <infile >outfile
where options are
-inform arg input format - default PEM (DER or PEM)
-outform arg output format - default PEM
-in arg input file - default stdin
-out arg output file - default stdout
-noout do not print the ec parameter
-text print the ec parameters in text form
-check validate the ec parameters
-C print a 'C' function creating the parameters
-name arg use the ec parameters with 'short name' name
-list_curves prints a list of all currently available curve 'short names'
-conv_form arg specifies the point conversion form
possible values: compressed
uncompressed (default)
hybrid
-param_enc arg specifies the way the ec parameters are encoded
in the asn1 der encoding
possible values: named_curve (default)
explicit
-no_seed if 'explicit' parameters are chosen do not use the seed
-genkey generate ec key
-rand file files to use for random number input
-engine e use engine e, possibly a hardware device
</pre>

<pre>
ec [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-passin arg input file pass phrase source
-out arg output file
-passout arg output file pass phrase source
-engine e use engine e, possibly a hardware device.
-des encrypt PEM output, instead of 'des' every other
cipher supported by OpenSSL can be used
-text print the key
-noout don't print key out
-param_out print the elliptic curve parameters
-conv_form arg specifies the point conversion form
possible values: compressed
uncompressed (default)
hybrid
-param_enc arg specifies the way the ec parameters are encoded
in the asn1 der encoding
possible values: named_curve (default)
explicit
</pre>

==== Certificate Authority / ca ====

When you want to act as a Certificate Authority.

OpenSSL> ca
Using configuration from /usr/lib/ssl/openssl.cnf
Error opening CA private key ./demoCA/private/cakey.pem
140492277311144:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('./demoCA/private/cakey.pem','r')
140492277311144:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load CA private key
error in ca

By default you don't have ca created...

==== Certificate Request / pkcs10 / req ====

OpenSSL> req ?
unknown option ?
req [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-out arg output file
-text text form of request
-pubkey output public key
-noout do not output REQ
-verify verify signature on REQ
-modulus RSA modulus
-nodes don't encrypt the output key
-engine e use engine e, possibly a hardware device
-subject output the request's subject
-passin private key password source
-key file use the private key contained in file
-keyform arg key file format
-keyout arg file to send the key to
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
-newkey rsa:bits generate a new RSA key of 'bits' in size
-newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'
-newkey ec:file generate a new EC key, parameters taken from CA in 'file'
-[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)
-config file request template file.
-subj arg set or modify request subject
-multivalue-rdn enable support for multivalued RDNs
-new new request.
-batch do not ask anything during request generation
-x509 output a x509 structure instead of a cert. req.
-days number of days a certificate generated by -x509 is valid for.
-set_serial serial number to use for a certificate generated by -x509.
-newhdr output "NEW" in the header lines
-asn1-kludge Output the 'request' in a format that is wrong but some CA's
have been reported as requiring
-extensions .. specify certificate extension section (override value in config file)
-reqexts .. specify request extension section (override value in config file)
-utf8 input characters are UTF8 (default ASCII)
-nameopt arg - various certificate name options
-reqopt arg - various request text options

error in req

==== Certificates AKA x509 ====

x509 command allows you to display content of a x509 certificate and to convert it from/to [[PEM]], [[NET]] or [[DER]] formats.

OpenSSL> x509 help
unknown option help
usage: x509 args
-inform arg - input format - default PEM (one of DER, NET or PEM)
-outform arg - output format - default PEM (one of DER, NET or PEM)
-keyform arg - private key format - default PEM
-CAform arg - CA format - default PEM
-CAkeyform arg - CA key format - default PEM
-in arg - input file - default stdin
-out arg - output file - default stdout
-passin arg - private key password source
-serial - print serial number value
-subject_hash - print subject hash value
-subject_hash_old - print old-style (MD5) subject hash value
-issuer_hash - print issuer hash value
-issuer_hash_old - print old-style (MD5) issuer hash value
-hash - synonym for -subject_hash
-subject - print subject DN
-issuer - print issuer DN
-email - print email address(es)
-startdate - notBefore field
-enddate - notAfter field
-purpose - print out certificate purposes
-dates - both Before and After dates
-modulus - print the RSA key modulus
-pubkey - output the public key
-fingerprint - print the certificate fingerprint
-alias - output certificate alias
-noout - no certificate output
-ocspid - print OCSP hash values for the subject name and public key
-ocsp_uri - print OCSP Responder URL(s)
-trustout - output a "trusted" certificate
-clrtrust - clear all trusted purposes
-clrreject - clear all rejected purposes
-addtrust arg - trust certificate for a given purpose
-addreject arg - reject certificate for a given purpose
-setalias arg - set certificate alias
-days arg - How long till expiry of a signed certificate - def 30 days
-checkend arg - check whether the cert expires in the next arg seconds
exit 1 if so, 0 if not
-signkey arg - self sign cert with arg
-x509toreq - output a certification request object
-req - input is a certificate request, sign and output.
-CA arg - set the CA certificate, must be PEM format.
-CAkey arg - set the CA key, must be PEM format
missing, it is assumed to be in the CA file.
-CAcreateserial - create serial number file if it does not exist
-CAserial arg - serial file
-set_serial - serial number to use
-text - print the certificate in text form
-C - print out C code forms
-md2/-md5/-sha1/-mdc2 - digest to use
-extfile - configuration file with X509V3 extensions to add
-extensions - section from config file with X509V3 extensions to add
-clrext - delete extensions before signing and input certificate
-nameopt arg - various certificate name options
-engine e - use engine e, possibly a hardware device.
-certopt arg - various certificate text options

==== Client Certificates AKA pkcs12 ====

Client Certificate is a language abuse, but anyway it is kind of file you need to install on your system when SSL/TLS server require Client Authentication.
Those kind of certificates credentials are known with .'''pkcs12''' or .'''pfx''' file extension.
They contains a x509 Certificate and the public/private key of client. Those files are then very sensible to handle with same security as a private key.

<pre>
Usage: pkcs12 [options]
where options are
-export output PKCS12 file
-chain add certificate chain
-inkey file private key if not infile
-certfile f add all certs in f
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-name "name" use name as friendly name
-caname "nm" use nm as CA friendly name (can be used more than once).
-in infile input filename
-out outfile output filename
-noout don't output anything, just verify.
-nomacver don't verify MAC.
-nocerts don't output certificates.
-clcerts only output client certificates.
-cacerts only output CA certificates.
-nokeys don't output private keys.
-info give info about PKCS#12 structure.
-des encrypt private keys with DES
-des3 encrypt private keys with triple DES (default)
-seed encrypt private keys with seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-nodes don't encrypt private keys
-noiter don't use encryption iteration
-nomaciter don't use MAC iteration
-maciter use MAC iteration
-nomac don't generate MAC
-twopass separate MAC, encryption passwords
-descert encrypt PKCS#12 certificates with triple DES (default RC2-40)
-certpbe alg specify certificate PBE algorithm (default RC2-40)
-keypbe alg specify private key PBE algorithm (default 3DES)
-macalg alg digest algorithm used in MAC (default SHA1)
-keyex set MS key exchange type
-keysig set MS key signature type
-password p set import/export password source
-passin p input file pass phrase source
-passout p output file pass phrase source
-engine e use engine e, possibly a hardware device.
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
-CSP name Microsoft CSP name
-LMK Add local machine keyset attribute to private key
</pre>

=== SSL/TLS and Certificates ONLINE services ===

==== s_server ====

This implements a generic SSL/TLS server.

<pre>
openssl s_server
Error opening server certificate private key file server.pem
139811478357672:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('server.pem','r')
139811478357672:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load server certificate private key file
</pre>

'''you need to provide certificate and private key to be able to run SSL/TLS server.'''

<pre>
openssl s_server --help
unknown option --help
usage: s_server [args ...]

-accept arg - port to accept on (default is 4433)
-context arg - set session ID context
-verify arg - turn on peer certificate verification
-Verify arg - turn on peer certificate verification, must have a cert.
-cert arg - certificate file to use
(default is server.pem)
-crl_check - check the peer certificate has not been revoked by its CA.
The CRL(s) are appended to the certificate file
-crl_check_all - check the peer certificate has not been revoked by its CA
or any other CRL in the CA chain. CRL(s) are appened to the
the certificate file.
-certform arg - certificate format (PEM or DER) PEM default
-key arg - Private Key file to use, in cert file if
not specified (default is server.pem)
-keyform arg - key format (PEM, DER or ENGINE) PEM default
-pass arg - private key file pass phrase source
-dcert arg - second certificate file to use (usually for DSA)
-dcertform x - second certificate format (PEM or DER) PEM default
-dkey arg - second private key file to use (usually for DSA)
-dkeyform arg - second key format (PEM, DER or ENGINE) PEM default
-dpass arg - second private key file pass phrase source
-dhparam arg - DH parameter file to use, in cert file if not specified
or a default set of parameters is used
-named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.
Use "openssl ecparam -list_curves" for all names
(default is nistp256).
-nbio - Run with non-blocking IO
-nbio_test - test with the non-blocking test bio
-crlf - convert LF from terminal into CRLF
-debug - Print more output
-msg - Show protocol messages
-state - Print the SSL states
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-nocert - Don't use any certificates (Anon-DH)
-cipher arg - play with 'openssl ciphers' to see what goes here
-serverpref - Use server's cipher preferences
-quiet - No server output
-no_tmp_rsa - Do not generate a tmp RSA key
-psk_hint arg - PSK identity hint to use
-psk arg - PSK in hex (without 0x)
-srpvfile file - The verifier file for SRP
-srpuserseed string - A seed string for a default user salt.
-ssl2 - Just talk SSLv2
-ssl3 - Just talk SSLv3
-tls1_2 - Just talk TLSv1.2
-tls1_1 - Just talk TLSv1.1
-tls1 - Just talk TLSv1
-dtls1 - Just talk DTLSv1
-timeout - Enable timeouts
-mtu - Set link layer MTU
-chain - Read a certificate chain
-no_ssl2 - Just disable SSLv2
-no_ssl3 - Just disable SSLv3
-no_tls1 - Just disable TLSv1
-no_tls1_1 - Just disable TLSv1.1
-no_tls1_2 - Just disable TLSv1.2
-no_dhe - Disable ephemeral DH
-no_ecdhe - Disable ephemeral ECDH
-bugs - Turn on SSL bug compatibility
-www - Respond to a 'GET /' with a status page
-WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>
-HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>
with the assumption it contains a complete HTTP response.
-engine id - Initialise and use the specified engine
-id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'
-rand file:file:...
-servername host - servername for HostName TLS extension
-servername_fatal - on mismatch send fatal alert (default warning alert)
-cert2 arg - certificate file to use for servername
(default is server2.pem)
-key2 arg - Private Key file to use for servername, in cert file if
not specified (default is server2.pem)
-tlsextdebug - hex dump of all TLS extensions received
-no_ticket - disable use of RFC4507bis session tickets
-legacy_renegotiation - enable use of legacy renegotiation (dangerous)
-nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)
-use_srtp profiles - Offer SRTP key management with a colon-separated profile list
-keymatexport label - Export keying material using label
-keymatexportlen len - Export len bytes of keying material (default 20)
</pre>

==== s_client ====

This implements a generic SSL/TLS client

<pre>
unknown option --help
usage: s_client args

-host host - use -connect instead
-port port - use -connect instead
-connect host:port - who to connect to (default is localhost:4433)
-verify arg - turn on peer certificate verification
-cert arg - certificate file to use, PEM format assumed
-certform arg - certificate format (PEM or DER) PEM default
-key arg - Private key file to use, in cert file if
not specified but cert file is.
-keyform arg - key format (PEM or DER) PEM default
-pass arg - private key file pass phrase source
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-reconnect - Drop and re-make the connection with the same Session-ID
-pause - sleep(1) after each read(2) and write(2) system call
-showcerts - show all certificates in the chain
-debug - extra output
-msg - Show protocol messages
-nbio_test - more ssl protocol testing
-state - print the 'ssl' states
-nbio - Run with non-blocking IO
-crlf - convert LF from terminal into CRLF
-quiet - no s_client output
-ign_eof - ignore input eof (default when -quiet)
-no_ign_eof - don't ignore input eof
-psk_identity arg - PSK identity
-psk arg - PSK in hex (without 0x)
-srpuser user - SRP authentification for 'user'
-srppass arg - password for 'user'
-srp_lateuser - SRP username into second ClientHello message
-srp_moregroups - Tolerate other than the known g N values.
-srp_strength int - minimal mength in bits for N (default 1024).
-ssl2 - just use SSLv2
-ssl3 - just use SSLv3
-tls1_2 - just use TLSv1.2
-tls1_1 - just use TLSv1.1
-tls1 - just use TLSv1
-dtls1 - just use DTLSv1
-mtu - set the link layer MTU
-no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol
-bugs - Switch on all SSL implementation bug workarounds
-serverpref - Use server's cipher preferences (only SSLv2)
-cipher - preferred cipher to use, use the 'openssl ciphers'
command to see what is available
-starttls prot - use the STARTTLS command before starting TLS
for those protocols that support it, where
'prot' defines which one to assume. Currently,
only "smtp", "pop3", "imap", "ftp" and "xmpp"
are supported.
-engine id - Initialise and use the specified engine
-rand file:file:...
-sess_out arg - file to write SSL session to
-sess_in arg - file to read SSL session from
-servername host - Set TLS extension servername in ClientHello
-tlsextdebug - hex dump of all TLS extensions received
-status - request certificate status from server
-no_ticket - disable use of RFC4507bis session tickets
-nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)
-legacy_renegotiation - enable use of legacy renegotiation (dangerous)
-use_srtp profiles - Offer SRTP key management with a colon-separated profile list
-keymatexport label - Export keying material using label
-keymatexportlen len - Export len bytes of keying material (default 20)
</pre>

==== ocsp ====

=== Signing / Digest and Timestamping ===

==== Signing / Digest ====

<pre>
openssl dgst --help
unknown option '--help'
options are
-c to output the digest with separating colons
-r to output the digest in coreutils format
-d to output debug info
-hex output as hex dump
-binary output in binary form
-hmac arg set the HMAC key to arg
-non-fips-allow allow use of non FIPS digest
-sign file sign digest using private key in file
-verify file verify a signature using public key in file
-prverify file verify a signature using private key in file
-keyform arg key file format (PEM or ENGINE)
-out filename output to filename rather than stdout
-signature file signature to verify
-sigopt nm:v signature parameter
-hmac key create hashed MAC with key
-mac algorithm create MAC (not neccessarily HMAC)
-macopt nm:v MAC algorithm parameters or key
-engine e use engine e, possibly a hardware device.
-md4 to use the md4 message digest algorithm
-md5 to use the md5 message digest algorithm
-ripemd160 to use the ripemd160 message digest algorithm
-sha to use the sha message digest algorithm
-sha1 to use the sha1 message digest algorithm
-sha224 to use the sha224 message digest algorithm
-sha256 to use the sha256 message digest algorithm
-sha384 to use the sha384 message digest algorithm
-sha512 to use the sha512 message digest algorithm
-whirlpool to use the whirlpool message digest algorithm
</pre>
==== timestamping ====

openssl ts

<pre>
usage:
ts -query [-rand file:file:...] [-config configfile] [-data file_to_hash] [-digest digest_bytes][-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] [-policy object_id] [-no_nonce] [-cert] [-in request.tsq] [-out request.tsq] [-text]
or
ts -reply [-config configfile] [-section tsa_section] [-queryfile request.tsq] [-passin password] [-signer tsa_cert.pem] [-inkey private_key.pem] [-chain certs_file.pem] [-policy object_id] [-in response.tsr] [-token_in] [-out response.tsr] [-token_out] [-text] [-engine id]
or
ts -verify [-data file_to_hash] [-digest digest_bytes] [-queryfile request.tsq] -in response.tsr [-token_in] -CApath ca_path -CAfile ca_file.pem -untrusted cert_file.pem
</pre>

=== Data handling ===

==== ASN.1 ====

[[DER]] decoding

openssl asn1parse

==== Base64 ====

base64 encoding / decoding

[[Base64]]

===== a String =====

<pre>
openssl base64 -e <<< 'Welcome to openssl wiki'
V2VsY29tZSB0byBvcGVuc3NsIHdpa2kK
openssl base64 -d <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kK'
Welcome to openssl wiki
</pre>

warning '''base64 line length is limited to 76 characters by default in openssl''' ( and generated with 64 characters / line ).

<pre>
openssl base64 -e <<< 'Welcome to openssl wiki with a very long line that splits...'
V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRo
YXQgc3BsaXRzLi4uCg==
openssl base64 -d <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRoYXQgc3BsaXRzLi4uCg=='
</pre>
=> NOTHING !

to be able to decode a base64 line without line feed that exceed 76 characters use -A option :

<pre>
openssl base64 -d -A <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRoYXQgc3BsaXRzLi4uCg=='
Welcome to openssl wiki with a very long line that splits...
</pre>

This is anyway better to actualy split base64 result in 64 characters lines since -A option is BUGGY ( limit with long files ).

==== DER <-> PEM conversion ====

on each command handling PEM and DER format an '''inform''' and '''outform''' options are provided to specify it.
Then it is easy to read it in format and write it in another

==== pkcs8 / pkcs5 ====

pkcs8 is a format to store private keys.
pkcs8 uses various pkcs5 version as subformat.

<pre>
openssl pkcs8 --help
Usage pkcs8 [options]
where options are
-in file input file
-inform X input format (DER or PEM)
-passin arg input file pass phrase source
-outform X output format (DER or PEM)
-out file output file
-passout arg output file pass phrase source
-topk8 output PKCS8 file
-nooct use (nonstandard) no octet format
-embed use (nonstandard) embedded DSA parameters format
-nsdb use (nonstandard) DSA Netscape DB format
-noiter use 1 as iteration count
-nocrypt use or expect unencrypted private key
-v2 alg use PKCS#5 v2.0 and cipher "alg"
-v1 obj use PKCS#5 v1.5 and cipher "alg"
-engine e use engine e, possibly a hardware device.
</pre>

=== Diagnostics ===

==== SSL/TLS session information ====

<pre>
openssl sess_id --help
unknown option --help
usage: sess_id args

-inform arg - input format - default PEM (DER or PEM)
-outform arg - output format - default PEM
-in arg - input file - default stdin
-out arg - output file - default stdout
-text - print ssl session id details
-cert - output certificate
-noout - no CRL output
-context arg - set the session ID context
</pre>

[[Category:Shell level]]

Command Line Utilities

2013-06-20T17:10:47Z

Frukto: /* Getting started with your openssl toolkit */

[http://www.openssl.org/docs/apps/openssl.html OpenSSL site command line tools]

=== Getting started with your openssl toolkit ===

When installed on your system openssl binary (usually /usr/bin/openssl on linux) is an entry point for many functions. You call it following the pattern
<pre>
$ openssl command [ command_opts ] [ command_args ]
</pre>

Alternatively you can call it without arguments to enter the interactive mode with an 'OpenSSL>' prompt. Then you can directly type your commands. You can leave the interactive mode with Ctrl+C or Ctrl+D or by typing 'quit':
<pre>
OpenSSL> quit
</pre>

There are three different kinds of commands. These are [[standard commands]], [[cipher commands]], and [[message-digest commands]]. In the following an overview over some commands is given. These are grouped by purpose and not necessarily by the classification just mentioned.

=== Learn about your installation ===

==== List commands by type ====

You can get a list of available commands by calling

<pre>
$ openssl list-standard-commands
$ openssl list-cipher-commands
$ openssl list-message-digest-commands
</pre>

==== version ====

OpenSSL> version
OpenSSL 1.0.1e 11 Feb 2013

==== ciphers ====

returns SSL/TLS ciphers supported.

<pre>
OpenSSL> ciphers
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:PSK-3DES-EDE-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:PSK-AES128-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5
</pre>

openssl list-cipher-algorithms

openssl list-public-key-algorithms
<pre>
Name: OpenSSL RSA method
Type: Builtin Algorithm
OID: rsaEncryption
PEM string: RSA
Name: rsa
Type: Alias to rsaEncryption
Name: OpenSSL PKCS#3 DH method
Type: Builtin Algorithm
OID: dhKeyAgreement
PEM string: DH
Name: dsaWithSHA
Type: Alias to dsaEncryption
Name: dsaEncryption-old
Type: Alias to dsaEncryption
Name: dsaWithSHA1-old
Type: Alias to dsaEncryption
Name: dsaWithSHA1
Type: Alias to dsaEncryption
Name: OpenSSL DSA method
Type: Builtin Algorithm
OID: dsaEncryption
PEM string: DSA
Name: OpenSSL EC algorithm
Type: Builtin Algorithm
OID: id-ecPublicKey
PEM string: EC
Name: OpenSSL HMAC method
Type: Builtin Algorithm
OID: hmac
PEM string: HMAC
Name: OpenSSL CMAC method
Type: Builtin Algorithm
OID: cmac
PEM string: CMAC
</pre>

==== engine ====

OpenSSL> engine
(rsax) RSAX engine support
(dynamic) Dynamic engine loading support

==== speed ====

returns informations of toolkit performance on cryptographic functions computations.

( Ex: on Linux 3.1.0-1-amd64 #1 SMP x86_64 GNU/Linux, HP dv7 i7 4Gb )

<pre>
Doing md4 for 3s on 16 size blocks: 12430613 md4's in 3.00s
...
Doing md5 for 3s on 16 size blocks: 8943943 md5's in 2.99s
Doing md5 for 3s on 64 size blocks: 6560162 md5's in 3.00s
Doing md5 for 3s on 256 size blocks: 3674563 md5's in 3.00s
Doing md5 for 3s on 1024 size blocks: 1325803 md5's in 3.00s
Doing md5 for 3s on 8192 size blocks: 190271 md5's in 3.00s
Doing hmac(md5) for 3s on 16 size blocks: 7289025 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 64 size blocks: 5519732 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 256 size blocks: 3319123 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 1024 size blocks: 1275475 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 8192 size blocks: 187134 hmac(md5)'s in 3.00s
Doing sha1 for 3s on 16 size blocks: 10089842 sha1's in 2.99s
Doing sha1 for 3s on 64 size blocks: 7033355 sha1's in 3.00s
Doing sha1 for 3s on 256 size blocks: 3919372 sha1's in 3.00s
Doing sha1 for 3s on 1024 size blocks: 1374314 sha1's in 3.00s
Doing sha1 for 3s on 8192 size blocks: 198808 sha1's in 3.00s
Doing sha256 for 3s on 16 size blocks: 6462822 sha256's in 3.00s
Doing sha256 for 3s on 64 size blocks: 3504641 sha256's in 3.00s
Doing sha256 for 3s on 256 size blocks: 1486771 sha256's in 3.00s
Doing sha256 for 3s on 1024 size blocks: 440613 sha256's in 3.00s
Doing sha256 for 3s on 8192 size blocks: 58418 sha256's in 3.00s
Doing sha512 for 3s on 16 size blocks: 5040453 sha512's in 2.99s
Doing sha512 for 3s on 64 size blocks: 5089425 sha512's in 3.00s
Doing sha512 for 3s on 256 size blocks: 1865240 sha512's in 3.00s
Doing sha512 for 3s on 1024 size blocks: 643708 sha512's in 3.00s
Doing sha512 for 3s on 8192 size blocks: 90615 sha512's in 3.00s
...
Doing whirlpool for 3s on 8192 size blocks: 33204 whirlpool's in 3.00s
...
Doing rmd160 for 3s on 8192 size blocks: 66719 rmd160's in 3.00s
...
Doing rc4 for 3s on 8192 size blocks: 238972 rc4's in 3.00s
...
Doing des cbc for 3s on 8192 size blocks: 19837 des cbc's in 3.00s
...
Doing des ede3 for 3s on 8192 size blocks: 7706 des ede3's in 3.00s
...
Doing aes-128 cbc for 3s on 8192 size blocks: 35217 aes-128 cbc's in 3.00s
...
Doing aes-192 cbc for 3s on 8192 size blocks: 29225 aes-192 cbc's in 3.01s
...
Doing aes-256 cbc for 3s on 8192 size blocks: 24414 aes-256 cbc's in 3.00s
...
Doing aes-256 ige for 3s on 8192 size blocks: 23331 aes-256 ige's in 2.99s
...
</pre>

=== Basic encryption ===

==== Basic file ====

to cipher a file or data to protect and share it protected by a shared key.

symetric cipher :
[[AES]] [[Blowfish]] [[RC4]] [[3DES]] [[RC2]] [[DES]] [[CAST5]] [[SEED]]

block to stream conversion :
[[ECB]] [[CBC]] [[OFB]] [[CFB]] [[CTR]] [[XTS]] [[GCM]]

compression :
[[ZLIB]]

<pre>
Cipher commands (see the `enc' command for more details)
aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb
aes-256-cbc aes-256-ecb base64 bf
bf-cbc bf-cfb bf-ecb bf-ofb
camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb
camellia-256-cbc camellia-256-ecb cast cast-cbc
cast5-cbc cast5-cfb cast5-ecb cast5-ofb
des des-cbc des-cfb des-ecb
des-ede des-ede-cbc des-ede-cfb des-ede-ofb
des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb
des-ofb des3 desx rc2
rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb
rc2-ecb rc2-ofb rc4 rc4-40
seed seed-cbc seed-cfb seed-ecb
seed-ofb zlib
</pre>

<pre>
openssl enc --help
unknown option '--help'
options are
-in <file> input file
-out <file> output file
-pass <arg> pass phrase source
-e encrypt
-d decrypt
-a/-base64 base64 encode/decode, depending on encryption flag
-k passphrase is the next argument
-kfile passphrase is the first line of the file argument
-md the next argument is the md to use to create a key
from a passphrase. One of md2, md5, sha or sha1
-S salt in hex is the next argument
-K/-iv key/iv in hex is the next argument
-[pP] print the iv/key (then exit if -P)
-bufsize <n> buffer size
-nopad disable standard block padding
-engine e use engine e, possibly a hardware device.
Cipher Types
-aes-128-cbc -aes-128-cfb -aes-128-cfb1
-aes-128-cfb8 -aes-128-ctr -aes-128-ecb
-aes-128-gcm -aes-128-ofb -aes-128-xts
-aes-192-cbc -aes-192-cfb -aes-192-cfb1
-aes-192-cfb8 -aes-192-ctr -aes-192-ecb
-aes-192-gcm -aes-192-ofb -aes-256-cbc
-aes-256-cfb -aes-256-cfb1 -aes-256-cfb8
-aes-256-ctr -aes-256-ecb -aes-256-gcm
-aes-256-ofb -aes-256-xts -aes128
-aes192 -aes256 -bf
-bf-cbc -bf-cfb -bf-ecb
-bf-ofb -blowfish -camellia-128-cbc
-camellia-128-cfb -camellia-128-cfb1 -camellia-128-cfb8
-camellia-128-ecb -camellia-128-ofb -camellia-192-cbc
-camellia-192-cfb -camellia-192-cfb1 -camellia-192-cfb8
-camellia-192-ecb -camellia-192-ofb -camellia-256-cbc
-camellia-256-cfb -camellia-256-cfb1 -camellia-256-cfb8
-camellia-256-ecb -camellia-256-ofb -camellia128
-camellia192 -camellia256 -cast
-cast-cbc -cast5-cbc -cast5-cfb
-cast5-ecb -cast5-ofb -des
-des-cbc -des-cfb -des-cfb1
-des-cfb8 -des-ecb -des-ede
-des-ede-cbc -des-ede-cfb -des-ede-ofb
-des-ede3 -des-ede3-cbc -des-ede3-cfb
-des-ede3-cfb1 -des-ede3-cfb8 -des-ede3-ofb
-des-ofb -des3 -desx
-desx-cbc -id-aes128-GCM -id-aes192-GCM
-id-aes256-GCM -rc2 -rc2-40-cbc
-rc2-64-cbc -rc2-cbc -rc2-cfb
-rc2-ecb -rc2-ofb -rc4
-rc4-40 -rc4-hmac-md5 -seed
-seed-cbc -seed-cfb -seed-ecb
-seed-ofb
</pre>

==== Mail / SMIME ====

===== smime v2 pkcs7 1.5 =====

<pre>
openssl smime --help
Usage smime [options] cert.pem ...
where options are
-encrypt encrypt message
-decrypt decrypt encrypted message
-sign sign message
-verify verify signed message
-pk7out output PKCS#7 structure
-des3 encrypt with triple DES
-des encrypt with DES
-seed encrypt with SEED
-rc2-40 encrypt with RC2-40 (default)
-rc2-64 encrypt with RC2-64
-rc2-128 encrypt with RC2-128
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-nointern don't search certificates in message for signer
-nosigs don't verify message signature
-noverify don't verify signers certificate
-nocerts don't include signers certificate when signing
-nodetach use opaque signing
-noattr don't include any signed attributes
-binary don't translate message to text
-certfile file other certificates file
-signer file signer certificate file
-recip file recipient certificate file for decryption
-in file input file
-inform arg input format SMIME (default), PEM or DER
-inkey file input private key (if not signer or recipient)
-keyform arg input private key format (PEM or ENGINE)
-out file output file
-outform arg output format SMIME (default), PEM or DER
-content file supply or override content for detached signature
-to addr to address
-from ad from address
-subject s subject
-text include or delete text MIME headers
-CApath dir trusted certificates directory
-CAfile file trusted certificates file
-crl_check check revocation status of signer's certificate using CRLs
-crl_check_all check revocation status of signer's certificate chain using CRLs
-engine e use engine e, possibly a hardware device.
-passin arg input file pass phrase source
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
cert.pem recipient certificate(s) for encryption
</pre>

===== smime v3 cms =====

<pre>
openssl cms --help
Usage cms [options] cert.pem ...
where options are
-encrypt encrypt message
-decrypt decrypt encrypted message
-sign sign message
-verify verify signed message
-cmsout output CMS structure
-des3 encrypt with triple DES
-des encrypt with DES
-seed encrypt with SEED
-rc2-40 encrypt with RC2-40 (default)
-rc2-64 encrypt with RC2-64
-rc2-128 encrypt with RC2-128
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-nointern don't search certificates in message for signer
-nosigs don't verify message signature
-noverify don't verify signers certificate
-nocerts don't include signers certificate when signing
-nodetach use opaque signing
-noattr don't include any signed attributes
-binary don't translate message to text
-certfile file other certificates file
-certsout file certificate output file
-signer file signer certificate file
-recip file recipient certificate file for decryption
-keyid use subject key identifier
-in file input file
-inform arg input format SMIME (default), PEM or DER
-inkey file input private key (if not signer or recipient)
-keyform arg input private key format (PEM or ENGINE)
-out file output file
-outform arg output format SMIME (default), PEM or DER
-content file supply or override content for detached signature
-to addr to address
-from ad from address
-subject s subject
-text include or delete text MIME headers
-CApath dir trusted certificates directory
-CAfile file trusted certificates file
-crl_check check revocation status of signer's certificate using CRLs
-crl_check_all check revocation status of signer's certificate chain using CRLs
-engine e use engine e, possibly a hardware device.
-passin arg input file pass phrase source
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
cert.pem recipient certificate(s) for encryption
</pre>

=== Create / Handle Public Key Certificates ===

This requires you have a knowledge of what PKI is ( Certificate Authorities, Certificate Request, Certificate, Public Key, Private Key )

Classical use case is to obtain a valid Certificate for a Secured Web site ( https protocol ).
First you create a Private Key ( will be created together with Public key ).
Then create a Certificate Request for that private key with some informations for purpose of future Certificate.
Then send that Certificate Request to a Certificate Authority ( CA ) that will issue a Certificate that CA signed. For well known CA you need to pay.
Up to you to install your Private key together with the received Certificate on your system.

It exists graphical front-end to operate openssl wihtin a GUI : [http://xca.sourceforge.net/ XCA]

==== Key Generation ====

===== rsa / genrsa =====

RSA is the most common type of Public/Private Key.
Private Key part should never be disclosed while public key part is ... public.

<pre>
openssl genrsa --help
usage: genrsa [args] [numbits]
-des encrypt the generated key with DES in cbc mode
-des3 encrypt the generated key with DES in ede cbc mode (168 bit key)
-seed
encrypt PEM output with cbc seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-out file output the key to 'file
-passout arg output file pass phrase source
-f4 use F4 (0x10001) for the E value
-3 use 3 for the E value
-engine e use engine e, possibly a hardware device.
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
</pre>

<pre>
rsa help
unknown option help
rsa [options] <infile >outfile
where options are
-inform arg input format - one of DER NET PEM
-outform arg output format - one of DER NET PEM
-in arg input file
-sgckey Use IIS SGC key format
-passin arg input file pass phrase source
-out arg output file
-passout arg output file pass phrase source
-des encrypt PEM output with cbc des
-des3 encrypt PEM output with ede cbc des using 168 bit key
-seed encrypt PEM output with cbc seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-text print the key in text
-noout don't print key out
-modulus print the RSA key modulus
-check verify key consistency
-pubin expect a public key in input file
-pubout output a public key
-engine e use engine e, possibly a hardware device.
error in rsa
</pre>

===== dsa / gendsa=====

dsa is a less common Public/Private key scheme, but can be seen anyway, so ...

<pre>
openssl gendsa
usage: gendsa [args] dsaparam-file
-out file - output the key to 'file'
-des - encrypt the generated key with DES in cbc mode
-des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)
-seed
encrypt PEM output with cbc seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-engine e - use engine e, possibly a hardware device.
-rand file:file:...
- load the file (or the files in the directory) into
the random number generator
dsaparam-file
- a DSA parameter file as generated by the dsaparam command

</pre>

<pre>
OpenSSL> dsa help
unknown option help
dsa [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-passin arg input file pass phrase source
-out arg output file
-passout arg output file pass phrase source
-engine e use engine e, possibly a hardware device.
-des encrypt PEM output with cbc des
-des3 encrypt PEM output with ede cbc des using 168 bit key
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-seed encrypt PEM output with cbc seed
-text print the key in text
-noout don't print key out
-modulus print the DSA public value
error in dsa
</pre>

===== Elliptic Curves / ec ecparam =====

[[Elliptic_Curve_Cryptography]]

<pre>
openssl ecparam --help
unknown option --help
ecparam [options] <infile >outfile
where options are
-inform arg input format - default PEM (DER or PEM)
-outform arg output format - default PEM
-in arg input file - default stdin
-out arg output file - default stdout
-noout do not print the ec parameter
-text print the ec parameters in text form
-check validate the ec parameters
-C print a 'C' function creating the parameters
-name arg use the ec parameters with 'short name' name
-list_curves prints a list of all currently available curve 'short names'
-conv_form arg specifies the point conversion form
possible values: compressed
uncompressed (default)
hybrid
-param_enc arg specifies the way the ec parameters are encoded
in the asn1 der encoding
possible values: named_curve (default)
explicit
-no_seed if 'explicit' parameters are chosen do not use the seed
-genkey generate ec key
-rand file files to use for random number input
-engine e use engine e, possibly a hardware device
</pre>

<pre>
ec [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-passin arg input file pass phrase source
-out arg output file
-passout arg output file pass phrase source
-engine e use engine e, possibly a hardware device.
-des encrypt PEM output, instead of 'des' every other
cipher supported by OpenSSL can be used
-text print the key
-noout don't print key out
-param_out print the elliptic curve parameters
-conv_form arg specifies the point conversion form
possible values: compressed
uncompressed (default)
hybrid
-param_enc arg specifies the way the ec parameters are encoded
in the asn1 der encoding
possible values: named_curve (default)
explicit
</pre>

==== Certificate Authority / ca ====

When you want to act as a Certificate Authority.

OpenSSL> ca
Using configuration from /usr/lib/ssl/openssl.cnf
Error opening CA private key ./demoCA/private/cakey.pem
140492277311144:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('./demoCA/private/cakey.pem','r')
140492277311144:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load CA private key
error in ca

By default you don't have ca created...

==== Certificate Request / pkcs10 / req ====

OpenSSL> req ?
unknown option ?
req [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-out arg output file
-text text form of request
-pubkey output public key
-noout do not output REQ
-verify verify signature on REQ
-modulus RSA modulus
-nodes don't encrypt the output key
-engine e use engine e, possibly a hardware device
-subject output the request's subject
-passin private key password source
-key file use the private key contained in file
-keyform arg key file format
-keyout arg file to send the key to
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
-newkey rsa:bits generate a new RSA key of 'bits' in size
-newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'
-newkey ec:file generate a new EC key, parameters taken from CA in 'file'
-[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)
-config file request template file.
-subj arg set or modify request subject
-multivalue-rdn enable support for multivalued RDNs
-new new request.
-batch do not ask anything during request generation
-x509 output a x509 structure instead of a cert. req.
-days number of days a certificate generated by -x509 is valid for.
-set_serial serial number to use for a certificate generated by -x509.
-newhdr output "NEW" in the header lines
-asn1-kludge Output the 'request' in a format that is wrong but some CA's
have been reported as requiring
-extensions .. specify certificate extension section (override value in config file)
-reqexts .. specify request extension section (override value in config file)
-utf8 input characters are UTF8 (default ASCII)
-nameopt arg - various certificate name options
-reqopt arg - various request text options

error in req

==== Certificates AKA x509 ====

x509 command allows you to display content of a x509 certificate and to convert it from/to [[PEM]], [[NET]] or [[DER]] formats.

OpenSSL> x509 help
unknown option help
usage: x509 args
-inform arg - input format - default PEM (one of DER, NET or PEM)
-outform arg - output format - default PEM (one of DER, NET or PEM)
-keyform arg - private key format - default PEM
-CAform arg - CA format - default PEM
-CAkeyform arg - CA key format - default PEM
-in arg - input file - default stdin
-out arg - output file - default stdout
-passin arg - private key password source
-serial - print serial number value
-subject_hash - print subject hash value
-subject_hash_old - print old-style (MD5) subject hash value
-issuer_hash - print issuer hash value
-issuer_hash_old - print old-style (MD5) issuer hash value
-hash - synonym for -subject_hash
-subject - print subject DN
-issuer - print issuer DN
-email - print email address(es)
-startdate - notBefore field
-enddate - notAfter field
-purpose - print out certificate purposes
-dates - both Before and After dates
-modulus - print the RSA key modulus
-pubkey - output the public key
-fingerprint - print the certificate fingerprint
-alias - output certificate alias
-noout - no certificate output
-ocspid - print OCSP hash values for the subject name and public key
-ocsp_uri - print OCSP Responder URL(s)
-trustout - output a "trusted" certificate
-clrtrust - clear all trusted purposes
-clrreject - clear all rejected purposes
-addtrust arg - trust certificate for a given purpose
-addreject arg - reject certificate for a given purpose
-setalias arg - set certificate alias
-days arg - How long till expiry of a signed certificate - def 30 days
-checkend arg - check whether the cert expires in the next arg seconds
exit 1 if so, 0 if not
-signkey arg - self sign cert with arg
-x509toreq - output a certification request object
-req - input is a certificate request, sign and output.
-CA arg - set the CA certificate, must be PEM format.
-CAkey arg - set the CA key, must be PEM format
missing, it is assumed to be in the CA file.
-CAcreateserial - create serial number file if it does not exist
-CAserial arg - serial file
-set_serial - serial number to use
-text - print the certificate in text form
-C - print out C code forms
-md2/-md5/-sha1/-mdc2 - digest to use
-extfile - configuration file with X509V3 extensions to add
-extensions - section from config file with X509V3 extensions to add
-clrext - delete extensions before signing and input certificate
-nameopt arg - various certificate name options
-engine e - use engine e, possibly a hardware device.
-certopt arg - various certificate text options

==== Client Certificates AKA pkcs12 ====

Client Certificate is a language abuse, but anyway it is kind of file you need to install on your system when SSL/TLS server require Client Authentication.
Those kind of certificates credentials are known with .'''pkcs12''' or .'''pfx''' file extension.
They contains a x509 Certificate and the public/private key of client. Those files are then very sensible to handle with same security as a private key.

<pre>
Usage: pkcs12 [options]
where options are
-export output PKCS12 file
-chain add certificate chain
-inkey file private key if not infile
-certfile f add all certs in f
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-name "name" use name as friendly name
-caname "nm" use nm as CA friendly name (can be used more than once).
-in infile input filename
-out outfile output filename
-noout don't output anything, just verify.
-nomacver don't verify MAC.
-nocerts don't output certificates.
-clcerts only output client certificates.
-cacerts only output CA certificates.
-nokeys don't output private keys.
-info give info about PKCS#12 structure.
-des encrypt private keys with DES
-des3 encrypt private keys with triple DES (default)
-seed encrypt private keys with seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-nodes don't encrypt private keys
-noiter don't use encryption iteration
-nomaciter don't use MAC iteration
-maciter use MAC iteration
-nomac don't generate MAC
-twopass separate MAC, encryption passwords
-descert encrypt PKCS#12 certificates with triple DES (default RC2-40)
-certpbe alg specify certificate PBE algorithm (default RC2-40)
-keypbe alg specify private key PBE algorithm (default 3DES)
-macalg alg digest algorithm used in MAC (default SHA1)
-keyex set MS key exchange type
-keysig set MS key signature type
-password p set import/export password source
-passin p input file pass phrase source
-passout p output file pass phrase source
-engine e use engine e, possibly a hardware device.
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
-CSP name Microsoft CSP name
-LMK Add local machine keyset attribute to private key
</pre>

=== SSL/TLS and Certificates ONLINE services ===

==== s_server ====

This implements a generic SSL/TLS server.

<pre>
openssl s_server
Error opening server certificate private key file server.pem
139811478357672:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('server.pem','r')
139811478357672:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load server certificate private key file
</pre>

'''you need to provide certificate and private key to be able to run SSL/TLS server.'''

<pre>
openssl s_server --help
unknown option --help
usage: s_server [args ...]

-accept arg - port to accept on (default is 4433)
-context arg - set session ID context
-verify arg - turn on peer certificate verification
-Verify arg - turn on peer certificate verification, must have a cert.
-cert arg - certificate file to use
(default is server.pem)
-crl_check - check the peer certificate has not been revoked by its CA.
The CRL(s) are appended to the certificate file
-crl_check_all - check the peer certificate has not been revoked by its CA
or any other CRL in the CA chain. CRL(s) are appened to the
the certificate file.
-certform arg - certificate format (PEM or DER) PEM default
-key arg - Private Key file to use, in cert file if
not specified (default is server.pem)
-keyform arg - key format (PEM, DER or ENGINE) PEM default
-pass arg - private key file pass phrase source
-dcert arg - second certificate file to use (usually for DSA)
-dcertform x - second certificate format (PEM or DER) PEM default
-dkey arg - second private key file to use (usually for DSA)
-dkeyform arg - second key format (PEM, DER or ENGINE) PEM default
-dpass arg - second private key file pass phrase source
-dhparam arg - DH parameter file to use, in cert file if not specified
or a default set of parameters is used
-named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.
Use "openssl ecparam -list_curves" for all names
(default is nistp256).
-nbio - Run with non-blocking IO
-nbio_test - test with the non-blocking test bio
-crlf - convert LF from terminal into CRLF
-debug - Print more output
-msg - Show protocol messages
-state - Print the SSL states
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-nocert - Don't use any certificates (Anon-DH)
-cipher arg - play with 'openssl ciphers' to see what goes here
-serverpref - Use server's cipher preferences
-quiet - No server output
-no_tmp_rsa - Do not generate a tmp RSA key
-psk_hint arg - PSK identity hint to use
-psk arg - PSK in hex (without 0x)
-srpvfile file - The verifier file for SRP
-srpuserseed string - A seed string for a default user salt.
-ssl2 - Just talk SSLv2
-ssl3 - Just talk SSLv3
-tls1_2 - Just talk TLSv1.2
-tls1_1 - Just talk TLSv1.1
-tls1 - Just talk TLSv1
-dtls1 - Just talk DTLSv1
-timeout - Enable timeouts
-mtu - Set link layer MTU
-chain - Read a certificate chain
-no_ssl2 - Just disable SSLv2
-no_ssl3 - Just disable SSLv3
-no_tls1 - Just disable TLSv1
-no_tls1_1 - Just disable TLSv1.1
-no_tls1_2 - Just disable TLSv1.2
-no_dhe - Disable ephemeral DH
-no_ecdhe - Disable ephemeral ECDH
-bugs - Turn on SSL bug compatibility
-www - Respond to a 'GET /' with a status page
-WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>
-HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>
with the assumption it contains a complete HTTP response.
-engine id - Initialise and use the specified engine
-id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'
-rand file:file:...
-servername host - servername for HostName TLS extension
-servername_fatal - on mismatch send fatal alert (default warning alert)
-cert2 arg - certificate file to use for servername
(default is server2.pem)
-key2 arg - Private Key file to use for servername, in cert file if
not specified (default is server2.pem)
-tlsextdebug - hex dump of all TLS extensions received
-no_ticket - disable use of RFC4507bis session tickets
-legacy_renegotiation - enable use of legacy renegotiation (dangerous)
-nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)
-use_srtp profiles - Offer SRTP key management with a colon-separated profile list
-keymatexport label - Export keying material using label
-keymatexportlen len - Export len bytes of keying material (default 20)
</pre>

==== s_client ====

This implements a generic SSL/TLS client

<pre>
unknown option --help
usage: s_client args

-host host - use -connect instead
-port port - use -connect instead
-connect host:port - who to connect to (default is localhost:4433)
-verify arg - turn on peer certificate verification
-cert arg - certificate file to use, PEM format assumed
-certform arg - certificate format (PEM or DER) PEM default
-key arg - Private key file to use, in cert file if
not specified but cert file is.
-keyform arg - key format (PEM or DER) PEM default
-pass arg - private key file pass phrase source
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-reconnect - Drop and re-make the connection with the same Session-ID
-pause - sleep(1) after each read(2) and write(2) system call
-showcerts - show all certificates in the chain
-debug - extra output
-msg - Show protocol messages
-nbio_test - more ssl protocol testing
-state - print the 'ssl' states
-nbio - Run with non-blocking IO
-crlf - convert LF from terminal into CRLF
-quiet - no s_client output
-ign_eof - ignore input eof (default when -quiet)
-no_ign_eof - don't ignore input eof
-psk_identity arg - PSK identity
-psk arg - PSK in hex (without 0x)
-srpuser user - SRP authentification for 'user'
-srppass arg - password for 'user'
-srp_lateuser - SRP username into second ClientHello message
-srp_moregroups - Tolerate other than the known g N values.
-srp_strength int - minimal mength in bits for N (default 1024).
-ssl2 - just use SSLv2
-ssl3 - just use SSLv3
-tls1_2 - just use TLSv1.2
-tls1_1 - just use TLSv1.1
-tls1 - just use TLSv1
-dtls1 - just use DTLSv1
-mtu - set the link layer MTU
-no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol
-bugs - Switch on all SSL implementation bug workarounds
-serverpref - Use server's cipher preferences (only SSLv2)
-cipher - preferred cipher to use, use the 'openssl ciphers'
command to see what is available
-starttls prot - use the STARTTLS command before starting TLS
for those protocols that support it, where
'prot' defines which one to assume. Currently,
only "smtp", "pop3", "imap", "ftp" and "xmpp"
are supported.
-engine id - Initialise and use the specified engine
-rand file:file:...
-sess_out arg - file to write SSL session to
-sess_in arg - file to read SSL session from
-servername host - Set TLS extension servername in ClientHello
-tlsextdebug - hex dump of all TLS extensions received
-status - request certificate status from server
-no_ticket - disable use of RFC4507bis session tickets
-nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)
-legacy_renegotiation - enable use of legacy renegotiation (dangerous)
-use_srtp profiles - Offer SRTP key management with a colon-separated profile list
-keymatexport label - Export keying material using label
-keymatexportlen len - Export len bytes of keying material (default 20)
</pre>

==== ocsp ====

=== Signing / Digest and Timestamping ===

==== Signing / Digest ====

<pre>
openssl dgst --help
unknown option '--help'
options are
-c to output the digest with separating colons
-r to output the digest in coreutils format
-d to output debug info
-hex output as hex dump
-binary output in binary form
-hmac arg set the HMAC key to arg
-non-fips-allow allow use of non FIPS digest
-sign file sign digest using private key in file
-verify file verify a signature using public key in file
-prverify file verify a signature using private key in file
-keyform arg key file format (PEM or ENGINE)
-out filename output to filename rather than stdout
-signature file signature to verify
-sigopt nm:v signature parameter
-hmac key create hashed MAC with key
-mac algorithm create MAC (not neccessarily HMAC)
-macopt nm:v MAC algorithm parameters or key
-engine e use engine e, possibly a hardware device.
-md4 to use the md4 message digest algorithm
-md5 to use the md5 message digest algorithm
-ripemd160 to use the ripemd160 message digest algorithm
-sha to use the sha message digest algorithm
-sha1 to use the sha1 message digest algorithm
-sha224 to use the sha224 message digest algorithm
-sha256 to use the sha256 message digest algorithm
-sha384 to use the sha384 message digest algorithm
-sha512 to use the sha512 message digest algorithm
-whirlpool to use the whirlpool message digest algorithm
</pre>
==== timestamping ====

openssl ts

<pre>
usage:
ts -query [-rand file:file:...] [-config configfile] [-data file_to_hash] [-digest digest_bytes][-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] [-policy object_id] [-no_nonce] [-cert] [-in request.tsq] [-out request.tsq] [-text]
or
ts -reply [-config configfile] [-section tsa_section] [-queryfile request.tsq] [-passin password] [-signer tsa_cert.pem] [-inkey private_key.pem] [-chain certs_file.pem] [-policy object_id] [-in response.tsr] [-token_in] [-out response.tsr] [-token_out] [-text] [-engine id]
or
ts -verify [-data file_to_hash] [-digest digest_bytes] [-queryfile request.tsq] -in response.tsr [-token_in] -CApath ca_path -CAfile ca_file.pem -untrusted cert_file.pem
</pre>

=== Data handling ===

==== ASN.1 ====

[[DER]] decoding

openssl asn1parse

==== Base64 ====

base64 encoding / decoding

[[Base64]]

===== a String =====

<pre>
openssl base64 -e <<< 'Welcome to openssl wiki'
V2VsY29tZSB0byBvcGVuc3NsIHdpa2kK
openssl base64 -d <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kK'
Welcome to openssl wiki
</pre>

warning '''base64 line length is limited to 76 characters by default in openssl''' ( and generated with 64 characters / line ).

<pre>
openssl base64 -e <<< 'Welcome to openssl wiki with a very long line that splits...'
V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRo
YXQgc3BsaXRzLi4uCg==
openssl base64 -d <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRoYXQgc3BsaXRzLi4uCg=='
</pre>
=> NOTHING !

to be able to decode a base64 line without line feed that exceed 76 characters use -A option :

<pre>
openssl base64 -d -A <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRoYXQgc3BsaXRzLi4uCg=='
Welcome to openssl wiki with a very long line that splits...
</pre>

This is anyway better to actualy split base64 result in 64 characters lines since -A option is BUGGY ( limit with long files ).

==== DER <-> PEM conversion ====

on each command handling PEM and DER format an '''inform''' and '''outform''' options are provided to specify it.
Then it is easy to read it in format and write it in another

==== pkcs8 / pkcs5 ====

pkcs8 is a format to store private keys.
pkcs8 uses various pkcs5 version as subformat.

<pre>
openssl pkcs8 --help
Usage pkcs8 [options]
where options are
-in file input file
-inform X input format (DER or PEM)
-passin arg input file pass phrase source
-outform X output format (DER or PEM)
-out file output file
-passout arg output file pass phrase source
-topk8 output PKCS8 file
-nooct use (nonstandard) no octet format
-embed use (nonstandard) embedded DSA parameters format
-nsdb use (nonstandard) DSA Netscape DB format
-noiter use 1 as iteration count
-nocrypt use or expect unencrypted private key
-v2 alg use PKCS#5 v2.0 and cipher "alg"
-v1 obj use PKCS#5 v1.5 and cipher "alg"
-engine e use engine e, possibly a hardware device.
</pre>

=== Diagnostics ===

==== SSL/TLS session information ====

<pre>
openssl sess_id --help
unknown option --help
usage: sess_id args

-inform arg - input format - default PEM (DER or PEM)
-outform arg - output format - default PEM
-in arg - input file - default stdin
-out arg - output file - default stdout
-text - print ssl session id details
-cert - output certificate
-noout - no CRL output
-context arg - set the session ID context
</pre>

[[Category:Shell level]]

Command Line Utilities

2013-06-20T16:19:22Z

Frukto: how to list commands, synopsis, minor changes in the getting started section

[http://www.openssl.org/docs/apps/openssl.html OpenSSL site command line tools]

=== Getting started with your openssl toolkit ===

When installed on your system openssl binary (usually /usr/bin/openssl) is an entry point for many functions. You call it following the pattern
<pre>
$ openssl command [ command_opts ] [ command_args ]
</pre>

Alternatively you can call it without arguments to enter the interactive mode with an 'OpenSSL>' prompt. Then you can directly type your commands. You can leave the interactive mode with Ctrl+C or Ctrl+D or by typing 'quit':
<pre>
OpenSSL> quit
</pre>

There are three different kinds of commands. These are [[standard commands]], [[cipher commands]], and [[message-digest commands]]. In the following an overview over some commands is given. These are grouped by purpose and not necessarily by the classification just mentioned.

=== Learn about your installation ===

==== List commands by type ====

You can get a list of available commands by calling

<pre>
$ openssl list-standard-commands
$ openssl list-cipher-commands
$ openssl list-message-digest-commands
</pre>

==== version ====

OpenSSL> version
OpenSSL 1.0.1e 11 Feb 2013

==== ciphers ====

returns SSL/TLS ciphers supported.

<pre>
OpenSSL> ciphers
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:PSK-3DES-EDE-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:PSK-AES128-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5
</pre>

openssl list-cipher-algorithms

openssl list-public-key-algorithms
<pre>
Name: OpenSSL RSA method
Type: Builtin Algorithm
OID: rsaEncryption
PEM string: RSA
Name: rsa
Type: Alias to rsaEncryption
Name: OpenSSL PKCS#3 DH method
Type: Builtin Algorithm
OID: dhKeyAgreement
PEM string: DH
Name: dsaWithSHA
Type: Alias to dsaEncryption
Name: dsaEncryption-old
Type: Alias to dsaEncryption
Name: dsaWithSHA1-old
Type: Alias to dsaEncryption
Name: dsaWithSHA1
Type: Alias to dsaEncryption
Name: OpenSSL DSA method
Type: Builtin Algorithm
OID: dsaEncryption
PEM string: DSA
Name: OpenSSL EC algorithm
Type: Builtin Algorithm
OID: id-ecPublicKey
PEM string: EC
Name: OpenSSL HMAC method
Type: Builtin Algorithm
OID: hmac
PEM string: HMAC
Name: OpenSSL CMAC method
Type: Builtin Algorithm
OID: cmac
PEM string: CMAC
</pre>

==== engine ====

OpenSSL> engine
(rsax) RSAX engine support
(dynamic) Dynamic engine loading support

==== speed ====

returns informations of toolkit performance on cryptographic functions computations.

( Ex: on Linux 3.1.0-1-amd64 #1 SMP x86_64 GNU/Linux, HP dv7 i7 4Gb )

<pre>
Doing md4 for 3s on 16 size blocks: 12430613 md4's in 3.00s
...
Doing md5 for 3s on 16 size blocks: 8943943 md5's in 2.99s
Doing md5 for 3s on 64 size blocks: 6560162 md5's in 3.00s
Doing md5 for 3s on 256 size blocks: 3674563 md5's in 3.00s
Doing md5 for 3s on 1024 size blocks: 1325803 md5's in 3.00s
Doing md5 for 3s on 8192 size blocks: 190271 md5's in 3.00s
Doing hmac(md5) for 3s on 16 size blocks: 7289025 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 64 size blocks: 5519732 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 256 size blocks: 3319123 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 1024 size blocks: 1275475 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 8192 size blocks: 187134 hmac(md5)'s in 3.00s
Doing sha1 for 3s on 16 size blocks: 10089842 sha1's in 2.99s
Doing sha1 for 3s on 64 size blocks: 7033355 sha1's in 3.00s
Doing sha1 for 3s on 256 size blocks: 3919372 sha1's in 3.00s
Doing sha1 for 3s on 1024 size blocks: 1374314 sha1's in 3.00s
Doing sha1 for 3s on 8192 size blocks: 198808 sha1's in 3.00s
Doing sha256 for 3s on 16 size blocks: 6462822 sha256's in 3.00s
Doing sha256 for 3s on 64 size blocks: 3504641 sha256's in 3.00s
Doing sha256 for 3s on 256 size blocks: 1486771 sha256's in 3.00s
Doing sha256 for 3s on 1024 size blocks: 440613 sha256's in 3.00s
Doing sha256 for 3s on 8192 size blocks: 58418 sha256's in 3.00s
Doing sha512 for 3s on 16 size blocks: 5040453 sha512's in 2.99s
Doing sha512 for 3s on 64 size blocks: 5089425 sha512's in 3.00s
Doing sha512 for 3s on 256 size blocks: 1865240 sha512's in 3.00s
Doing sha512 for 3s on 1024 size blocks: 643708 sha512's in 3.00s
Doing sha512 for 3s on 8192 size blocks: 90615 sha512's in 3.00s
...
Doing whirlpool for 3s on 8192 size blocks: 33204 whirlpool's in 3.00s
...
Doing rmd160 for 3s on 8192 size blocks: 66719 rmd160's in 3.00s
...
Doing rc4 for 3s on 8192 size blocks: 238972 rc4's in 3.00s
...
Doing des cbc for 3s on 8192 size blocks: 19837 des cbc's in 3.00s
...
Doing des ede3 for 3s on 8192 size blocks: 7706 des ede3's in 3.00s
...
Doing aes-128 cbc for 3s on 8192 size blocks: 35217 aes-128 cbc's in 3.00s
...
Doing aes-192 cbc for 3s on 8192 size blocks: 29225 aes-192 cbc's in 3.01s
...
Doing aes-256 cbc for 3s on 8192 size blocks: 24414 aes-256 cbc's in 3.00s
...
Doing aes-256 ige for 3s on 8192 size blocks: 23331 aes-256 ige's in 2.99s
...
</pre>

=== Basic encryption ===

==== Basic file ====

to cipher a file or data to protect and share it protected by a shared key.

symetric cipher :
[[AES]] [[Blowfish]] [[RC4]] [[3DES]] [[RC2]] [[DES]] [[CAST5]] [[SEED]]

block to stream conversion :
[[ECB]] [[CBC]] [[OFB]] [[CFB]] [[CTR]] [[XTS]] [[GCM]]

compression :
[[ZLIB]]

<pre>
Cipher commands (see the `enc' command for more details)
aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb
aes-256-cbc aes-256-ecb base64 bf
bf-cbc bf-cfb bf-ecb bf-ofb
camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb
camellia-256-cbc camellia-256-ecb cast cast-cbc
cast5-cbc cast5-cfb cast5-ecb cast5-ofb
des des-cbc des-cfb des-ecb
des-ede des-ede-cbc des-ede-cfb des-ede-ofb
des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb
des-ofb des3 desx rc2
rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb
rc2-ecb rc2-ofb rc4 rc4-40
seed seed-cbc seed-cfb seed-ecb
seed-ofb zlib
</pre>

<pre>
openssl enc --help
unknown option '--help'
options are
-in <file> input file
-out <file> output file
-pass <arg> pass phrase source
-e encrypt
-d decrypt
-a/-base64 base64 encode/decode, depending on encryption flag
-k passphrase is the next argument
-kfile passphrase is the first line of the file argument
-md the next argument is the md to use to create a key
from a passphrase. One of md2, md5, sha or sha1
-S salt in hex is the next argument
-K/-iv key/iv in hex is the next argument
-[pP] print the iv/key (then exit if -P)
-bufsize <n> buffer size
-nopad disable standard block padding
-engine e use engine e, possibly a hardware device.
Cipher Types
-aes-128-cbc -aes-128-cfb -aes-128-cfb1
-aes-128-cfb8 -aes-128-ctr -aes-128-ecb
-aes-128-gcm -aes-128-ofb -aes-128-xts
-aes-192-cbc -aes-192-cfb -aes-192-cfb1
-aes-192-cfb8 -aes-192-ctr -aes-192-ecb
-aes-192-gcm -aes-192-ofb -aes-256-cbc
-aes-256-cfb -aes-256-cfb1 -aes-256-cfb8
-aes-256-ctr -aes-256-ecb -aes-256-gcm
-aes-256-ofb -aes-256-xts -aes128
-aes192 -aes256 -bf
-bf-cbc -bf-cfb -bf-ecb
-bf-ofb -blowfish -camellia-128-cbc
-camellia-128-cfb -camellia-128-cfb1 -camellia-128-cfb8
-camellia-128-ecb -camellia-128-ofb -camellia-192-cbc
-camellia-192-cfb -camellia-192-cfb1 -camellia-192-cfb8
-camellia-192-ecb -camellia-192-ofb -camellia-256-cbc
-camellia-256-cfb -camellia-256-cfb1 -camellia-256-cfb8
-camellia-256-ecb -camellia-256-ofb -camellia128
-camellia192 -camellia256 -cast
-cast-cbc -cast5-cbc -cast5-cfb
-cast5-ecb -cast5-ofb -des
-des-cbc -des-cfb -des-cfb1
-des-cfb8 -des-ecb -des-ede
-des-ede-cbc -des-ede-cfb -des-ede-ofb
-des-ede3 -des-ede3-cbc -des-ede3-cfb
-des-ede3-cfb1 -des-ede3-cfb8 -des-ede3-ofb
-des-ofb -des3 -desx
-desx-cbc -id-aes128-GCM -id-aes192-GCM
-id-aes256-GCM -rc2 -rc2-40-cbc
-rc2-64-cbc -rc2-cbc -rc2-cfb
-rc2-ecb -rc2-ofb -rc4
-rc4-40 -rc4-hmac-md5 -seed
-seed-cbc -seed-cfb -seed-ecb
-seed-ofb
</pre>

==== Mail / SMIME ====

===== smime v2 pkcs7 1.5 =====

<pre>
openssl smime --help
Usage smime [options] cert.pem ...
where options are
-encrypt encrypt message
-decrypt decrypt encrypted message
-sign sign message
-verify verify signed message
-pk7out output PKCS#7 structure
-des3 encrypt with triple DES
-des encrypt with DES
-seed encrypt with SEED
-rc2-40 encrypt with RC2-40 (default)
-rc2-64 encrypt with RC2-64
-rc2-128 encrypt with RC2-128
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-nointern don't search certificates in message for signer
-nosigs don't verify message signature
-noverify don't verify signers certificate
-nocerts don't include signers certificate when signing
-nodetach use opaque signing
-noattr don't include any signed attributes
-binary don't translate message to text
-certfile file other certificates file
-signer file signer certificate file
-recip file recipient certificate file for decryption
-in file input file
-inform arg input format SMIME (default), PEM or DER
-inkey file input private key (if not signer or recipient)
-keyform arg input private key format (PEM or ENGINE)
-out file output file
-outform arg output format SMIME (default), PEM or DER
-content file supply or override content for detached signature
-to addr to address
-from ad from address
-subject s subject
-text include or delete text MIME headers
-CApath dir trusted certificates directory
-CAfile file trusted certificates file
-crl_check check revocation status of signer's certificate using CRLs
-crl_check_all check revocation status of signer's certificate chain using CRLs
-engine e use engine e, possibly a hardware device.
-passin arg input file pass phrase source
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
cert.pem recipient certificate(s) for encryption
</pre>

===== smime v3 cms =====

<pre>
openssl cms --help
Usage cms [options] cert.pem ...
where options are
-encrypt encrypt message
-decrypt decrypt encrypted message
-sign sign message
-verify verify signed message
-cmsout output CMS structure
-des3 encrypt with triple DES
-des encrypt with DES
-seed encrypt with SEED
-rc2-40 encrypt with RC2-40 (default)
-rc2-64 encrypt with RC2-64
-rc2-128 encrypt with RC2-128
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-nointern don't search certificates in message for signer
-nosigs don't verify message signature
-noverify don't verify signers certificate
-nocerts don't include signers certificate when signing
-nodetach use opaque signing
-noattr don't include any signed attributes
-binary don't translate message to text
-certfile file other certificates file
-certsout file certificate output file
-signer file signer certificate file
-recip file recipient certificate file for decryption
-keyid use subject key identifier
-in file input file
-inform arg input format SMIME (default), PEM or DER
-inkey file input private key (if not signer or recipient)
-keyform arg input private key format (PEM or ENGINE)
-out file output file
-outform arg output format SMIME (default), PEM or DER
-content file supply or override content for detached signature
-to addr to address
-from ad from address
-subject s subject
-text include or delete text MIME headers
-CApath dir trusted certificates directory
-CAfile file trusted certificates file
-crl_check check revocation status of signer's certificate using CRLs
-crl_check_all check revocation status of signer's certificate chain using CRLs
-engine e use engine e, possibly a hardware device.
-passin arg input file pass phrase source
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
cert.pem recipient certificate(s) for encryption
</pre>

=== Create / Handle Public Key Certificates ===

This requires you have a knowledge of what PKI is ( Certificate Authorities, Certificate Request, Certificate, Public Key, Private Key )

Classical use case is to obtain a valid Certificate for a Secured Web site ( https protocol ).
First you create a Private Key ( will be created together with Public key ).
Then create a Certificate Request for that private key with some informations for purpose of future Certificate.
Then send that Certificate Request to a Certificate Authority ( CA ) that will issue a Certificate that CA signed. For well known CA you need to pay.
Up to you to install your Private key together with the received Certificate on your system.

It exists graphical front-end to operate openssl wihtin a GUI : [http://xca.sourceforge.net/ XCA]

==== Key Generation ====

===== rsa / genrsa =====

RSA is the most common type of Public/Private Key.
Private Key part should never be disclosed while public key part is ... public.

<pre>
openssl genrsa --help
usage: genrsa [args] [numbits]
-des encrypt the generated key with DES in cbc mode
-des3 encrypt the generated key with DES in ede cbc mode (168 bit key)
-seed
encrypt PEM output with cbc seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-out file output the key to 'file
-passout arg output file pass phrase source
-f4 use F4 (0x10001) for the E value
-3 use 3 for the E value
-engine e use engine e, possibly a hardware device.
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
</pre>

<pre>
rsa help
unknown option help
rsa [options] <infile >outfile
where options are
-inform arg input format - one of DER NET PEM
-outform arg output format - one of DER NET PEM
-in arg input file
-sgckey Use IIS SGC key format
-passin arg input file pass phrase source
-out arg output file
-passout arg output file pass phrase source
-des encrypt PEM output with cbc des
-des3 encrypt PEM output with ede cbc des using 168 bit key
-seed encrypt PEM output with cbc seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-text print the key in text
-noout don't print key out
-modulus print the RSA key modulus
-check verify key consistency
-pubin expect a public key in input file
-pubout output a public key
-engine e use engine e, possibly a hardware device.
error in rsa
</pre>

===== dsa / gendsa=====

dsa is a less common Public/Private key scheme, but can be seen anyway, so ...

<pre>
openssl gendsa
usage: gendsa [args] dsaparam-file
-out file - output the key to 'file'
-des - encrypt the generated key with DES in cbc mode
-des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)
-seed
encrypt PEM output with cbc seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-engine e - use engine e, possibly a hardware device.
-rand file:file:...
- load the file (or the files in the directory) into
the random number generator
dsaparam-file
- a DSA parameter file as generated by the dsaparam command

</pre>

<pre>
OpenSSL> dsa help
unknown option help
dsa [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-passin arg input file pass phrase source
-out arg output file
-passout arg output file pass phrase source
-engine e use engine e, possibly a hardware device.
-des encrypt PEM output with cbc des
-des3 encrypt PEM output with ede cbc des using 168 bit key
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-seed encrypt PEM output with cbc seed
-text print the key in text
-noout don't print key out
-modulus print the DSA public value
error in dsa
</pre>

===== Elliptic Curves / ec ecparam =====

[[Elliptic_Curve_Cryptography]]

<pre>
openssl ecparam --help
unknown option --help
ecparam [options] <infile >outfile
where options are
-inform arg input format - default PEM (DER or PEM)
-outform arg output format - default PEM
-in arg input file - default stdin
-out arg output file - default stdout
-noout do not print the ec parameter
-text print the ec parameters in text form
-check validate the ec parameters
-C print a 'C' function creating the parameters
-name arg use the ec parameters with 'short name' name
-list_curves prints a list of all currently available curve 'short names'
-conv_form arg specifies the point conversion form
possible values: compressed
uncompressed (default)
hybrid
-param_enc arg specifies the way the ec parameters are encoded
in the asn1 der encoding
possible values: named_curve (default)
explicit
-no_seed if 'explicit' parameters are chosen do not use the seed
-genkey generate ec key
-rand file files to use for random number input
-engine e use engine e, possibly a hardware device
</pre>

<pre>
ec [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-passin arg input file pass phrase source
-out arg output file
-passout arg output file pass phrase source
-engine e use engine e, possibly a hardware device.
-des encrypt PEM output, instead of 'des' every other
cipher supported by OpenSSL can be used
-text print the key
-noout don't print key out
-param_out print the elliptic curve parameters
-conv_form arg specifies the point conversion form
possible values: compressed
uncompressed (default)
hybrid
-param_enc arg specifies the way the ec parameters are encoded
in the asn1 der encoding
possible values: named_curve (default)
explicit
</pre>

==== Certificate Authority / ca ====

When you want to act as a Certificate Authority.

OpenSSL> ca
Using configuration from /usr/lib/ssl/openssl.cnf
Error opening CA private key ./demoCA/private/cakey.pem
140492277311144:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('./demoCA/private/cakey.pem','r')
140492277311144:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load CA private key
error in ca

By default you don't have ca created...

==== Certificate Request / pkcs10 / req ====

OpenSSL> req ?
unknown option ?
req [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-out arg output file
-text text form of request
-pubkey output public key
-noout do not output REQ
-verify verify signature on REQ
-modulus RSA modulus
-nodes don't encrypt the output key
-engine e use engine e, possibly a hardware device
-subject output the request's subject
-passin private key password source
-key file use the private key contained in file
-keyform arg key file format
-keyout arg file to send the key to
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
-newkey rsa:bits generate a new RSA key of 'bits' in size
-newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'
-newkey ec:file generate a new EC key, parameters taken from CA in 'file'
-[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)
-config file request template file.
-subj arg set or modify request subject
-multivalue-rdn enable support for multivalued RDNs
-new new request.
-batch do not ask anything during request generation
-x509 output a x509 structure instead of a cert. req.
-days number of days a certificate generated by -x509 is valid for.
-set_serial serial number to use for a certificate generated by -x509.
-newhdr output "NEW" in the header lines
-asn1-kludge Output the 'request' in a format that is wrong but some CA's
have been reported as requiring
-extensions .. specify certificate extension section (override value in config file)
-reqexts .. specify request extension section (override value in config file)
-utf8 input characters are UTF8 (default ASCII)
-nameopt arg - various certificate name options
-reqopt arg - various request text options

error in req

==== Certificates AKA x509 ====

x509 command allows you to display content of a x509 certificate and to convert it from/to [[PEM]], [[NET]] or [[DER]] formats.

OpenSSL> x509 help
unknown option help
usage: x509 args
-inform arg - input format - default PEM (one of DER, NET or PEM)
-outform arg - output format - default PEM (one of DER, NET or PEM)
-keyform arg - private key format - default PEM
-CAform arg - CA format - default PEM
-CAkeyform arg - CA key format - default PEM
-in arg - input file - default stdin
-out arg - output file - default stdout
-passin arg - private key password source
-serial - print serial number value
-subject_hash - print subject hash value
-subject_hash_old - print old-style (MD5) subject hash value
-issuer_hash - print issuer hash value
-issuer_hash_old - print old-style (MD5) issuer hash value
-hash - synonym for -subject_hash
-subject - print subject DN
-issuer - print issuer DN
-email - print email address(es)
-startdate - notBefore field
-enddate - notAfter field
-purpose - print out certificate purposes
-dates - both Before and After dates
-modulus - print the RSA key modulus
-pubkey - output the public key
-fingerprint - print the certificate fingerprint
-alias - output certificate alias
-noout - no certificate output
-ocspid - print OCSP hash values for the subject name and public key
-ocsp_uri - print OCSP Responder URL(s)
-trustout - output a "trusted" certificate
-clrtrust - clear all trusted purposes
-clrreject - clear all rejected purposes
-addtrust arg - trust certificate for a given purpose
-addreject arg - reject certificate for a given purpose
-setalias arg - set certificate alias
-days arg - How long till expiry of a signed certificate - def 30 days
-checkend arg - check whether the cert expires in the next arg seconds
exit 1 if so, 0 if not
-signkey arg - self sign cert with arg
-x509toreq - output a certification request object
-req - input is a certificate request, sign and output.
-CA arg - set the CA certificate, must be PEM format.
-CAkey arg - set the CA key, must be PEM format
missing, it is assumed to be in the CA file.
-CAcreateserial - create serial number file if it does not exist
-CAserial arg - serial file
-set_serial - serial number to use
-text - print the certificate in text form
-C - print out C code forms
-md2/-md5/-sha1/-mdc2 - digest to use
-extfile - configuration file with X509V3 extensions to add
-extensions - section from config file with X509V3 extensions to add
-clrext - delete extensions before signing and input certificate
-nameopt arg - various certificate name options
-engine e - use engine e, possibly a hardware device.
-certopt arg - various certificate text options

==== Client Certificates AKA pkcs12 ====

Client Certificate is a language abuse, but anyway it is kind of file you need to install on your system when SSL/TLS server require Client Authentication.
Those kind of certificates credentials are known with .'''pkcs12''' or .'''pfx''' file extension.
They contains a x509 Certificate and the public/private key of client. Those files are then very sensible to handle with same security as a private key.

<pre>
Usage: pkcs12 [options]
where options are
-export output PKCS12 file
-chain add certificate chain
-inkey file private key if not infile
-certfile f add all certs in f
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-name "name" use name as friendly name
-caname "nm" use nm as CA friendly name (can be used more than once).
-in infile input filename
-out outfile output filename
-noout don't output anything, just verify.
-nomacver don't verify MAC.
-nocerts don't output certificates.
-clcerts only output client certificates.
-cacerts only output CA certificates.
-nokeys don't output private keys.
-info give info about PKCS#12 structure.
-des encrypt private keys with DES
-des3 encrypt private keys with triple DES (default)
-seed encrypt private keys with seed
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
encrypt PEM output with cbc camellia
-nodes don't encrypt private keys
-noiter don't use encryption iteration
-nomaciter don't use MAC iteration
-maciter use MAC iteration
-nomac don't generate MAC
-twopass separate MAC, encryption passwords
-descert encrypt PKCS#12 certificates with triple DES (default RC2-40)
-certpbe alg specify certificate PBE algorithm (default RC2-40)
-keypbe alg specify private key PBE algorithm (default 3DES)
-macalg alg digest algorithm used in MAC (default SHA1)
-keyex set MS key exchange type
-keysig set MS key signature type
-password p set import/export password source
-passin p input file pass phrase source
-passout p output file pass phrase source
-engine e use engine e, possibly a hardware device.
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
-CSP name Microsoft CSP name
-LMK Add local machine keyset attribute to private key
</pre>

=== SSL/TLS and Certificates ONLINE services ===

==== s_server ====

This implements a generic SSL/TLS server.

<pre>
openssl s_server
Error opening server certificate private key file server.pem
139811478357672:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('server.pem','r')
139811478357672:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load server certificate private key file
</pre>

'''you need to provide certificate and private key to be able to run SSL/TLS server.'''

<pre>
openssl s_server --help
unknown option --help
usage: s_server [args ...]

-accept arg - port to accept on (default is 4433)
-context arg - set session ID context
-verify arg - turn on peer certificate verification
-Verify arg - turn on peer certificate verification, must have a cert.
-cert arg - certificate file to use
(default is server.pem)
-crl_check - check the peer certificate has not been revoked by its CA.
The CRL(s) are appended to the certificate file
-crl_check_all - check the peer certificate has not been revoked by its CA
or any other CRL in the CA chain. CRL(s) are appened to the
the certificate file.
-certform arg - certificate format (PEM or DER) PEM default
-key arg - Private Key file to use, in cert file if
not specified (default is server.pem)
-keyform arg - key format (PEM, DER or ENGINE) PEM default
-pass arg - private key file pass phrase source
-dcert arg - second certificate file to use (usually for DSA)
-dcertform x - second certificate format (PEM or DER) PEM default
-dkey arg - second private key file to use (usually for DSA)
-dkeyform arg - second key format (PEM, DER or ENGINE) PEM default
-dpass arg - second private key file pass phrase source
-dhparam arg - DH parameter file to use, in cert file if not specified
or a default set of parameters is used
-named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.
Use "openssl ecparam -list_curves" for all names
(default is nistp256).
-nbio - Run with non-blocking IO
-nbio_test - test with the non-blocking test bio
-crlf - convert LF from terminal into CRLF
-debug - Print more output
-msg - Show protocol messages
-state - Print the SSL states
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-nocert - Don't use any certificates (Anon-DH)
-cipher arg - play with 'openssl ciphers' to see what goes here
-serverpref - Use server's cipher preferences
-quiet - No server output
-no_tmp_rsa - Do not generate a tmp RSA key
-psk_hint arg - PSK identity hint to use
-psk arg - PSK in hex (without 0x)
-srpvfile file - The verifier file for SRP
-srpuserseed string - A seed string for a default user salt.
-ssl2 - Just talk SSLv2
-ssl3 - Just talk SSLv3
-tls1_2 - Just talk TLSv1.2
-tls1_1 - Just talk TLSv1.1
-tls1 - Just talk TLSv1
-dtls1 - Just talk DTLSv1
-timeout - Enable timeouts
-mtu - Set link layer MTU
-chain - Read a certificate chain
-no_ssl2 - Just disable SSLv2
-no_ssl3 - Just disable SSLv3
-no_tls1 - Just disable TLSv1
-no_tls1_1 - Just disable TLSv1.1
-no_tls1_2 - Just disable TLSv1.2
-no_dhe - Disable ephemeral DH
-no_ecdhe - Disable ephemeral ECDH
-bugs - Turn on SSL bug compatibility
-www - Respond to a 'GET /' with a status page
-WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>
-HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>
with the assumption it contains a complete HTTP response.
-engine id - Initialise and use the specified engine
-id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'
-rand file:file:...
-servername host - servername for HostName TLS extension
-servername_fatal - on mismatch send fatal alert (default warning alert)
-cert2 arg - certificate file to use for servername
(default is server2.pem)
-key2 arg - Private Key file to use for servername, in cert file if
not specified (default is server2.pem)
-tlsextdebug - hex dump of all TLS extensions received
-no_ticket - disable use of RFC4507bis session tickets
-legacy_renegotiation - enable use of legacy renegotiation (dangerous)
-nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)
-use_srtp profiles - Offer SRTP key management with a colon-separated profile list
-keymatexport label - Export keying material using label
-keymatexportlen len - Export len bytes of keying material (default 20)
</pre>

==== s_client ====

This implements a generic SSL/TLS client

<pre>
unknown option --help
usage: s_client args

-host host - use -connect instead
-port port - use -connect instead
-connect host:port - who to connect to (default is localhost:4433)
-verify arg - turn on peer certificate verification
-cert arg - certificate file to use, PEM format assumed
-certform arg - certificate format (PEM or DER) PEM default
-key arg - Private key file to use, in cert file if
not specified but cert file is.
-keyform arg - key format (PEM or DER) PEM default
-pass arg - private key file pass phrase source
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-reconnect - Drop and re-make the connection with the same Session-ID
-pause - sleep(1) after each read(2) and write(2) system call
-showcerts - show all certificates in the chain
-debug - extra output
-msg - Show protocol messages
-nbio_test - more ssl protocol testing
-state - print the 'ssl' states
-nbio - Run with non-blocking IO
-crlf - convert LF from terminal into CRLF
-quiet - no s_client output
-ign_eof - ignore input eof (default when -quiet)
-no_ign_eof - don't ignore input eof
-psk_identity arg - PSK identity
-psk arg - PSK in hex (without 0x)
-srpuser user - SRP authentification for 'user'
-srppass arg - password for 'user'
-srp_lateuser - SRP username into second ClientHello message
-srp_moregroups - Tolerate other than the known g N values.
-srp_strength int - minimal mength in bits for N (default 1024).
-ssl2 - just use SSLv2
-ssl3 - just use SSLv3
-tls1_2 - just use TLSv1.2
-tls1_1 - just use TLSv1.1
-tls1 - just use TLSv1
-dtls1 - just use DTLSv1
-mtu - set the link layer MTU
-no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol
-bugs - Switch on all SSL implementation bug workarounds
-serverpref - Use server's cipher preferences (only SSLv2)
-cipher - preferred cipher to use, use the 'openssl ciphers'
command to see what is available
-starttls prot - use the STARTTLS command before starting TLS
for those protocols that support it, where
'prot' defines which one to assume. Currently,
only "smtp", "pop3", "imap", "ftp" and "xmpp"
are supported.
-engine id - Initialise and use the specified engine
-rand file:file:...
-sess_out arg - file to write SSL session to
-sess_in arg - file to read SSL session from
-servername host - Set TLS extension servername in ClientHello
-tlsextdebug - hex dump of all TLS extensions received
-status - request certificate status from server
-no_ticket - disable use of RFC4507bis session tickets
-nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)
-legacy_renegotiation - enable use of legacy renegotiation (dangerous)
-use_srtp profiles - Offer SRTP key management with a colon-separated profile list
-keymatexport label - Export keying material using label
-keymatexportlen len - Export len bytes of keying material (default 20)
</pre>

==== ocsp ====

=== Signing / Digest and Timestamping ===

==== Signing / Digest ====

<pre>
openssl dgst --help
unknown option '--help'
options are
-c to output the digest with separating colons
-r to output the digest in coreutils format
-d to output debug info
-hex output as hex dump
-binary output in binary form
-hmac arg set the HMAC key to arg
-non-fips-allow allow use of non FIPS digest
-sign file sign digest using private key in file
-verify file verify a signature using public key in file
-prverify file verify a signature using private key in file
-keyform arg key file format (PEM or ENGINE)
-out filename output to filename rather than stdout
-signature file signature to verify
-sigopt nm:v signature parameter
-hmac key create hashed MAC with key
-mac algorithm create MAC (not neccessarily HMAC)
-macopt nm:v MAC algorithm parameters or key
-engine e use engine e, possibly a hardware device.
-md4 to use the md4 message digest algorithm
-md5 to use the md5 message digest algorithm
-ripemd160 to use the ripemd160 message digest algorithm
-sha to use the sha message digest algorithm
-sha1 to use the sha1 message digest algorithm
-sha224 to use the sha224 message digest algorithm
-sha256 to use the sha256 message digest algorithm
-sha384 to use the sha384 message digest algorithm
-sha512 to use the sha512 message digest algorithm
-whirlpool to use the whirlpool message digest algorithm
</pre>
==== timestamping ====

openssl ts

<pre>
usage:
ts -query [-rand file:file:...] [-config configfile] [-data file_to_hash] [-digest digest_bytes][-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] [-policy object_id] [-no_nonce] [-cert] [-in request.tsq] [-out request.tsq] [-text]
or
ts -reply [-config configfile] [-section tsa_section] [-queryfile request.tsq] [-passin password] [-signer tsa_cert.pem] [-inkey private_key.pem] [-chain certs_file.pem] [-policy object_id] [-in response.tsr] [-token_in] [-out response.tsr] [-token_out] [-text] [-engine id]
or
ts -verify [-data file_to_hash] [-digest digest_bytes] [-queryfile request.tsq] -in response.tsr [-token_in] -CApath ca_path -CAfile ca_file.pem -untrusted cert_file.pem
</pre>

=== Data handling ===

==== ASN.1 ====

[[DER]] decoding

openssl asn1parse

==== Base64 ====

base64 encoding / decoding

[[Base64]]

===== a String =====

<pre>
openssl base64 -e <<< 'Welcome to openssl wiki'
V2VsY29tZSB0byBvcGVuc3NsIHdpa2kK
openssl base64 -d <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kK'
Welcome to openssl wiki
</pre>

warning '''base64 line length is limited to 76 characters by default in openssl''' ( and generated with 64 characters / line ).

<pre>
openssl base64 -e <<< 'Welcome to openssl wiki with a very long line that splits...'
V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRo
YXQgc3BsaXRzLi4uCg==
openssl base64 -d <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRoYXQgc3BsaXRzLi4uCg=='
</pre>
=> NOTHING !

to be able to decode a base64 line without line feed that exceed 76 characters use -A option :

<pre>
openssl base64 -d -A <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRoYXQgc3BsaXRzLi4uCg=='
Welcome to openssl wiki with a very long line that splits...
</pre>

This is anyway better to actualy split base64 result in 64 characters lines since -A option is BUGGY ( limit with long files ).

==== DER <-> PEM conversion ====

on each command handling PEM and DER format an '''inform''' and '''outform''' options are provided to specify it.
Then it is easy to read it in format and write it in another

==== pkcs8 / pkcs5 ====

pkcs8 is a format to store private keys.
pkcs8 uses various pkcs5 version as subformat.

<pre>
openssl pkcs8 --help
Usage pkcs8 [options]
where options are
-in file input file
-inform X input format (DER or PEM)
-passin arg input file pass phrase source
-outform X output format (DER or PEM)
-out file output file
-passout arg output file pass phrase source
-topk8 output PKCS8 file
-nooct use (nonstandard) no octet format
-embed use (nonstandard) embedded DSA parameters format
-nsdb use (nonstandard) DSA Netscape DB format
-noiter use 1 as iteration count
-nocrypt use or expect unencrypted private key
-v2 alg use PKCS#5 v2.0 and cipher "alg"
-v1 obj use PKCS#5 v1.5 and cipher "alg"
-engine e use engine e, possibly a hardware device.
</pre>

=== Diagnostics ===

==== SSL/TLS session information ====

<pre>
openssl sess_id --help
unknown option --help
usage: sess_id args

-inform arg - input format - default PEM (DER or PEM)
-outform arg - output format - default PEM
-in arg - input file - default stdin
-out arg - output file - default stdout
-text - print ssl session id details
-cert - output certificate
-noout - no CRL output
-context arg - set the session ID context
</pre>

[[Category:Shell level]]