In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
OpenSSL: commonly known as secure socket
It can encrypt data:
The full name of SSL is: Secure Socket Layer can provide secret transmission on Internet, and its goal is to ensure the confidentiality and reliability of the communication between two applications. SSL can prevent the communication between user / server applications from eavesdropping, and always authenticate the server. You can also choose to authenticate users. The SSL protocol is based on a reliable transport layer protocol (TCP). SSL protocol has completed the encryption algorithm, communication key negotiation and server authentication before the application layer protocol communication. After that, the data transmitted by the application layer protocol will be encrypted to ensure the privacy of the communication.
1. Types of OpenSSL encryption and decryption and corresponding algorithms
1. Symmetric encryption: encrypt and decrypt data using the same algorithm and the same password
Algorithm: DES, 3DES, AES, Blowfish, Towfish, IDEA, RC6, CAST5
2. Public key encryption of asymmetric encryption: the public key is extracted from the private key. Files encrypted with the private key can only be decrypted using the public key, and vice versa.
Algorithm: RSA, DSA, ELGamal, DH
3. One-way encryption of asymmetric encryption: can only be encrypted, not decrypted, used to extract the signature of the data.
Algorithm: md5, sha series 256,384,512,128
Second, the process of OpenSSL encrypting communication at one time:
Sender:
1. Using one-way encryption algorithm to extract data signature
two。 Encrypt the signature with your own private key and append it to the data
3. Generate a temporary key for symmetric encryption
4. Encrypt the data with this temporary key and the signature that has been encrypted with the private key
5. Encrypt this temporary key using the receiver's public key and add it to the symmetrically encrypted data after
Recipient:
Use your own private key to decrypt the encrypted temporary key to obtain a symmetric key
two。 The symmetric key is used to decrypt the symmetrically encrypted data and the signature ciphertext encrypted by the private key, thus the data and signature ciphertext 3. Decrypt the signature ciphertext using the public key sent by the other party to obtain the data signature
4. The data signature is calculated using the same party term encryption algorithm as the other party, and compared with the decrypted signature.
III. OpenSSL
OpenSSL is a powerful secure socket layer cryptography library, including major cryptographic algorithms, commonly used key and certificate encapsulation management functions, and SSL protocols, and provides rich applications for testing or other purposes.
Components:
(1) libcrypto: encrypt and decrypt library files
(2) libssl: ssl protocol implementation
(3) openssl: multi-purpose command line tool, each function is implemented with special subcommands.
The 2.openssl command uses the format
Openssl command [options] [csr_file] [options] [crt_file] [options]
# openssl+ subcommand + options + parameters
3. Classification of commands:
Standard command
Message digest command
Encryption and decryption related commands
4. You can view the subcommands by typing openssl an enter
You can use the man command again to see the use of subcommands
Use OpenSSL to encrypt and decrypt files
1. Symmetrical encryption
Use the enc tool:
Encryption: # openssl enc-e-CIPHERNAME-a-salt-in / PATH/FROM/SOMEFILE-out / PATH/TO/SOMECIPHERFILE
Decryption: # openssl enc-d-CIPHERNAME-a-salt-in / PATH/FROM/SOMECIPHERFILE-out / PATH/TO/SOMEFILE
One-way encryption:
Extract file signature
# openssl dgst-CIPHER / PATH/TO/SOMEFILE...
Generate user password:
# openssl passwd-1-salt 8bits random number
-1: defaults to md5 algorithm
Generate random numbers:
# openssl rand-hex |-base64 NUM
-base64: text encoding
NUM: number of generated bits
You can use the generated random number to generate the password:
Passwords are automatically saved in / etc/shadow
Public key encryption generates key pairs:
Operation procedure: generate private key
# openssl genrsa-out / PATH/TO/PRIVATE_KEYFILE NUM_BITS
Manually extract the public key from the private key:
# openssl rsa-in / PATH/FROM/PRIVATE_KEY_FILE-pubout
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
# download and install # # cd / usr/local/srcwget http://download.
© 2024 shulou.com SLNews company. All rights reserved.