Linux with Operating System Concepts

Linux Applications
◾
177
viewing the digital certificate stored by your web browser. Below, for instance, is a public 
key as generated by the RSA algorithm for a digital certificate.
b0 78 99 86 0e a2 73 23 d4 5a c3 49 eb b1 36 8c
7c ca 84 ae 3c af 38 88 28 99 8d 2d 58 13 b1 97
78 3e 52 20 67 ac 5b 73 98 6c 32 55 c9 70 d1 d9
aa 15 e8 2e 26 85 81 bc 56 e4 bc 80 63 db 4e d7
f5 02 be 51 63 1e 3c db df d7 00 5d 5a b9 e5 7b
6a ea 38 20 b2 3b b6 ee 75 54 84 f9 a6 ca 38 70
dd bf b0 ff a5 85 5d b4 41 fe dd 3d d9 2a e1 30
43 1a 98 79 93 a0 5f e0 67 6c 95 fa 3e 7a ae 71
7b e3 6d 88 42 3f 25 d4 ee be 68 68 ac ad ac 60
e0 20 a3 39 83 b9 5b 28 a3 93 6d a1 bd 76 0a e3
eb ae 87 27 0e 54 8f b4 48 0c 9a 54 f4 5d 8e 37
50 dc 5e a4 8b 6b 4b dc a6 f3 34 be 77 59 22 88
ff 19 2b 6d 76 64 73 da 0c 87 07 2b 9a 37 3a d0
e2 8c f6 36 32 6b 9a 79 cc d2 3b 93 6f 1a 4d 6c 
e6 c1 9d 40 ac 2d 74 c3 be ea 5c 73 65 01 29 b1
2a bf 70 59 c1 ce c6 c3 a2 c8 45 5f ba 67 3d 0f
5.5.2 Openssl
Openssl is an open-source implementation of the SSL (secure socket layer) and TSL (trans-
port layer security) protocols. With openssl, you can generate encryption keys (public and 
private), perform encryption operations (encrypt and decrypt messages or files), create 
certificates and digital signatures, and calculate message digests among other operations. 
Openssl works with a number of different encryption algorithms including ciphers AES, 
DES, IDEA, RC5, and triple DES, several cryptographic 
hash
functions such as MD5, SHA-
1, SHA-2, and MDC-2, and public key cryptography algorithms such as DSA and RDA.
A hash function is a mathematical function that translates a variable-length string into 
a fixed-length string, often applying some form of modulo (mod) operator. The mod oper-
ator performs a division, returning only the remainder. For instance, 38153 mod 101 gives 
us the remainder of 38153/101. Since 38153/101 
=
377 and 76/101, 38153 mod 101 is 76. In 
this way, we took a longer value (38153) and reduced it in size. If we can convert a string 
into a number and mod it, we are able to reduce the string’s size to a fixed-sized length. 
Using 101, our mod operator will return a number between 0 and 100. Hash functions are 
extensively utilized in many cryptographic algorithms to encrypt and decrypt messages.
You can see what openssl can do by typing 
openssl help
or 
openssl –h
. This 
will provide the standard commands available, message digest commands, and cipher com-
mands. Let us examine how to encrypt and decrypt a file. The basic form of the command is
openssl enc 
cipher
–in 
filename
–out 
filename2
where 
cipher
is the encryption algorithm you wish to apply. The two filenames listed, file-
name and filename2 are the name of the file to be encrypted and the name of the file to 
be created of the encrypted file, respectively. If you do not provide the output portion, by 

178
◾
Linux with Operating System Concepts
default, openssl dumps the resulting encrypted file to the terminal window, which will look 
like odd random symbols. To obtain a list of the encryption algorithms, type 
openssl 
list-cipher-commands
.
The encryption command requires that you specify a passphrase. The passphrase is then 
needed to decrypt the file. Decryption uses the same exact instruction except for an added 
–d option after enc, as in 
openssl enc –d 

Download 5,65 Mb.

Do'stlaringiz bilan baham: