当前位置:网站首页>OpenSSL 编程 一:基本概念
OpenSSL 编程 一:基本概念
2022-06-27 19:04:00 【lqonlylove】
一、OpenSSL 基本概念
二、OpenSSL 命令学习
1、openssl 命令
[email protected]:~$ openssl help
Standard commands
asn1parse ca ciphers cms
crl crl2pkcs7 dgst dhparam
dsa dsaparam ec ecparam
enc engine errstr gendsa
genpkey genrsa help list
nseq ocsp passwd pkcs12
pkcs7 pkcs8 pkey pkeyparam
pkeyutl prime rand rehash
req rsa rsautl s_client
s_server s_time sess_id smime
speed spkac srp storeutl
ts verify version x509
Message Digest commands (see the `dgst' command for more details) blake2b512 blake2s256 gost md4 md5 rmd160 sha1 sha224 sha256 sha3-224 sha3-256 sha3-384 sha3-512 sha384 sha512 sha512-224 sha512-256 shake128 shake256 sm3 Cipher commands (see the `enc' command for more details)
aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb
aes-256-cbc aes-256-ecb aria-128-cbc aria-128-cfb
aria-128-cfb1 aria-128-cfb8 aria-128-ctr aria-128-ecb
aria-128-ofb aria-192-cbc aria-192-cfb aria-192-cfb1
aria-192-cfb8 aria-192-ctr aria-192-ecb aria-192-ofb
aria-256-cbc aria-256-cfb aria-256-cfb1 aria-256-cfb8
aria-256-ctr aria-256-ecb aria-256-ofb base64
bf bf-cbc bf-cfb bf-ecb
bf-ofb camellia-128-cbc camellia-128-ecb camellia-192-cbc
camellia-192-ecb camellia-256-cbc camellia-256-ecb cast
cast-cbc cast5-cbc cast5-cfb cast5-ecb
cast5-ofb des des-cbc des-cfb
des-ecb des-ede des-ede-cbc des-ede-cfb
des-ede-ofb des-ede3 des-ede3-cbc des-ede3-cfb
des-ede3-ofb des-ofb des3 desx
rc2 rc2-40-cbc rc2-64-cbc rc2-cbc
rc2-cfb rc2-ecb rc2-ofb rc4
rc4-40 seed seed-cbc seed-cfb
seed-ecb seed-ofb sm4-cbc sm4-cfb
sm4-ctr sm4-ecb sm4-ofb
[email protected]:~$
| 命令 | 说明 |
|---|---|
| asn1parse | 一种用来诊断ASN.1结构的工具,也能用于从ASN1.1数据中提取数据。 |
| ca | 一个小型CA系统。它能签发证书请求和生成CRL。它维护一个已签发证书状态的文本数据库。 |
| ciphers | 显示支持的加密套件。 |
| cms | |
| crl | 用于处里PME或DER格式的CRL文件。 |
| crl2pkcs7 | 根据CRL或证书来生成pkcs#7消息。 |
| dgst | 用于数据摘要。 |
| dhparam | dhparam为dh参数操作和生成工具。 |
| dsa | 用于处理DSA密钥、格式转换和打印信息。 |
| dsaparam | 用于生成和操作dsa参数。 |
| ec | 椭圆曲线密钥处理工具。 |
| ecparam | 椭圆曲线密钥参数生成及操作。 |
| enc | enc为对称加解密工具,还可以进行base64编码转换。 |
| engine | |
| errstr | 用于查询错误代码。 |
| gendsa | 根据DSA密钥参数生成DSA密钥,dsa密钥参数可用dsaparam命令生成。 |
| genpkey | |
| genrsa | 生成RSA密钥。 |
| help | |
| list | |
| nseq | 用于多个证书与netscape证书序列间相互转化。 |
| ocsp | |
| passwd | 生成各种口令密文。 |
| pkcs12 | pkcs12文件工具,能生成和分析pkcs12文件。 |
| pkcs7 | 用于处理DER或者PEM格式的pkcs#7文件。 |
| pkcs8 | pkcs8格式的私钥转换工具。 |
| pkey | |
| pkeyparam | |
| pkeyutl | |
| prime | 检查一个数是否为素数。 |
| rand | 生成随机数。 |
| rehash | |
| req | 用于生成和处理PKCS#10证书请求。 |
| rsa | 用于处理RSA密钥、格式转换和打印信息。 |
| rsautl | 使用RSA算法签名,验证身份, 加密/解密数据。 |
| s_client | s_client为一个SSL/TLS客户端程序,与s_server对应,它不仅能与s_server进行通信,也能与任何使用ssl协议的其他服务程序进行通信。 |
| s_server | s_server是openssl提供的一个SSL服务程序。使用此程序前,需要生成各种证书。 |
| s_time | s_time是openss提供的SSL/TLS性能测试工具,用于测试SSL/TSL服务。 |
| sess_id | sess_id为SSL/TLS协议的session处理工具。 |
| smime | S/MIME工具,用于处理S/MIME邮件,它能加密、解密、签名和验证S/MIME消息。 |
| speed | 用于测试库的性能。 |
| spkac | |
| srp | |
| storeutl | |
| ts | |
| verify | 证书验证工具。 |
| version | 用来打印版本以及openssl其他各种信息。 |
| x509 | X509命令是一个多用途的证书工具。它可以显示证书信息、转换证书格式、签名证书请求以及改变证书的信任设置等。 |
2、命令格式查询
查看命令具体用法,使用 -help 命令查看。以 ciphers 为例:
[email protected]:~$ openssl ciphers -help
Usage: ciphers [options]
Valid options are:
-help Display this summary
-v Verbose listing of the SSL/TLS ciphers
-V Even more verbose
-s Only supported ciphers
-tls1 TLS1 mode
-tls1_1 TLS1.1 mode
-tls1_2 TLS1.2 mode
-tls1_3 TLS1.3 mode
-stdname Show standard cipher names
-psk include ciphersuites requiring PSK
-srp include ciphersuites requiring SRP
-convert val Convert standard name into OpenSSL name
-ciphersuites val Configure the TLSv1.3 ciphersuites to use
[email protected]:~$
边栏推荐
- NVIDIA three piece environment configuration
- Galaxy Kirin system LAN file sharing tutorial
- GoLand permanently activated
- 爱数课实验 | 第九期-利用机器学习方法进行健康智能诊断
- Cloud native Security Guide: learn kubernetes attack and defense from scratch
- Implementation string mystring
- 开启生态新姿势 | 使用 WrodPress 远程附件存储到 COS
- 教程|fNIRS数据处理工具包Homer2下载与安装
- UE4 essays: fstring, fname and ftext
- shell脚本控制服务的启动和关闭 - 具备详细案例
猜你喜欢
一套系统,减轻人流集中地10倍的通行压力
Here are 12 commonly used function formulas for you. All used ones are good
Cocoscreator plays audio and synchronizes progress
白嫖红队goby&POC,叫你如何白嫖?
At 19:00 on Tuesday evening, the 8th live broadcast of battle code Pioneer - how to participate in openharmony's open source contribution in multiple directions
Openharmony hisysevent dotting and calling practice of # Summer Challenge (L2)
What is a low code development platform? Why is it so hot now?
Cloud native Security Guide: learn kubernetes attack and defense from scratch
Necessary software tools in embedded software development
Covering access to 2w+ traffic monitoring equipment, EMQ creates a new digital engine for all elements of traffic in Shenzhen
随机推荐
基于 TensorRT 的模型推理加速
College graduation thesis management system based on wechat applet graduation design
Oracle的CTAS能不能将约束等属性带到新表?
What is a low code development platform? Why is it so hot now?
众昂矿业:新能源或成萤石最大应用领域
Show the comprehensive strength of strong products, and make the first show of 2022 Lincoln aviator in Southwest China
一套系统,减轻人流集中地10倍的通行压力
SQL server for circular usage
基于微信小程序的警局报案便民服务平台#毕业设计
Wechat applet based service management system for college party members' Home System applet graduation design, Party members, activists, learning, punch in, forum
Record a failure caused by a custom redis distributed lock
mysql使用笔记一
Safe and efficient, non-contact "hand brushing" identification helps epidemic prevention and control
Select auto increment or sequence for primary key selection?
Shell script controls the startup and shutdown of services - with detailed cases
通过CE修改器修改大型网络游戏
Massive data attended the Lanzhou opengauss meetup (ECOLOGICAL NATIONAL trip) activity, enabling users to upgrade their applications with enterprise level databases
Love math experiment | phase VI - Financial anti fraud case study
Share an experience of self positioning + problem solving
开启生态新姿势 | 使用 WrodPress 远程附件存储到 COS