LibreCryptography

Importance of OpenSSL (pt. 2)

Since OpenSSL is the default implementation for most operating systems, out of the box, developers must remain cognizant of its capabilities at various junctures in order to maintain compatibility (i.e., allow users to actually use whatever app / service / program that they're developing).

Below is a Miniature 'Cheat Sheet' For OpenSSL (to be ran on command line ; if you're unsure about how to do this, consider joining @librecodes) [when we provide the example commands to run in the terminal to provide certain information, we wrap them in apostrophes '' ; if you are going to run these commands, make sure to remove the apostrophes!!!]

1. Command that you run to see which version of OpenSSL is installed on Your OS:
'openssl version -a' ; this will generate a bunch of output, but the most relevant bit (for checking versioning) is the very first part of said output

2. Command to List All Packaged Cipher Algorithms Included in Your Version of OpenSSL:
'openssl list -cipher-algorithms'

3. Command to List All ECC Curves Packaged With Your Version of OpenSSL:
'openssl ecparam -list_curves'

4. OpenSSL Command to List All Digest Algorithms:
'openssl list -digest-algorithms'

5. OpenSSL Command to List All Digest Commands (yes, different than the algorithms with a wholly different list provided):
'openssl list -digest-commands'

6. OpenSSL Command to List All Cipher Algorithms:
'openssl list -cipher-algorithms'

Other useful command parameters built into OpenSSL are (must be ran with an argument of some sort, obviously):

1. 'prime' = for computing prime numbers

2. 'rand' = generating pseudo-random bytes

3. 's_client' = fed to openssl as a command with appended arguments (most popular = 'connect' flag [-connect]) that can be ran against domain names or IP names (with an accomanying port) for opsec / osint / sysadmin / pentesting / simple intel or 'for-fun' purposes. Highly useful & built into the s_client

4. 'x509' = Command must be ran for various CA operations (whether for a self-signed cert or otherwise)

All of the above information was extracted from OpenSSL's online man pages, found here = https://wiki.openssl.org/index.php/Command_Line_Utilities

www.tg-me.com/hk/LibreCryptography/com.librecryptography/139

133 viewsApr 27, 2020 at 20:30

Importance of OpenSSL (pt. 2)

Since OpenSSL is the default implementation for most operating systems, out of the box, developers must remain cognizant of its capabilities at various junctures in order to maintain compatibility (i.e., allow users to actually use whatever app / service / program that they're developing).

Below is a Miniature 'Cheat Sheet' For OpenSSL (to be ran on command line ; if you're unsure about how to do this, consider joining @librecodes) [when we provide the example commands to run in the terminal to provide certain information, we wrap them in apostrophes '' ; if you are going to run these commands, make sure to remove the apostrophes!!!]

1. Command that you run to see which version of OpenSSL is installed on Your OS:
'openssl version -a' ; this will generate a bunch of output, but the most relevant bit (for checking versioning) is the very first part of said output

2. Command to List All Packaged Cipher Algorithms Included in Your Version of OpenSSL:
'openssl list -cipher-algorithms'

3. Command to List All ECC Curves Packaged With Your Version of OpenSSL:
'openssl ecparam -list_curves'

4. OpenSSL Command to List All Digest Algorithms:
'openssl list -digest-algorithms'

5. OpenSSL Command to List All Digest Commands (yes, different than the algorithms with a wholly different list provided):
'openssl list -digest-commands'

6. OpenSSL Command to List All Cipher Algorithms:
'openssl list -cipher-algorithms'

Other useful command parameters built into OpenSSL are (must be ran with an argument of some sort, obviously):

1. 'prime' = for computing prime numbers

2. 'rand' = generating pseudo-random bytes

3. 's_client' = fed to openssl as a command with appended arguments (most popular = 'connect' flag [-connect]) that can be ran against domain names or IP names (with an accomanying port) for opsec / osint / sysadmin / pentesting / simple intel or 'for-fun' purposes. Highly useful & built into the s_client

4. 'x509' = Command must be ran for various CA operations (whether for a self-signed cert or otherwise)

All of the above information was extracted from OpenSSL's online man pages, found here = https://wiki.openssl.org/index.php/Command_Line_Utilities

BY LibreCryptography