'Encoding'에 해당되는 글 5건

  1. 2015.11.17 Using OpenSSL to encrypt messages and files on Linux (1)
  2. 2010.05.26 URL Encoding Reference
  3. 2010.01.06 한글 파일이름 깨짐현상 해결책
2015. 11. 17. 13:55

Using OpenSSL to encrypt messages and files on Linux

1. Introduction

OpenSSL is a powerful cryptography toolkit. Many of us have already used OpenSSL for creating RSA Private Keys or CSR (Certificate Signing Request). However, did you know that you can use OpenSSL to benchmark your computer speed or that you can also encrypt files or messages? This article will provide you with some simple to follow tips on how to encrypt messages and files using OpenSSL.

2. Encrypt and Decrypt Messages

First we can start by encrypting simple messages. The following command will encrypt a message "Welcome to LinuxCareer.com" using Base64 Encoding:

$ echo "Welcome to LinuxCareer.com" | openssl enc -base64
V2VsY29tZSB0byBMaW51eENhcmVlci5jb20K

The output of the above command is an encrypted string containing encoded message "Welcome to LinuxCareer.com". To decrypt encoded string back to its original message we need to reverse the order and attach -d option for decryption:

$ echo "V2VsY29tZSB0byBMaW51eENhcmVlci5jb20K" | openssl enc -base64 -d
Welcome to LinuxCareer.com

The above encryption is simple to use, however, it lacks an important feature of a password, which should be used for encryption. For example, try to decrypt the following string with a password "pass":

U2FsdGVkX181xscMhkpIA6J0qd76N/nSjjTc9NrDUC0CBSLpZQxQ2Db7ipd7kexj

To do that use OpenSSL again with -d option and encoding method aes-256-cbc:

echo "U2FsdGVkX181xscMhkpIA6J0qd76N/nSjjTc9NrDUC0CBSLpZQxQ2Db7ipd7kexj" | openssl 
enc -aes-256-cbc -d -a

 As you have probably already guessed, to create an encrypted message with a password as the one above you can use the following command:

 $ echo "OpenSSL" | openssl enc -aes-256-cbc -a enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
U2FsdGVkX185E3H2me2D+qmCfkEsXDTn8nCn/4sblr8=

If you wish to store OpenSSL's output to a file instead of STDOUT simply use STDOUT redirection ">". When storing encrypted output to a file you can also omit -a option as you no longer need the output to be ASCII text based:

$ echo "OpenSSL" | openssl enc -aes-256-cbc > openssl.dat
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
$ file openssl.dat
openssl.dat: data

To decrypt the openssl.dat file back to its original message use:

$ openssl enc -aes-256-cbc -d -in openssl.dat 
enter aes-256-cbc decryption password:
OpenSSL

3. Encrypt and Decrypt File

 To encrypt files with OpenSSL is as simple as encrypting messages. The only difference is that instead of the echo command we use the -in option with the actual file we would like to encrypt and -out option, which will instruct OpenSSL to store the encrypted file under a given name:

$ openssl enc -aes-256-cbc -in /etc/services -out services.dat

To decrypt back our services file use:

$ openssl enc -aes-256-cbc -d -in services.dat > services.txt
enter aes-256-cbc decryption password:

4. Encrypt and Decrypt Directory

In case that you needed to use OpenSSL to encrypt an entire directory you would, firs,t need to create gzip tarball and then encrypt the tarball with the above method or you can do both at the same time by using pipe:

# tar cz /etc | openssl enc -aes-256-cbc -out etc.tar.gz.dat
tar: Removing leading `/' from member names
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:

To decrypt and extract the entire etc/ directory to you current working directory use:

# openssl enc -aes-256-cbc -d -in etc.tar.gz.dat | tar xz
enter aes-256-cbc decryption password:

The above method can be quite useful for automated encrypted backups.

5. Using Public and Private keys

In this section we will show how to encrypt and decrypt files using public and private keys. First we need to generate private and public keys. This can simply be done by:

$ openssl genrsa -out private_key.pem 1024
Generating RSA private key, 1024 bit long modulus
............................++++++
..........++++++
e is 65537 (0x10001)

From the private key we can then generate public key:

$ openssl rsa -in private_key.pem -out public_key.pem -outform PEM -pubout
writing RSA key

At this point yo should have both private and public key available in your current working directory.

$ ls
private_key.pem  public_key.pem

Next, we create some sample file called encrypt.txt with any arbitrary text:

$ echo "Welcome to LinuxCareer.com" > encrypt.txt
$ cat encrypt.txt
Welcome to LinuxCareer.com

Now we are ready to encrypt this file with public key:

$ openssl rsautl -encrypt -inkey public_key.pem -pubin -in encrypt.txt -out encrypt.dat 
$ ls
encrypt.dat  encrypt.txt  private_key.pem  public_key.pem
$ file encrypt.dat
encrypt.dat: data

As you can see our new encrypt.dat file is no longer text files. To decrypt this file we need to use private key:

$ openssl rsautl -decrypt -inkey private_key.pem -in encrypt.dat -out new_encrypt.txt 
$ cat new_encrypt.txt
Welcome to LinuxCareer.com

The above syntax is quite intuitive. As you can see we have decrypted a file encrypt.dat to its original form and save it as new_encrypt.txt. You can for example combine this syntax with encrypting directories example above to create automated encrypted backup script.

6. Conclusion

What you have just read was a basic introduction to OpenSSL encryption. When it comes to OpenSSL as an encryption toolkit it literally has no limit on what you can do. To see how to use different encoding methods see OpenSSL manual page: man openssl



출처 : how-to.linuxcareer.com


Trackback 0 Comment 1
  1. 2015.11.17 13:59 address edit & del reply

    비밀댓글입니다

2010. 5. 26. 16:29

URL Encoding Reference

ASCII device control characters %00-%1f

ASCII Character Description URL-encoding
NUL null character %00
SOH start of header %01
STX start of text %02
ETX end of text %03
EOT end of transmission %04
ENQ enquiry %05
ACK acknowledge %06
BEL bell (ring) %07
BS backspace %08
HT horizontal tab %09
LF line feed %0A
VT vertical tab %0B
FF form feed %0C
CR carriage return %0D
SO shift out %0E
SI shift in %0F
DLE data link escape %10
DC1 device control 1 %11
DC2 device control 2 %12
DC3 device control 3 %13
DC4 device control 4 %14
NAK negative acknowledge %15
SYN synchronize %16
ETB end transmission block %17
CAN cancel %18
EM end of medium %19
SUB substitute %1A
ESC escape %1B
FS file separator %1C
GS group separator %1D
RS record separator %1E
US unit separator %1F

URL-encoding from %00 to %8f

ASCII Value URL-encode ASCII Value URL-encode ASCII Value URL-encode
æ %00 0 %30 ` %60
  %01 1 %31 a %61
  %02 2 %32 b %62
  %03 3 %33 c %63
  %04 4 %34 d %64
  %05 5 %35 e %65
  %06 6 %36 f %66
  %07 7 %37 g %67
backspace %08 8 %38 h %68
tab %09 9 %39 i %69
linefeed %0a : %3a j %6a
  %0b ; %3b k %6b
  %0c < %3c l %6c
c return %0d = %3d m %6d
  %0e > %3e n %6e
  %0f ? %3f o %6f
  %10 @ %40 p %70
  %11 A %41 q %71
  %12 B %42 r %72
  %13 C %43 s %73
  %14 D %44 t %74
  %15 E %45 u %75
  %16 F %46 v %76
  %17 G %47 w %77
  %18 H %48 x %78
  %19 I %49 y %79
  %1a J %4a z %7a
  %1b K %4b { %7b
  %1c L %4c | %7c
  %1d M %4d } %7d
  %1e N %4e ~ %7e
  %1f O %4f   %7f
space %20 P %50 %80
! %21 Q %51   %81
" %22 R %52 %82
# %23 S %53 ƒ %83
$ %24 T %54 %84
% %25 U %55 %85
& %26 V %56 %86
' %27 W %57 %87
( %28 X %58 ˆ %88
) %29 Y %59 %89
* %2a Z %5a Š %8a
+ %2b [ %5b %8b
, %2c \ %5c Π%8c
- %2d ] %5d   %8d
. %2e ^ %5e Ž %8e
/ %2f _ %5f   %8f

URL-encoding from %90 to %ff

ASCII Value URL-encode ASCII Value URL-encode ASCII Value URL-encode
  %90 À %c0 ð %f0
%91 Á %c1 ñ %f1
%92 Â %c2 ò %f2
%93 Ã %c3 ó %f3
%94 Ä %c4 ô %f4
%95 Å %c5 õ %f5
%96 Æ %c6 ö %f6
%97 Ç %c7 ÷ %f7
˜ %98 È %c8 ø %f8
%99 É %c9 ù %f9
š %9a Ê %ca ú %fa
%9b Ë %cb û %fb
œ %9c Ì %cc ü %fc
  %9d Í %cd ý %fd
ž %9e Î %ce þ %fe
Ÿ %9f Ï %cf ÿ %ff
  %a0 Ð %d0    
¡ %a1 Ñ %d1    
¢ %a2 Ò %d2    
£ %a3 Ó %d3    
  %a4 Ô %d4    
¥ %a5 Õ %d5    
| %a6 Ö %d6    
§ %a7   %d7    
¨ %a8 Ø %d8    
© %a9 Ù %d9    
ª %aa Ú %da    
« %ab Û %db    
¬ %ac Ü %dc    
¯ %ad Ý %dd    
® %ae Þ %de    
¯ %af ß %df    
° %b0 à %e0    
± %b1 á %e1    
² %b2 â %e2    
³ %b3 ã %e3    
´ %b4 ä %e4    
µ %b5 å %e5    
%b6 æ %e6    
· %b7 ç %e7    
¸ %b8 è %e8    
¹ %b9 é %e9    
º %ba ê %ea    
» %bb ë %eb    
¼ %bc ì %ec    
½ %bd í %ed    
¾ %be î %ee    
¿ %bf ï %ef    

URL Encoding (VB.net)

<%@ Page Language="VB" %>
<html>
   <head>
      <title>URLEncoding</title>
   <script runat="server">
      Sub Page_Load()
         If IsPostBack
            Response.Write(Server.UrlEncode(Request.Form("name")))
         End If
      End Sub
   </script>
   </head>
<body>
<%--    <form id="form1" action="UrlEncode.aspx"  method="POST" runat="server">
 --%>
   <form id="form1" method="POST" runat="server">
      <h3>Name:</h3>
      <input type="text" id="name" runat="server">
      <input type="submit" runat="server">
   </form>
</body>
</html>



출처 : aybim.com.tr

Trackback 43 Comment 0
2010. 1. 6. 19:51

한글 파일이름 깨짐현상 해결책

디렉토리나 파일 이름에 한글이 포함된 경우 다른 서버로 데이터를 이전하기 위해서 보통 압축을 사용한다.

이 경우 두 서버가 문자셋(Character Set)이 서로 상이한 경우 한글이름이 깨지는 현상이 발생한다.

윈도우 압축 파일을 리눅스에서 사용할 경우에도 동일한 현상이 발생한다.

- 한글 파일을 압축 및 여러 수단을 이동 후

# convmv -f cp949 -t utf8 --notest -r .
# convmv -f utf-8 -t euc-kr --notest 한글.txt

이미 UTF8 라고 나올때는, --nosmart 옵션을 사용하면 된다. (convmv 1.09 기준)

tar 압축을 사용할 경우 별도 옵션이 없다.

그러나 zip 압축을 사용하는 방법이 있다.

zip 에는 문자셋을 지정할 수 있는 옵션이 있다. (단, 압축할때는 불가능하고 압축을 풀때만 가능)

# zip 한글.zip 한글.txt

# unzip -O cp949 한글.zip

Trackback 0 Comment 0