Questions tagged as ['openssl']

OpenSSL is an open source implementation of the SSL and TLS protocols. Questions about how to use the OpenSSL tools and libraries are usually better asked at Stack Overflow or Super User.
Score: -1
How to decrypt a file using RSA and just a public.pem file?
in flag

I have an encoded file and a public.pem file. Is it possible to decode the file using the public.pem file or do I have to start looking at private keys?

I tried with no luck. The public key (pem) is as below

LpyBXGoIk4Pczeqjwz7/kwYLnQI7VlAzgjC9jD1dX80Z+kLOr5wHIDdfNK55 ...
Score: 0
Issues generating keys/cyclic group for Cramer-Shoup Cryptosystem with OpenSSL
ru flag

I'm trying to implement a Cramer Shoup cryptography system in C but I've run into problems with generating the keys.

From what I have found on the wiki and in other papers, to generate keys for Cramer Shoup you must generate a cyclic group G of order q with generators g1 and g2, then take 5 values between 0 and (q-1) and with that you can easily generate the keys.

I initially tried doing this manual ...

Score: 1
Does SSL connection provide integrity?
us flag

I'm new to cryptography and I'm trying to implement a secure chat application using OpenSSL.

I want to ensure that public messages (which will be shown to all users) cannot be altered during transmission.

Does the use of SSL connection guarantee that?

If not, would using digital signatures to sign every message so as to prove the identity of the sender be a proper solution?

Score: 0
Finlay Weber avatar
How do I use XOF (SHAKE and cSHAKE) in openssl CLI and JavaScript
ng flag

I am learning about hash functions and I just read about XOF (namely shake and cShake).

I will like to test this functions out by myself but I can't seem to find how to use it via the OpenSSL CLI or using a JavaScript library.

The JavaScript library I am using is but it does not seem to support XOF.

So how do I use XOF (SHAKE and cSHAKE) in openssl CLI and JavaSc ...

Score: 1
Mubashar avatar
OpenSSL EC PRIVATE KEY content structure details
cn flag

Background I am trying to understand how PEM contents are formatted for "EC Private Key" so e.g. following is private key

NkU0LHTBhpsbeaFklNSXUeG2znLuFvcb0hvc29R5ydz8/dpDOh ...
Score: 1
Werner Breitwieser avatar
PKCS#7 digest encryption algorithm - difference between rsaEncryption and sha256WithRsaEncryption
cn flag

As part of our linux secure boot implementation using dm-verity and root hash signature checking, I need to sign a file with the following openssl command (example):

openssl smime -sign -nocerts -noattr -binary -in unsigned.txt -inkey private.key -signer cert.pem -outform der -out signed.txt

This generates a PKCS#7 file which then can be processed successfully by the linux kernel.

But for productio ...

Score: 11
Farzad Sadeghi avatar
RSA Private Exponent Generation according to FIPS 186-4 in openssl v1
us flag

I guess this is more of a math problem in a cryptography context so I apologize beforehand if it is not the right place to ask. Basically I have to check whether a certain implementation of RSA key-pair generation adheres to FIPS 186-4. More specifically, Appendix B-3-1. FIPS 186-4 necessitates that $d$ (the private exponent) be created like so:

$d = (e^{-1})\bmod(\text{LCM}(p-1, \space q-1))$

The ...

Score: 2
Hani Gotc avatar
Coursera Course or book(s) That covers the following subjects: OPENSSL, SSH, PKI, MD5, RSA, Certificates, keys, signatures
co flag

I started working as a developper in a cryptography company 3 months ago where the applications are for mostly windows applications. I found that I don't have enough knowledge concerning the topics listed in the table that is taken from Hurdles for Developers in Cryptography.enter image description here

Indeed, these are the subjects that most developers find hard to grasp. Including me of course. I started looking for cou ...

Score: 0
Krzysztof J. Obara avatar
Generating certificate using ECDSA_P256 algorithm but with sha256RSA signature
cn flag

If you have a look at a certificate encrypting it advertises a 256-bit ECC key with ECDSA_P256 parameter. The signature algorithm is sha256RSA. I've been trying to achieve something similar by running the below set of commands, but since the -digest parameter I use is -sha256 the result is always sha256ECDSA signature algorithm. So the question is - how Google did that and is that achievable w ...

Score: 2
RSA short key generation using OpenSSL
ru flag

To write a CTF challenge, I want to create an RSA key pair of size 228-bit. I want the keys exactly in the same format as OpenSSL-generated keys. But, OpenSSL is not supporting less than 512-bit long keys. What could be a solution?

Score: 0
IrAM avatar
Checking Signature File is a Valid one
in flag

We are using a signature file which is in .pkcs7 format and has certificates encoded in it in DER format. In the process of verification of the signature we extract certificates and do final verify.

Is there anyway before we go for extraction of certificates and other crls, to check the signature file is valid(In case a .txt or other is renamed as .pkcs7 etc). Of course the extraction or verific ...

Score: 1
Can I store a public key used to verify a Schnorr signature in PEM format?
ke flag

I want to ask if there is any way to store a Schnorr signature key in PEM format, or any other standardized format.

And, if possible, I would like to know if that's possible to be done in C language; here's my code so far:

EC_KEY *key = EC_KEY_new();
EC_KEY_set_group(*key, group);
EC_KEY_set_private_key(*key, *a);
EC_KEY_set_public_key(*key, *Q);
FILE* fout2 = fopen("pub.key", "wb");
PEM_write_EC_ ...
Score: 0
David Merinos avatar
Extra bytes when decryping with OpenSSL
fr flag

The string is encrypted with the following properties (using C#):

myAes.Mode = CipherMode.CBC

myAes.KeySize = 128

myAes.Padding = PaddingMode.PKCS7

myAes.BlockSize = 128

myAes.FeedbackSize = 128

Key: 5753B8AA97BE5B5D9584864DF3134E64

This is my decryption function:

int AESdecrypt(unsigned char *ciphertext, size_t ciphertext_len, unsigned char *key, unsigned char *iv, unsigned char *plaintext)
Score: 0
how does wireguard encrypted verifies with public key
cn flag

After stumbling upon this question, I wondered if I could obtain a behaviour similar to WireGuard (private and public keys) by using the same WireGuard private key to encrypt a message via OpenSSL in one end, and having the other end being able to verify that message signature by possessing the WireGuard public key. So it could work as some sort of authentication/validation for a request.

For example ...

Score: 0
henderson avatar
Is OpenSSL enc using AES-256-CBC to encrypt large files safe?
jp flag

I first generate a keyfile with openssl rand -hex 64 -out keyfile.

I then encrypt the file with openssl enc -aes-256-cbc -salt -in -out large_encrypted.bin -pass file:./keyfile.

I am encrypting files sized anywhere from a few bytes to 1TB. I will be using this in a simple bash script.

  1. Is this secure in 2021? Should I use a different cipher?
  2. Can any metadata leak from the encrypted file? ...