\documentclass[10pt,a4paper]{article}

% Packages
\usepackage{fancyhdr}           % For header and footer
\usepackage{multicol}           % Allows multicols in tables
\usepackage{tabularx}           % Intelligent column widths
\usepackage{tabulary}           % Used in header and footer
\usepackage{hhline}             % Border under tables
\usepackage{graphicx}           % For images
\usepackage{xcolor}             % For hex colours
%\usepackage[utf8x]{inputenc}    % For unicode character support
\usepackage[T1]{fontenc}        % Without this we get weird character replacements
\usepackage{colortbl}           % For coloured tables
\usepackage{setspace}           % For line height
\usepackage{lastpage}           % Needed for total page number
\usepackage{seqsplit}           % Splits long words.
%\usepackage{opensans}          % Can't make this work so far. Shame. Would be lovely.
\usepackage[normalem]{ulem}     % For underlining links
% Most of the following are not required for the majority
% of cheat sheets but are needed for some symbol support.
\usepackage{amsmath}            % Symbols
\usepackage{MnSymbol}           % Symbols
\usepackage{wasysym}            % Symbols
%\usepackage[english,german,french,spanish,italian]{babel}              % Languages

% Document Info
\author{Alberto González (albertx)}
\pdfinfo{
  /Title (openssl.pdf)
  /Creator (Cheatography)
  /Author (Alberto González (albertx))
  /Subject (OpenSSL Cheat Sheet)
}

% Lengths and widths
\addtolength{\textwidth}{6cm}
\addtolength{\textheight}{-1cm}
\addtolength{\hoffset}{-3cm}
\addtolength{\voffset}{-2cm}
\setlength{\tabcolsep}{0.2cm} % Space between columns
\setlength{\headsep}{-12pt} % Reduce space between header and content
\setlength{\headheight}{85pt} % If less, LaTeX automatically increases it
\renewcommand{\footrulewidth}{0pt} % Remove footer line
\renewcommand{\headrulewidth}{0pt} % Remove header line
\renewcommand{\seqinsert}{\ifmmode\allowbreak\else\-\fi} % Hyphens in seqsplit
% This two commands together give roughly
% the right line height in the tables
\renewcommand{\arraystretch}{1.3}
\onehalfspacing

% Commands
\newcommand{\SetRowColor}[1]{\noalign{\gdef\RowColorName{#1}}\rowcolor{\RowColorName}} % Shortcut for row colour
\newcommand{\mymulticolumn}[3]{\multicolumn{#1}{>{\columncolor{\RowColorName}}#2}{#3}} % For coloured multi-cols
\newcolumntype{x}[1]{>{\raggedright}p{#1}} % New column types for ragged-right paragraph columns
\newcommand{\tn}{\tabularnewline} % Required as custom column type in use

% Font and Colours
\definecolor{HeadBackground}{HTML}{333333}
\definecolor{FootBackground}{HTML}{666666}
\definecolor{TextColor}{HTML}{333333}
\definecolor{DarkBackground}{HTML}{293861}
\definecolor{LightBackground}{HTML}{F8F8FA}
\renewcommand{\familydefault}{\sfdefault}
\color{TextColor}

% Header and Footer
\pagestyle{fancy}
\fancyhead{} % Set header to blank
\fancyfoot{} % Set footer to blank
\fancyhead[L]{
\noindent
\begin{multicols}{3}
\begin{tabulary}{5.8cm}{C}
    \SetRowColor{DarkBackground}
    \vspace{-7pt}
    {\parbox{\dimexpr\textwidth-2\fboxsep\relax}{\noindent
        \hspace*{-6pt}\includegraphics[width=5.8cm]{/web/www.cheatography.com/public/images/cheatography_logo.pdf}}
    }
\end{tabulary}
\columnbreak
\begin{tabulary}{11cm}{L}
    \vspace{-2pt}\large{\bf{\textcolor{DarkBackground}{\textrm{OpenSSL Cheat Sheet}}}} \\
    \normalsize{by \textcolor{DarkBackground}{Alberto González (albertx)} via \textcolor{DarkBackground}{\uline{cheatography.com/122237/cs/22629/}}}
\end{tabulary}
\end{multicols}}

\fancyfoot[L]{ \footnotesize
\noindent
\begin{multicols}{3}
\begin{tabulary}{5.8cm}{LL}
  \SetRowColor{FootBackground}
  \mymulticolumn{2}{p{5.377cm}}{\bf\textcolor{white}{Cheatographer}}  \\
  \vspace{-2pt}Alberto González (albertx) \\
  \uline{cheatography.com/albertx} \\
        \uline{\seqsplit{albertx}.mx/blog/}
  \end{tabulary}
\vfill
\columnbreak
\begin{tabulary}{5.8cm}{L}
  \SetRowColor{FootBackground}
  \mymulticolumn{1}{p{5.377cm}}{\bf\textcolor{white}{Cheat Sheet}}  \\
   \vspace{-2pt}Published 25th May, 2020.\\
   Updated 9th June, 2021.\\
   Page {\thepage} of \pageref{LastPage}.
\end{tabulary}
\vfill
\columnbreak
\begin{tabulary}{5.8cm}{L}
  \SetRowColor{FootBackground}
  \mymulticolumn{1}{p{5.377cm}}{\bf\textcolor{white}{Sponsor}}  \\
  \SetRowColor{white}
  \vspace{-5pt}
  %\includegraphics[width=48px,height=48px]{dave.jpeg}
  Measure your website readability!\\
  www.readability-score.com
\end{tabulary}
\end{multicols}}




\begin{document}
\raggedright
\raggedcolumns

% Set font size to small. Switch to any value
% from this page to resize cheat sheet text:
% www.emerson.emory.edu/services/latex/latex_169.html
\footnotesize % Small font.

\begin{multicols*}{2}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{BASICS}}  \tn
% Row 0
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Checking version\{\{nl\}\}{\bf{openssl version -a}}} \tn 
% Row Count 1 (+ 1)
% Row 1
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{How fast it runs on the system using four CPU cores and testing RSA algorithm\{\{nl\}\}{\bf{openssl speed -multi 4 rsa}}} \tn 
% Row Count 4 (+ 3)
% Row 2
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Get basic help\{\{nl\}\}{\bf{openssl help}}} \tn 
% Row Count 5 (+ 1)
% Row 3
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Generate 20 random bytes and show them on screen\{\{nl\}\}\{\{noshy\}\}{\bf{openssl rand -hex 20}}} \tn 
% Row Count 7 (+ 2)
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{ENCODING / DECODING}}  \tn
% Row 0
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Encoding a file using Base64\{\{nl\}\}{\bf{openssl base64 -in file.data}}} \tn 
% Row Count 2 (+ 2)
% Row 1
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Encoding some text using Base64\{\{nl\}\}{\bf{echo -n "some text" | openssl base64}}} \tn 
% Row Count 4 (+ 2)
% Row 2
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Base64 decode a file with output to another file\{\{nl\}\}{\bf{openssl base64 -d -in encoded.data -out decoded.data}}} \tn 
% Row Count 7 (+ 3)
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{WORKING WITH HASHES}}  \tn
% Row 0
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{List digest algorithms available\{\{nl\}\}{\bf{openssl list -digest-algorithms}}} \tn 
% Row Count 2 (+ 2)
% Row 1
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Hash a file using SHA256\{\{nl\}\}{\bf{openssl dgst -sha256 file.data}}} \tn 
% Row Count 4 (+ 2)
% Row 2
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Hash a file using SHA256 with its output in binary form (no output hex encoding)\{\{nl\}\}{\emph{No ASCII or encoded characters will be printed out to the console, just pure bytes. You can append ' | xxd'}}\{\{nl\}\}\{\{noshy\}\}{\bf{openssl dgst -binary -sha256 file.data}}} \tn 
% Row Count 10 (+ 6)
% Row 3
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Hash text using SHA3-512\{\{nl\}\}{\bf{echo -n  "some text" | openssl dgst -sha3-512}}} \tn 
% Row Count 12 (+ 2)
% Row 4
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Create HMAC - SHA384 of a file using a specific key in bytes\{\{nl\}\}\{\{noshy\}\}{\bf{openssl dgst -SHA384 -mac HMAC -macopt hexkey:369bd7d655 file.data}}} \tn 
% Row Count 15 (+ 3)
% Row 5
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Create HMAC - SHA512 of some text\{\{nl\}\}{\bf{echo -n "some text" | openssl dgst -mac HMAC -macopt hexkey:369bd7d655 -sha512}}} \tn 
% Row Count 18 (+ 3)
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{ASYMMETRIC ENCRYPTION}}  \tn
% Row 0
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{List elliptic curves available\{\{nl\}\}{\bf{openssl ecparam -list\_curves}}} \tn 
% Row Count 2 (+ 2)
% Row 1
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Create 4096 bits RSA public-private key pair\{\{nl\}\}{\bf{openssl genrsa -out pub\_priv.key 4096}}} \tn 
% Row Count 4 (+ 2)
% Row 2
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Display detailed private key information\{\{nl\}\}\{\{noshy\}\}{\bf{openssl rsa -text -in pub\_priv.key -noout}}} \tn 
% Row Count 6 (+ 2)
% Row 3
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Encrypt public-private key pair using AES-256 algorithm\{\{nl\}\}\{\{noshy\}\}{\bf{openssl rsa -in pub\_priv.key -out encrypted.key -aes256}}} \tn 
% Row Count 9 (+ 3)
% Row 4
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Remove keys file encryption and save them to another file\{\{nl\}\}\{\{noshy\}\}{\bf{openssl rsa -in encrypted.key -out cleartext.key}}} \tn 
% Row Count 12 (+ 3)
% Row 5
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Copy the public key of the public-private key pair file to another file\{\{nl\}\}\{\{noshy\}\}{\bf{openssl rsa -in pub\_priv.key -pubout -out pubkey.key}}} \tn 
% Row Count 15 (+ 3)
% Row 6
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Encrypt a file using RSA public key\{\{nl\}\}\{\{noshy\}\}{\bf{openssl rsautl -encrypt -inkey pubkey.key -pubin -in cleartext.file -out ciphertext.file}}} \tn 
% Row Count 18 (+ 3)
% Row 7
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Decrypt a file using RSA private key\{\{nl\}\}\{\{noshy\}\}{\bf{openssl rsautl -decrypt -inkey pub\_priv.key -in ciphertext.file -out decrypted.file}}} \tn 
% Row Count 21 (+ 3)
% Row 8
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Create private key using the P-224 elliptic curve\{\{nl\}\}\{\{noshy\}\}{\bf{openssl ecparam -name secp224k1 -genkey -out ecpriv.key}}} \tn 
% Row Count 24 (+ 3)
% Row 9
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Encrypt private key using 3DES algorithm\{\{nl\}\}\{\{noshy\}\}{\bf{openssl ec -in ecP384priv.key -des3 -out ecP384priv\_enc.key}}} \tn 
% Row Count 27 (+ 3)
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{SYMMETRIC ENCRYPTION}}  \tn
% Row 0
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{List all supported symmetric encryption ciphers\{\{nl\}\}{\bf{openssl enc -list}}} \tn 
% Row Count 2 (+ 2)
% Row 1
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Encrypt a file using an ASCII encoded password provided and AES-128-ECB algorithm\{\{nl\}\}\{\{noshy\}\}{\bf{openssl enc -aes-128-ecb -in cleartext.file -out ciphertext.file -pass pass:thisisthepassword}}} \tn 
% Row Count 6 (+ 4)
% Row 2
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Decrypt a file using AES-256-CBC and a keyfile \{\{nl\}\}\{\{noshy\}\}{\bf{openssl enc -d -aes-256-cbc -in ciphertext.file -out cleartext.file -pass file:./key.file}}} \tn 
% Row Count 10 (+ 4)
% Row 3
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Encrypt a file using a specific encryption key (K) provided as hex digits\{\{nl\}\}\{\{noshy\}\}{\bf{openssl enc -aes-128-ecb -in cleartext.file -out ciphertext.file -K \seqsplit{1881807b2d1b3d22f14e9ec52563d981} -nosalt}}} \tn 
% Row Count 14 (+ 4)
% Row 4
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Encrypt a file using ARIA 256 in CBC block cipher mode using a specified encryption key (K:256 bits) and initialization vector (iv:128 bits)\{\{nl\}\}\{\{noshy\}\}{\bf{openssl enc -aria-256-cbc -in cleartext.file -out ciphertext.file -K \seqsplit{f92d2e986b7a2a01683b4c40d0cbcf6feaa669ef2bb5ec3a25ce85d9548291c1} -iv \seqsplit{470bc29762496046882b61ecee68e07c} -nosalt}}} \tn 
% Row Count 21 (+ 7)
% Row 5
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Encrypt a file using Camellia 192 algorithm in COUNTER block cipher mode with key and iv provided\{\{nl\}\}\{\{noshy\}\}{\bf{openssl enc -camellia-192-ctr -in cleartext.file -out ciphertext.file -K \seqsplit{6c7a1b3487d28d3bf444186d7c529b48d67dd6206c7a1b34} -iv 470bc29762496046882b61ecee68e07c}}} \tn 
% Row Count 27 (+ 6)
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{DIGITAL SIGNATURES}}  \tn
% Row 0
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Generate DSA parameters for the private key. 2048 bits length\{\{nl\}\}\{\{noshy\}\}{\bf{openssl dsaparam -out dsaparam.pem 2048}}} \tn 
% Row Count 3 (+ 3)
% Row 1
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Generate DSA public-private key for signing documents and protect it using AES128 algorithm\{\{nl\}\}\{\{noshy\}\}{\bf{openssl gendsa -out dsaprivatekey.pem -aes-128-cbc dsaparam.pem}}} \tn 
% Row Count 7 (+ 4)
% Row 2
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Copy the public key of the DSA public-private key file to another file\{\{nl\}\}\{\{noshy\}\}{\bf{openssl dsa -in dsaprivatekey.pem -pubout -out dsapublickey.pem}}} \tn 
% Row Count 11 (+ 4)
% Row 3
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{To print out the contents of a DSA key pair file\{\{nl\}\}\{\{noshy\}\}{\bf{openssl dsa -in dsaprivatekey.pem -text -noout}}} \tn 
% Row Count 14 (+ 3)
% Row 4
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Signing the sha-256 hash of a file using RSA private key\{\{nl\}\}\{\{noshy\}\}{\bf{openssl dgst -sha256 -sign rsakey.key -out signature.data document.pdf}}} \tn 
% Row Count 17 (+ 3)
% Row 5
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Verify a SHA-256 file signature using a public key \{\{nl\}\}\{\{noshy\}\}{\bf{openssl dgst -sha256 -verify publickey.pem -signature signature.data original.file}}} \tn 
% Row Count 21 (+ 4)
% Row 6
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Signing the sha3-512 hash of a file using DSA private key\{\{nl\}\}\{\{noshy\}\}{\bf{openssl pkeyutl -sign -pkeyopt digest:sha3-512 -in document.docx -inkey dsaprivatekey.pem -out signature.data}}} \tn 
% Row Count 25 (+ 4)
% Row 7
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Verify DSA signature\{\{nl\}\}\{\{noshy\}\}{\bf{openssl pkeyutl -verify -sigfile dsasignature.data -inkey dsakey.pem -in document.docx}}} \tn 
% Row Count 28 (+ 3)
% Row 8
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Create a private key using P-384 Elliptic Curve\{\{nl\}\}\{\{noshy\}\}{\bf{openssl ecparam -name secp384r1 -genkey -out ecP384priv.key}}} \tn 
% Row Count 31 (+ 3)
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{DIGITAL SIGNATURES (cont)}}  \tn
% Row 9
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Encrypt private key using 3DES algorithm\{\{nl\}\}\{\{noshy\}\}{\bf{openssl ec -in ecP384priv.key -des3 -out ecP384priv\_enc.key}}} \tn 
% Row Count 3 (+ 3)
% Row 10
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Sign a PDF file using Elliptic Curves with the generated key\{\{nl\}\}\{\{noshy\}\}{\bf{openssl pkeyutl -sign -inkey ecP384priv\_enc.key -pkeyopt digest:sha3-512 -in document.pdf -out signature.data}}} \tn 
% Row Count 7 (+ 4)
% Row 11
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Verify the file's signature. If it's ok you must receive "Signature Verified Successfully"\{\{nl\}\}\{\{noshy\}\}{\bf{openssl pkeyutl -verify -in document.pdf -sigfile signature.data -inkey ecP384priv\_enc.key}}} \tn 
% Row Count 11 (+ 4)
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{DIGITAL CERTIFICATES}}  \tn
% Row 0
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Generating a CSR file and a 4096 bits RSA key pair\{\{nl\}\}\{\{noshy\}\}{\bf{openssl req -newkey rsa:4096 -keyout private.key -out request.csr}}} \tn 
% Row Count 3 (+ 3)
% Row 1
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Display Certificate Signing Request ( CSR ) content\{\{nl\}\}\{\{noshy\}\}{\bf{openssl req -text -noout -in request.csr}}} \tn 
% Row Count 6 (+ 3)
% Row 2
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Display the public key contained in the CSR file\{\{nl\}\}\{\{noshy\}\}{\bf{openssl req -pubkey -noout -in request.csr}}} \tn 
% Row Count 9 (+ 3)
% Row 3
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Creating a Certificate Signing Request ( CSR ) using an existing private key. {\emph{This can be useful when you need to renew the public digital certificate without changing the private key.}}\{\{nl\}\}\{\{noshy\}\}{\bf{openssl req -new -key private.key -out request.csr}}} \tn 
% Row Count 15 (+ 6)
% Row 4
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Create EC P384 curve parameters file to generate a CSR using Elliptic Curves in the next step.\{\{nl\}\}\{\{noshy\}\}{\bf{openssl genpkey -genparam -algorithm EC -out EC\_params.pem -pkeyopt \seqsplit{ec\_paramgen\_curve:secp384r1} -pkeyopt ec\_param\_enc:named\_curve}}} \tn 
% Row Count 20 (+ 5)
% Row 5
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Create a CSR file using Elliptic Curve P384 parameters file created in the previous step. {\emph{Instead of using RSA keys.}}\{\{nl\}\}\{\{noshy\}\}{\bf{openssl req -newkey ec:EC\_params.pem -keyout EC\_P384\_priv.key -out EC\_request.csr}}} \tn 
% Row Count 25 (+ 5)
% Row 6
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Create a self-signed certificate, a new 2048 bits RSA key pair with one year of validity\{\{nl\}\}\{\{noshy\}\}{\bf{openssl req -newkey rsa:2048 -nodes -keyout priv.key -x509 -days 365 -out cert.crt}}} \tn 
% Row Count 29 (+ 4)
% Row 7
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Create and sign a new certificate using the CSR file and the private key for signing ( you must have a openssl.cnf file prepared )\{\{nl\}\}\{\{noshy\}\}{\bf{openssl ca -in request.csr -out certificate.crt -config ./CA/config/openssl.cnf}}} \tn 
% Row Count 34 (+ 5)
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{DIGITAL CERTIFICATES (cont)}}  \tn
% Row 8
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Display PEM format certificate information\{\{nl\}\}{\bf{openssl x509 -text -noout -in cert.crt}}} \tn 
% Row Count 2 (+ 2)
% Row 9
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Display certificate information in Abstract Sintax Notation One (ASN.1)\{\{nl\}\}\{\{noshy\}\}{\bf{openssl asn1parse -in cert.crt}}} \tn 
% Row Count 5 (+ 3)
% Row 10
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Extract the certificate's public key\{\{nl\}\}{\bf{openssl x509 -pubkey -noout -in cert.crt}}} \tn 
% Row Count 7 (+ 2)
% Row 11
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Extract the public key's modulus in the certificate\{\{nl\}\}{\bf{openssl x509 -modulus -noout -in cert.crt}}} \tn 
% Row Count 10 (+ 3)
% Row 12
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Extract the domain certificate from an HTTPS/TLS connection\{\{nl\}\}\{\{noshy\}\}{\bf{openssl s\_client -connect domain.com:443 | openssl x509 -out certificate.crt}}} \tn 
% Row Count 14 (+ 4)
% Row 13
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Convert a certificate from PEM to DER format\{\{nl\}\}\{\{noshy\}\}{\bf{openssl x509 -inform PEM -outform DER -in cert.crt -out cert.der}}} \tn 
% Row Count 17 (+ 3)
% Row 14
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Checking whether the certificate pubic key matches a private key and request file. One step per file. Must match in the output hashes.\{\{nl\}\}\{\{noshy\}\}{\bf{openssl x509 -modulus -in certificate.crt -noout | openssl dgst -sha256\{\{nl\}\}openssl rsa -modulus -in private.key -noout | openssl dgst -sha256\{\{nl\}\}openssl req -modulus -in request.csr -noout | openssl dgst -sha256}}} \tn 
% Row Count 25 (+ 8)
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{WORKING WITH TLS PROTOCOL}}  \tn
% Row 0
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{List all cipher suites supported\{\{nl\}\}{\bf{openssl ciphers -V 'ALL'}}} \tn 
% Row Count 2 (+ 2)
% Row 1
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{List all cipher suites supported with AES\{\{nl\}\}{\bf{openssl ciphers -V 'AES'}}} \tn 
% Row Count 4 (+ 2)
% Row 2
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{List all cipher suites supporting CAMELLIA \& SHA256 algorithms.\{\{nl\}\}\{\{noshy\}\}{\bf{openssl ciphers -V 'CAMELLIA+SHA256'}}} \tn 
% Row Count 7 (+ 3)
% Row 3
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{TLS connection to a server using port 443 (HTTPS)\{\{nl\}\}\{\{noshy\}\}{\bf{openssl s\_client -connect domain.com:443}}} \tn 
% Row Count 10 (+ 3)
% Row 4
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{TLS connection to a server using v1.2\{\{nl\}\}\{\{noshy\}\}{\bf{openssl s\_client -tls1\_2 -connect domain.com:443}}} \tn 
% Row Count 13 (+ 3)
% Row 5
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{TLS connection \& disable v1.0\{\{nl\}\}\{\{noshy\}\}{\bf{openssl s\_client -no\_tls1 domain.com:443}}} \tn 
% Row Count 15 (+ 2)
% Row 6
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{TLS connection using a specific cipher suite\{\{nl\}\}\{\{noshy\}\}{\bf{openssl s\_client -cipher \seqsplit{DHE-RSA-AES256-GCM-SHA384} domain.com:443}}} \tn 
% Row Count 18 (+ 3)
% Row 7
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{TLS connection displaying all certificates provided by server\{\{nl\}\}\{\{noshy\}\}{\bf{openssl s\_client -showcerts domain.com:443}}} \tn 
% Row Count 21 (+ 3)
% Row 8
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Setting up a listening port to receive TLS connections using a certificate, the private key \& supporting only TLS 1.2\{\{nl\}\}\{\{noshy\}\}{\bf{openssl s\_server -port 443 -cert cert.crt -key priv.key -tls1\_2}}} \tn 
% Row Count 25 (+ 4)
% Row 9
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Extract the domain certificate from an HTTPS/TLS connection\{\{nl\}\}\{\{noshy\}\}{\bf{openssl s\_client -connect domain.com:443 | openssl x509 -out certificate.crt}}} \tn 
% Row Count 29 (+ 4)
% Row 10
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{{\emph{nmap command:}} Display enabled cipher-suites over an HTTPS/TLS Connection\{\{nl\}\}\{\{noshy\}\}{\bf{nmap -{}-script ssl-enum-ciphers -p 443 domain.com}}} \tn 
% Row Count 32 (+ 3)
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{WORKING WITH TLS PROTOCOL (cont)}}  \tn
% Row 11
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{{\emph{nmap command:}} Display enabled cipher-suites over a TLS (HTTPS) Connection using SNI. {\emph{(change it to desired IP \& domain name)}}\{\{nl\}\}\{\{noshy\}\}{\bf{nmap -{}-script ssl-enum-ciphers -{}-script-args=tls.servername=domain.com 172.67.129.11}}} \tn 
% Row Count 5 (+ 5)
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{PERSONAL SECURITY ENVIRONMENTS ( PSE )}}  \tn
% Row 0
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Convert a certificate from PEM (base64) to DER (binary) format\{\{nl\}\}{\bf{openssl x509 -in certificate.pem -outform DER -out certificate.der}}} \tn 
% Row Count 3 (+ 3)
% Row 1
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Insert certificate \& private key into PKCS \#12 format file. These files can be imported in windows certificate manager or to a Java Key Store (jks) file\{\{nl\}\}\{\{noshy\}\}{\bf{openssl pkcs12 -export -out cert\_key.p12 -inkey private.key -in certificate.crt}}} \tn 
% Row Count 8 (+ 5)
% Row 2
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{To show the contents of a PKCS \#12 file\{\{nl\}\}{\bf{openssl pkcs12 -in cert\_key.p12}}} \tn 
% Row Count 10 (+ 2)
% Row 3
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Convert the .p12 file into a Java Key Store. {\emph{This commnad uses java keytool instead of openssl.}}\{\{nl\}\}\{\{noshy\}\}{\bf{keytool -importkeystore -destkeystore javakeystore.jks -srckeystore cert\_key.p12 -srcstoretype pkcs12}}} \tn 
% Row Count 15 (+ 5)
% Row 4
\SetRowColor{LightBackground}
\mymulticolumn{1}{x{8.4cm}}{Convert PEM certificate to PKCS \#7 format\{\{nl\}\}\{\{noshy\}\}{\bf{openssl crl2pkcs7 -nocrl -certfile certificate.crt -out cert.p7b}}} \tn 
% Row Count 18 (+ 3)
% Row 5
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Convert a PKCS \#7 file from PEM to DER\{\{nl\}\}\{\{noshy\}\}{\bf{openssl pkcs7 -in cert.p7b -outform DER -out p7.der}}} \tn 
% Row Count 21 (+ 3)
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{SIMPLE CA CONFIGURATION FILE ( openssl.cnf )}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{{[} ca {]} \newline % Row Count 1 (+ 1)
default\_ca      = CA\_default \{\{nl\}\} \newline % Row Count 2 (+ 1)
{[} CA\_default {]} \newline % Row Count 3 (+ 1)
dir            = ./personalCA  \newline % Row Count 4 (+ 1)
database       = \$dir/index.txt  \newline % Row Count 5 (+ 1)
new\_certs\_dir  = \$dir/newcerts\{\{nl\}\} \newline % Row Count 6 (+ 1)
certificate    = \$dir/cacert.pem  \newline % Row Count 7 (+ 1)
serial         = \$dir/serial  \newline % Row Count 8 (+ 1)
rand\_serial    = yes \newline % Row Count 9 (+ 1)
private\_key    = \$dir/private/cakey.pem \newline % Row Count 10 (+ 1)
RANDFILE       = \$dir/private/.rand\{\{nl\}\} \newline % Row Count 11 (+ 1)
default\_days   = 365                \newline % Row Count 12 (+ 1)
default\_crl\_days= 30                 \newline % Row Count 13 (+ 1)
default\_md     = SHA256        \{\{nl\}\} \newline % Row Count 14 (+ 1)
policy         = policy\_any   \newline % Row Count 15 (+ 1)
email\_in\_dn    = no\{\{nl\}\} \newline % Row Count 16 (+ 1)
name\_opt       = ca\_default     \newline % Row Count 17 (+ 1)
cert\_opt       = ca\_default     \newline % Row Count 18 (+ 1)
copy\_extensions = none\{\{nl\}\} \newline % Row Count 19 (+ 1)
{[} policy\_any {]} \newline % Row Count 20 (+ 1)
countryName            = supplied \newline % Row Count 21 (+ 1)
stateOrProvinceName    = optional \newline % Row Count 22 (+ 1)
organizationName       = optional \newline % Row Count 23 (+ 1)
organizationalUnitName = optional \newline % Row Count 24 (+ 1)
commonName             = supplied \newline % Row Count 25 (+ 1)
emailAddress           = optional% Row Count 26 (+ 1)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{FINAL NOTES}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{{\bf{- All openssl commands were tested using OpenSSL version 1.1.1f}} \newline % Row Count 2 (+ 2)
{\bf{- All nmap commands were tested using nmap version 7.80. nmap is compiled using openssl libraries.}} \newline % Row Count 5 (+ 3)
{\bf{- The default format for almost all operations in openssl is PEM, however you can always specify a DER format using arguments or export to other formats with appropriate commands indicated on the document.}}% Row Count 10 (+ 5)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}


% That's all folks
\end{multicols*}

\end{document}