Inter-process communication
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/06/93/wKiom1m6RW2TaAlAAAAQWG--UQ4563.png "title=" Qq20170914170031.png "alt=" Wkiom1m6rw2taalaaaaqwg--uq4563.png "/>
Socket communication
Client-to-server, request-to-service, pull-out, and package-to-client request messages from the Receive-request port
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/A5/44/wKioL1m6RjKB-41mAABLq3OggfE129.png "title=" Qq20170914170448.png "alt=" Wkiol1m6rjkb-41maablq3oggfe129.png "/>
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M02/A5/44/wKioL1m6Rrby-lV-AACMTie_iDM553.png "title=" Qq20170914170701.png "alt=" Wkiol1m6rrby-lv-aacmtie_idm553.png "/>
NIST-Developed security standards: confidentiality, integrity, availability
The risks faced in the socket communication model: eavesdropping, spoofing, replay, message tampering, denial of service
Secure means (security mechanism): encryption, authentication, access control, integrity check, routing control, notarization
Services that provide security: authentication, access control, confidentiality, integrity, non-repudiation
Guaranteed service security (algorithms and protocols): symmetric, asymmetric, unidirectional, key exchange
650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/A5/44/wKioL1m6SOPhiJBCAAAxLepL5OY922.png "title=" Qq20170914171416.png "alt=" Wkiol1m6sophijbcaaaxlepl5oy922.png "/>
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M00/A5/44/wKioL1m6SNKxWhAPAABK7S4St_k923.png "style=" float : none; "title=" Qq20170914171440.png "alt=" Wkiol1m6snkxwhapaabk7s4st_k923.png "/>
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/06/94/wKiom1m6SP2QlrdYAAB2HouEZYQ322.png "style=" float : none; "title=" Qq20170914171459.png "alt=" Wkiom1m6sp2qlrdyaab2houezyq322.png "/>
650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M02/A5/44/wKioL1m6SVnzb1t7AAA_FZPY5kU310.png "style=" float : none; "title=" Qq20170914171810.png "alt=" Wkiol1m6svnzb1t7aaa_fzpy5ku310.png "/>
650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M01/06/94/wKiom1m6SYSSGUX_AAAqgrZ-wPY068.png "style=" float : none; "title=" Qq20170914171816.png "alt=" Wkiom1m6syssgux_aaaqgrz-wpy068.png "/>
Basic principles of cryptographic decryption
Symmetric encryption, asymmetric encryption, one-way encryption, key exchange
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M00/A5/44/wKioL1m6TJOBA4n1AAB-GYkNdk4353.png "title=" Qq20170914173159.png "alt=" Wkiol1m6tjoba4n1aab-gykndk4353.png "/>
650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M01/06/94/wKiom1m6TyHg8z44AACfXiKV0xM247.png "title=" Qq20170914174209.png "alt=" Wkiom1m6tyhg8z44aacfxikv0xm247.png "/>
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M00/06/94/wKiom1m6UGSReRO7AABunbaw4Kk039.png "title=" Qq20170914174732.png "alt=" Wkiom1m6ugsrero7aabunbaw4kk039.png "/>
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M02/06/94/wKiom1m6UVnTBd7KAAAvN5XGtw8855.png "title=" Qq20170914175141.png "alt=" Wkiom1m6uvntbd7kaaavn5xgtw8855.png "/>
650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M00/06/94/wKiom1m6UYmyM7u6AABblPy4SEE771.png "title=" Qq20170914175219.png "alt=" Wkiom1m6uymym7u6aabblpy4see771.png "/>
The role of the certification authority CA, certificate
650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M00/A5/45/wKioL1m6UYrzxQwoAAAlhP3S88k688.png "title=" Qq20170914175312.png "alt=" Wkiol1m6uyrzxqwoaaalhp3s88k688.png "/>
Pki
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/06/95/wKiom1m6UfDDO03gAAArzsWOzys930.png "title=" Qq20170914175410.png "alt=" Wkiom1m6ufddo03gaaarzswozys930.png "/>
Specification of certificates
650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M02/A5/45/wKioL1m6UkaB0Mm-AABOrfeMfhU781.png "title=" Qq20170914175618.png "alt=" Wkiol1m6ukab0mm-aaborfemfhu781.png "/>
Communication mechanism based on public key cryptography
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/06/95/wKiom1m6UufSygJOAABJldsH0zw273.png "title=" Qq20170914175819.png "alt=" Wkiom1m6uufsygjoaabjldsh0zw273.png "/>
SSL protocol, program, session establishment, command
650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M01/06/95/wKiom1m6U8vxaCISAAAlxm6CZ58100.png "title=" Qq20170914180203.png "alt=" Wkiom1m6u8vxacisaaalxm6cz58100.png "/>
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M00/A5/45/wKioL1m6U0miE6aLAAAgORyZcfI098.png "title=" Qq20170914180041.png "alt=" Wkiol1m6u0mie6alaaagoryzcfi098.png "/>
SSL Hand Shark : An IP address can only establish one SSL session
650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M01/06/95/wKiom1m6VJGyeIGoAAAy0IRiq0U953.png "title=" Qq20170914180520.png "alt=" Wkiom1m6vjgyeigoaaay0iriq0u953.png "/>
Use of the OpenSSL tool
650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M02/A5/45/wKioL1m6VMfgHOcqAAAMgKFYM_I006.png "title=" Qq20170914180702.png "alt=" Wkiol1m6vmfghocqaaamgkfym_i006.png "/>
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M01/A5/45/wKioL1m6VUqQECx8AAAmpTpQZqQ526.png "style=" float : none; "title=" Qq20170914180845.png "alt=" Wkiol1m6vuqqecx8aaamptpqzqq526.png "/>
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M00/A5/45/wKioL1m6VUrxq50_AAAdhBiTddg916.png "style=" float : none; "title=" QQ20170914180851-copy. png "alt=" Wkiol1m6vurxq50_aaadhbitddg916.png "/>
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M02/A5/45/wKioL1m6VUvzi_lwAAAdAQIF3uc493.png "style=" float : none; "title=" Qq20170914180859.png "alt=" Wkiol1m6vuvzi_lwaaadaqif3uc493.png "/>
Symmetric encryption
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M01/06/95/wKiom1m6Vp2hTWRRAAA00llInOw632.png "title=" Qq20170914181409.png "alt=" Wkiom1m6vp2htwrraaa00llinow632.png "/>
Using the example
Use Example: 1, create temporary file # MKTEMP-P/tmp LCC. Xxxx/tmp/lcc.hfdo2, encryption # OpenSSL ENC-E-seed-cfb-a-salt-in lcc.hfdo-out lcc.ciphertext3, decryption # OpenSSL enc-d-see D-cfb-a-salt-in lcc.ciphertext-out Lcc.txt
One-way encryption
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M02/06/95/wKiom1m6WJOR9kzYAABkFPWGr5M994.png "title=" Qq20170914182232.png "alt=" wkiom1m6wjor9kzyaabkfpwgr5m994.png "/> Use Example
# sha1sum Lcc.txt 5448d7dc19288c6ee87a25d4e2e990f72d786971 lcc.txt# OpenSSL dgst-sha1-hex lcc.txt SHA1 (lcc.txt) = 5448d7 dc19288c6ee87a25d4e2e990f72d786971
Generate User Password
650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M00/06/95/wKiom1m6WTaDCLCpAAAc8BFJrPo226.png "title=" Qq20170914182513.png "alt=" Wkiom1m6wtadclcpaaac8bfjrpo226.png "/>
Using the example
# OpenSSL passwd-1-salt $ (OpenSSL rand-hex 4) # OpenSSL passwd-1-salt $ (OpenSSL Rand-hex 4) 123
Generate random numbers
650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M00/A5/46/wKioL1m6WbyA9s-cAAAegW9iUB8236.png "title=" Qq20170914182809.png "alt=" Wkiol1m6wbya9s-caaaegw9iub8236.png "/>
Using the example
# OpenSSL Rand-hex 4 (8-bit) # OpenSSL rand-base64 16 | tr-d ' = '
Generate key Pair
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M02/A5/46/wKioL1m6WtDjQs8yAAA56vqJWM4956.png "title=" Qq20170914183248.png "alt=" Wkiol1m6wtdjqs8yaaa56vqjwm4956.png "/>
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/06/95/wKiom1m6XFCAMmn2AABBclt0Ncg359.png "title=" Qq20170914183827.png "alt=" Wkiom1m6xfcammn2aabbclt0ncg359.png "/>
Using the example
# OpenSSL Genrsa-out lcc.private 1024
# OpenSSL rsa-in lcc.private-out lcc.pubkey-pubout
This article is from the "Reading" blog, make sure to keep this source http://sonlich.blog.51cto.com/12825953/1965404
The application of the OpenSSL---------Linux