Say, we have one certificate key and one private key in hand, test.pem and test.key respectively.
[encrypt a file using private key]
openssl rsautl -encrypt -inkey /tmp/test.key -in /tmp/file.txt -out /tmp/file.ssl
[encrypt a file using certificate]
openssl rsautl -encrypt -certin -inkey /tmp/test.pem -in /tmp/file.txt -out /tmp/file.ssl
[decrypt a encrypted file using private key]
openssl rsautl -decrypt -inkey /tmp/test.key -in /tmp/file.ssl -out /tmp/file.ori
[encrypt a file using password]
openssl enc -aes-256-cbc -salt -pass pass:edison -in test.key -out test.key.enc
or
openssl rsa -in test.key -des -passout pass:edison -out test.key.enc
[decrypt a encrypted file using password]
openssl enc -aes-256-cbc -d -pass pass:edison -in test.key.enc -out test.key.ori
or
openssl rsa -in test.key.enc -passin pass:edison -out test.key.dec
2014年5月20日 星期二
2014年5月19日 星期一
Wi-Fi extender can not get DHCP IP issue
This issue happened while doing a Atheros Wi-Fi extender project. It looks like a layer 2 issue and QCM FAE also indicates that we need to implement a NAT-like table but for layer 2 to trick the AP that these are packets from one of its clients instead of a remote device. But we captured packets from TL-WR710N using omnipeak and found that there's no NAT trick done by it and the only difference is that whatever packets forwarded by it for DHCP packets are set with broadcast flag in bootp data. The flag is set from 0 to 0x8000. But doing the same modification in our QCM product does not make things better. It even affects the original working DHCP behavior in our QCM product itself. After setting the bootp broadcast, even the QCM product itself can not get IP offer.
Guess what ? The direction is correct, and the solution is right, but lacks of something vital... Yes, a wrong UDP checksum ! Whatever you made a change to a payload, be sure to check the payload correctness using tools like Wireshark or Ethereal. Omnipeak won't do the trick for you though. Using csum_tcpudp_magic() and csum_partial() to recalculate the checksum and stuff it back to the UDP checksum. Bang ! Everything works !
Guess what ? The direction is correct, and the solution is right, but lacks of something vital... Yes, a wrong UDP checksum ! Whatever you made a change to a payload, be sure to check the payload correctness using tools like Wireshark or Ethereal. Omnipeak won't do the trick for you though. Using csum_tcpudp_magic() and csum_partial() to recalculate the checksum and stuff it back to the UDP checksum. Bang ! Everything works !
2014年5月7日 星期三
Atheros wlan module note
- set athx mac address
ath_vap_create(), if_ath.c
- send packets out of vap sta to home ap
ieee80211_send_setup(), ieee80211_mgmt.c
- send packets out between vaps(vap ap->sta)
ieee80211_ibss2ap_header() in ieee80211_encap_80211(), ieee80211_output.c
- receive packets for both vap ap and sta
ieee80211_aponly.c
ath_vap_create(), if_ath.c
- send packets out of vap sta to home ap
ieee80211_send_setup(), ieee80211_mgmt.c
- send packets out between vaps(vap ap->sta)
ieee80211_ibss2ap_header() in ieee80211_encap_80211(), ieee80211_output.c
- receive packets for both vap ap and sta
ieee80211_aponly.c
訂閱:
文章 (Atom)