Join Sean Colins for an in-depth discussion in this video Using a hash function to create a digest using OpenSSL, part of Understanding Secure Sockets Layer.
- So now that you know what a hash is let's give an example. I'm a big fan of learning by doing so let's do this, if you're on your own system go ahead and break out your terminal application. This will work, by the way, on a Linux system, it will work on a windows system. We're just using the open SSL command line stuff so this is all good. I just happen to be on a Mac, but you don't have to be. So open SSL is a, like I explained in chapter one, an open source compilation of SSLMTLS and a whole bunch of cool stuff that gets put into operating systems all over in order to implement security through SSL.
So we're just going to use open SSL and we're going to dictate which hash we're going to use. We're going to use the sha1 hash and we're going to tell it to output a file and we're going to tell it which file we're going to output to. So I don't have the file yet that I'm going to output to. I'm going to have it make it for me. I'm going to indicate that it's going to go to my home folder, whatever home folder that happens to be on my system. The tildes a shortcut for that and then a forward slash and then on to my desktop, because I want to be able to see it pop up there.
And then the name of the file. I'm just going to call this, for reasons that will be clear soon, I'm going to call it oversha1. Sha1 because I just want it to be sha1, and I want it to be clear that's what we used to create this digest file. But also the over file here is going to become evident really quickly here. So that's going to be a txt file and then I'm going to dictate where it's coming from. Another tilde, desktop, I hit tab in order to complete the typing of that and then over.txt is the file that I've got.
Now I'll point out that this is the full command and this will do what we want it to do. But before I get started here with that command this is the file that I am going to digest. It's just the poem Over the River and Through the Woods. So this is a solid piece of text, nice long poem. Hit return, creates a file. You saw it pop-up as soon as I hit the return key on my key board. And if I do a quick view of that you can see here that it's telling me that we've got a sha1 digest of that file and that equals this 57b092 blah-blah-blah-blah-blah.
What happens if I change that file? Well first of all, before I change that file, let's just run the same thing again. Except this time I'm going to call this one overshah1again.txt, hit return, out it pops. Once again, the two, and I can open them both here on our system and put them side-by-side or one on top of the other. You can see very clearly here that these are identical. All right, close both of those. Now go into the over file, I'm just going to be really emphatic about this and save it.
An extra exclamation mark at the end, one little change. Go back over here, by the way I'm hitting the up key on my keyboard in order to get the most recent things that I've typed so I don't have to type them over again, big time saver there. Oversha1changed will be the resulting output on this one, but keep in mind, same input file. Hit return, here's the changed file. And if I open the two of these, actually I'm going to do the original and the one that says changed.
I'm going to open both of those and I'm going to put those right next to each other. Here's oversha1, that's our first. That's our 57b09, this is the familiar one from before. And here you can see oversha1changed, pulling it down here. Really different, not just a little different, really different. One exclamation mark. So that's an example of running the sha1 command using open SSL at the command line to create a hash of the file. Now here is something that I would like to point out that I think is very interesting.
Say I put it back the way it was and hit save and close it again, I think you're really going to like this. I'm going to call this one changedback, just so I've got another different file. So here's changedback and here's the original. There we go, matching up, changed back perfectly. So you can see it really is calculating the sha of this poem and creating a file where you can tell if it's different.
- SSL communications
- Certificate authorities
- Public key infrastructures
- Symmetric and asymmetric key pairs
- Cryptographic hash functions
- Encryption algorithms
Start now, and by the end of this course you'll have the knowledge to create SSL certificates, as well as revoke and renew them, from the command line.