Linux下使用openssl加解密
搞技术人的废话不多。巴拉巴拉的一大堆,其实就一句话,脚本中不允许有明文。
最简单的方式就是借助openssl实现加解密。
最佳实践奉上:
上面一句是加密,下面是解密。
(加密语句运行多次,生成的密文不同,但是都能解密,且结果相同)
执行openssl help可以查看详细参数以及支持的加解密算法
[root@centos81 ~]# echo "192.168.0.1|test|test+123" | openssl des-ede3-cbc -k test -base64 -pbkdf2
U2FsdGVkX1+Ngce9Vj63g9NMAC/eP6rC9gKQCOTZZYixUluohF3LUStyKcsvfD61
[root@centos81 ~]# echo "U2FsdGVkX1+Ngce9Vj63g9NMAC/eP6rC9gKQCOTZZYixUluohF3LUStyKcsvfD61" | openssl des-ede3-cbc -k test -base64 -pbkdf2 -d
192.168.0.1|test|test+123
[root@centos81 ~]# openssl help
Standard commands
asn1parse ca ciphers cms
crl crl2pkcs7 dgst dhparam
dsa dsaparam ec ecparam
enc engine errstr gendsa
genpkey genrsa help list
nseq ocsp passwd pkcs12
pkcs7 pkcs8 pkey pkeyparam
pkeyutl prime rand rehash
req rsa rsautl s_client
s_server s_time sess_id smime
speed spkac srp storeutl
ts verify version x509
Message Digest commands (see the `dgst' command for more details)
blake2b512 blake2s256 gost md2
md4 md5 rmd160 sha1
sha224 sha256 sha3-224 sha3-256
sha3-384 sha3-512 sha384 sha512
sha512-224 sha512-256 shake128 shake256
sm3
Cipher commands (see the `enc' command for more details)
aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb
aes-256-cbc aes-256-ecb aria-128-cbc aria-128-cfb
aria-128-cfb1 aria-128-cfb8 aria-128-ctr aria-128-ecb
aria-128-ofb aria-192-cbc aria-192-cfb aria-192-cfb1
aria-192-cfb8 aria-192-ctr aria-192-ecb aria-192-ofb
aria-256-cbc aria-256-cfb aria-256-cfb1 aria-256-cfb8
aria-256-ctr aria-256-ecb aria-256-ofb base64
bf bf-cbc bf-cfb bf-ecb
bf-ofb camellia-128-cbc camellia-128-ecb camellia-192-cbc
camellia-192-ecb camellia-256-cbc camellia-256-ecb cast
cast-cbc cast5-cbc cast5-cfb cast5-ecb
cast5-ofb des des-cbc des-cfb
des-ecb des-ede des-ede-cbc des-ede-cfb
des-ede-ofb des-ede3 des-ede3-cbc des-ede3-cfb
des-ede3-ofb des-ofb des3 desx
idea idea-cbc idea-cfb idea-ecb
idea-ofb rc2 rc2-40-cbc rc2-64-cbc
rc2-cbc rc2-cfb rc2-ecb rc2-ofb
rc4 rc4-40 rc5 rc5-cbc
rc5-cfb rc5-ecb rc5-ofb seed
seed-cbc seed-cfb seed-ecb seed-ofb
zlib
[root@centos81 ~]#