OpenSSL Cheat Sheet v1.0.5

Today I released the 1.0.5 version of the OpenSSL Cheat Sheet.

Change Control:

  • New additions:
    • Added the Java keytool command to generate Java Key Store files in PERSONAL SECURITY ENVIRONMENTS section.
    • Added two commands to generate CSR files using Elliptic Curve keys instead of RSA keys in DIGITAL CERTIFICATES section.
    • Added the command to generate a CSR file using an existing private key file. Useful when you need to renew your certificate but preserve the private key. DIGITAL CERTIFICATES section.
  • Corrections:
    • A few typo corrections in DIGITAL SIGNATURES.

You can download the PDF version here or access the online version.

The new OpenSSL Cheat Sheet

Enjoy this openssl cheatsheet to apply in symmectric and asymmetric encryption, digital signatures and certificates, create your own CA, sign files, use hashes.

Feel free to post any comments or recommendations for a future version.

You can download the latest PDF version from the website or by clicking here.

openssl cheatsheet

Microsoft Office documents encryption

Encrypt with password

This is a short post just for showing how you can protect your documents created with Microsoft Word, Excel and PowerPoint.

People love working with Microsoft Office documents. I think it’s a matter of simplicity and habit. So, one of my tasks is to give the user a safe way to protect their documents. We can use special tools for encrypting documents at byte level or hardware encryption or any other kind of tools but all of them will fail if they are not easy enough to implement.

Some Microsoft office programs have a feature called “Encrypt with password”. This isn’t neater the typical protect document functionality that just prompts you for a password if you want to open a document (although it requires a password) nor the previous protect with password that used RC4 40-bit encryption. This is a complete encryption functionality that encrypts the whole document using the password as the key. This feature is available since Microsoft Office 2007 using AES for the encryption algorithm and by default 128 bits.

If you want to encrypt a document just go to the File menu, click on Info, then Document protect and finally Encrypt with password. A box will be shown and you just have to type and confirm a strong password. Be careful because as this is an encryption mechanism that will encrypt at byte level your file if you lost the password it can take years to decrypt your file in case it was feasible.

By default office programs don’t force a strong password to be typed but if you want users to always type a strong password you have to write some keys into the windows registry. You can read the details of these keys in this article but here is a extract.

HKEY_CURRENT_USERSoftwareMicrosoftOffice14.0CommonSecurityPasswordComplexity 
HKEY_CURRENT_USERSoftwarePoliciesMicrosoftOffice14.0CommonSecurityPasswordComplexity

	* Value name: PolicyLevel
	* Value type: DWORD
	* Value data: [ 0 | 1 | 2 | 3 ]
	* Use 0 to for no complexity (default), 1 for minimum length, 2 for minimum length plus requiring 3 of 4 character groups, and 3 for all these checks plus enforcing Windows domain password rules.


	* Value name: MinLength
	* Value type: DWORD
	* Specifies the minimum length of password required.

Well, this is all for now.