restructure

technology/Cryptography/AES.md

@@ -46,7 +46,7 @@ AES employs an SPN structure, combining substitution (replacing each byte with a
 - **AES-256:** Uses a 256-bit key and 14 rounds of encryption.
 
 ## Usage
-One can use AES with [OpenSSL](../applications/OpenSSL.md) or [GPG](../tools/GPG.md):
+One can use AES with [OpenSSL](OpenSSL.md) or [GPG](GPG.md):
 
 ### OpenSSL
 Encrypt:

technology/Cryptography/GPG.md

@@ -0,0 +1,67 @@
+---
+aliases: ["PGP", "GnuPG", "OpenPGP"]
+website: https://www.gnupg.org/
+obj: application
+---
+# GPG
+gpg is the OpenPGP part of the GNU Privacy Guard (GnuPG). It is a tool to provide digital encryption and signing services using the OpenPGP standard. gpg features complete key management and all the bells and whistles you would expect from a full OpenPGP implementation.
+
+## Commands
+
+**Sign:**
+```shell
+gpg --sign
+gpg -s
+gpg --clear-sign # Sign with clear text
+```
+
+**Encrypt:**
+```shell
+gpg --encrypt
+gpg -e
+```
+
+**Symmetric Encryption:**
+```shell
+gpg --symmetric
+gpg -c
+```
+
+**Decrypt:**
+```shell
+gpg --decrypt
+gpg -d
+```
+
+**Verify:**
+```shell
+gpg --verify
+```
+
+## Keys
+
+**List keys:**
+```shell
+gpg --list-keys
+gpg -k # List public keys
+gpg -K # List private keys
+```
+
+**Generate key:**
+```shell
+gpg --generate-key
+```
+
+**Import & export keys:**
+```shell
+gpg --export
+gpg --import
+```
+
+**Key selection:**
+```shell
+ -r, --recipient KEY # Encrypt for key
+ -u, --local-user KEY # Use this key
+```
+
+

technology/Cryptography/OpenSSL.md

@@ -0,0 +1,141 @@
+---
+website:
+- https://www.openssl.org
+- https://www.libressl.org
+obj: application
+---
+
+# OpenSSL
+OpenSSL is a [cryptography](Cryptography.md) toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) network protocols and related [cryptography](Cryptography.md) standards required by them.
+
+The openssl program is a command line program for using the various [cryptography](Cryptography.md) functions of OpenSSL's crypto library from the [shell](cli/Shell.md).  It can be used for:
+- Creation and management of private keys, public keys and parameters
+- Public key cryptographic operations
+- Creation of X.509 certificates, CSRs and CRLs
+- Calculation of Message Digests and Message Authentication Codes
+- Encryption and Decryption with Ciphers
+- SSL/TLS Client and Server Tests
+- Handling of S/MIME signed or encrypted mail
+- Timestamp requests, generation and verification
+
+## Usage
+```shell
+openssl [command] [options]
+```
+
+### Certificates (`openssl req`, `openssl x509`)
+#### Generate a certificate
+Usage: `openssl req -x509 -key private_key.pem -out certificate.pem -days 365`
+
+#### Generate a signed certificate
+```shell
+# Create Certificate Request
+openssl req -new -key entity.key -out entity.csr
+
+# Sign with CA
+openssl x509 -req -in entity.csr -CA ca.crt -CAkey ca.key -out entity.crt -CAcreateserial
+```
+
+#### Show information about a certificate
+Usage: `openssl x509 -in certificate.pem -text -noout`
+
+### Digest (`openssl dgst`)
+Use digest (hash) functions. (Use `openssl dgst -list` for a list of all available digests)
+Usage: `openssl dgst [options] [file]`
+
+#### Options
+| Option        | Description                         |
+| ------------- | ----------------------------------- |
+| `-c`          | Print digest with seperating colons |
+| `-r`          | Print digest in coreutils format    |
+| `-out <file>` | Output to filename                  |
+| `-hex`        | Output as hex                       |
+| `-binary`     | Output in binary                    |
+| `-<digest>`   | Use \<digest>                       |
+
+### Encryption (`openssl enc`)
+Encrypt and decrypt using ciphers (Use `openssl enc -ciphers` for a list of all available ciphers)
+Usage: `openssl enc [options]`
+
+#### Options
+| Option          | Description                                     |
+| --------------- | ----------------------------------------------- |
+| `-e`            | Do Encryption                                   |
+| `-d`            | Do Decryption                                   |
+| `-<cipher>`     | Use \<cipher>                                   |
+| `-in <input>`   | Input file                                      |
+| `-k <val>`      | Passphrase                                      |
+| `-kfile <file>` | Read passphrase from file                       |
+| `-out <output>` | Output file                                     |
+| `-a, -base64`   | [Base64](../files/Base64.md) decode/encode data |
+| `-pbkdf2`       | Use password-based key derivation function 2    |
+| `-iter <num>`   | Change iterations of `-pbkdf2`                  |
+
+### [RSA](RSA.md) (`openssl genrsa`, `openssl rsa`, `openssl pkeyutl`)
+#### Generate [RSA](RSA.md) Private Key (`openssl genrsa`)
+```shell
+openssl genrsa -out <keyfile> [-<cipher>] [-verbose] [-quiet] <numbits>
+```
+
+The `-<cipher>` option lets you protect the key with a password using the specified cipher algo (See `openssl enc -ciphers` for a list of available ciphers).
+
+#### Generate [RSA](RSA.md) Public Key (`openssl rsa`)
+```shell
+openssl rsa -pubout -in <privatekey> [-passin file:<password_file>] -out <publickey>
+```
+
+#### Working with [RSA](RSA.md) (`openssl pkeyutl`)
+```shell
+# Sign with Private Key
+openssl pkeyutl -sign -in <input> -inkey <private_key> [-passin file:<password_file>] -out <output> [-digest algo]
+
+# Verify with Public Key
+openssl pkeyutl -verify -in <input> -pubin -inkey <public_key> -sigfile <signature_file>
+
+# Encrypt with Public Key
+openssl pkeyutl -encrypt -pubin -inkey <public_key> -in <input> -out <output>
+
+# Decrypt with Private Key
+openssl pkeyutl -decrypt -inkey <private_key> [-passin file:<password_file>] -in <input> -out <output>
+```
+
+### Password Hash (`openssl passwd`)
+Generate hashed passwords
+Usage: `openssl passwd [options] [password]`
+
+### Options
+| Option       | Description                                      |
+| ------------ | ------------------------------------------------ |
+| `-in infile` | Read passwords from file                         |
+| `-noverify`  | Never verify when reading password from terminal |
+| `-stdin`     | Read passwords from stdin                        |
+| `-salt val`  | Use provided salt                                |
+| `-6`         | SHA512-based password algorithm                  |
+| `-5`         | SHA256-based password algorithm                  |
+| `-apr1`      | MD5-based password algorithm, Apache variant     |
+| `-1`         | MD5-based password algorithm                     |
+| `-aixmd5`    | AIX MD5-based password algorithm                 |
+
+### Prime Numbers (`openssl prime`)
+Generate and verify prime numbers
+Usage: `openssl prime [options] [num]`
+
+#### Options
+| Option       | Description                                       |
+| ------------ | ------------------------------------------------- |
+| `-bits +int` | Size of number in bits                            |
+| `-hex`       | Hex output                                        |
+| `-generate`  | Generate a prime                                  |
+| `-safe`      | When used with `-generate`, generate a safe prime |
+
+### Random Data (`openssl rand`)
+Generate random data.
+Usage: `openssl rand [options] num`
+
+#### Options
+| Option         | Description                                             |
+| -------------- | ------------------------------------------------------- |
+| `-out outfile` | Output file                                             |
+| `-base64`      | [Base64](../files/Base64.md) encode output              | 
+| `-hex`         | Hex encode output                                       |
+| `-rand val`    | Load the given file(s) into the random number generator |

technology/Cryptography/RSA.md

@@ -33,7 +33,7 @@ RSA is commonly used for digital signatures to verify the authenticity and integ
 - The key length is crucial for security; longer keys provide higher security but may be computationally more expensive.
 
 ## Using RSA in Practice
-Using RSA can be done either with [OpenSSL](../applications/OpenSSL.md) or [GPG](../tools/GPG.md).
+Using RSA can be done either with [OpenSSL](OpenSSL.md) or [GPG](GPG.md).
 
 ### 1. **Key Generation:**
 ```shell

technology/Cryptography/SHA.md

@@ -7,7 +7,7 @@ SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designe
 
 SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of six hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256. SHA-256 and SHA-512 are novel hash functions computed with eight 32-bit and 64-bit words, respectively. They use different shift amounts and additive constants, but their structures are otherwise virtually identical, differing only in the number of rounds. SHA-224 and SHA-384 are truncated versions of SHA-256 and SHA-512 respectively, computed with different initial values. SHA-512/224 and SHA-512/256 are also truncated versions of SHA-512, but the initial values are generated using the method described in Federal Information Processing Standards (FIPS) PUB 180-4.
 
-SHA has libraries for many programming languages and can be used with [OpenSSL](../applications/OpenSSL.md) or the `shasum` command.
+SHA has libraries for many programming languages and can be used with [OpenSSL](OpenSSL.md) or the `shasum` command.
 
 ## Purpose
 Hash functions play a crucial role in [cryptography](Cryptography.md) and information security. They take an input (or message) and produce a fixed-size string of characters, which is typically a digest or hash value. The primary purposes of SHA hash functions include: