I am encrypting a file with this openssl command -
openssl smime -encrypt -aes256 -in <input-file> -binary -outform DEM publicKey.pem
Although the command uses public key but it does not uses RSA as the input file is certainly larger in size.
The same file can be decrypted by -
cat encrypted | openssl smime -decrypt -binary -inform DEM -inkey publickey.pem
My question is, what method openssl uses here to encrypt using public key and how to achieve this command line functionality in code using node.js / ruby ?
Related
Is there any (easy) way to create a signature for a file using the command and the openssl rsautl command while the necessary key is stored in a TPM?
I just want to do the following with "key.pem" being a TPM-stored key.
openssl rsautl -sign -in file -inkey key.pem -out sig
How to tell openssl rsautl to use key stored in TPM?
OpenSSL does not provide an ENGINE for TPMs. I believe you need to use TrouSerS.
Dr. Henson made some comments about it on the OpenSSL mailing list at TPM engine.
I'm looking to secure the software update procedure for a little device I'm maintaining that runs Linux. I want to generate an md5sum of the update package's contents and then encrypt that hash with a private key before sending it out to the customer. When they load the update, the device should then decrypt the hash, verify it, and proceed with installation of the package.
I'm trying to do this with OpenSSL and RSA. I found this thread, and was discouraged. I then found this thread and wondered how Perl gets around the purported impossibility of it all. I'm doing this in C, so perhaps there's a parallel function in an SSL library somewhere?
So my question really is: can I force command line Linux to take a public key as the decryption input, or perhaps use C to circumvent that limitation?
Thanks in advance, all.
Let's assume you have generated a public and private RSA key using openssl genrsa:
$ openssl genrsa -out mykey
Generating RSA private key, 512 bit long modulus
...++++++++++++
..........++++++++++++
e is 65537 (0x10001)
$ openssl rsa -in mykey -pubout -out mykey.pub
writing RSA key
You can sign something with the private key like this:
$ md5sum myfile | openssl rsautl -inkey mykey -sign > checksum.signed
You can verify this data using the public key:
$ openssl rsautl -inkey mykey.pub -pubin -in checksum.signed
df713741d8e92b15977ccd6e019730a5 myfile
Is this what you're looking for?
NOTE: I recommend you use the sign and verify routines instead of trying to implement them yourself with the underlying RSA encrypt and decrypt routines.
Nonetheless, Openssl CLI can achieve "decrypting with the public key" via the rsautl subcommand like so:
openssl rsautl -verify -inkey public_key.pem -pubin -in data.sig -raw -hexdump
I'm trying to encrypt some data via openssl tool, and the question is how can I set password for private.key in this command:
openssl smime -sign -signer /var/www/protected/keys/ym.pem -inkey /var/www/protected/keys/ym.key -nochain -nocerts -outform PEM -nodetach
For those who faces with the same problem:
Remove a passphrase from a private key this way:
openssl rsa -in privateKey.pem -out newPrivateKey.pem
can any one able to tell me how to encrypt and decrypt an xml file using openssl.
i can able to create privatekey using the linux command
openssl genrsa -out private.pem 1024 and got my private key as private.pem
also i create public key using
openssl rsa -in private.pem -out public.pem -outform PEM -pubout got my public key as public.pem
now wat i want is i want to encrypt the xml file using this public key and again want to decrypt using my private key....please help me...
thanks in advance
I think what you are looking for is this:
If you have a PEM encoded key:
openssl pkeyutl -encrypt -in FileToEncrypt -out EncryptedData.enc -inkey ThePathToYourPublicKey -keyform PEM
If you have a DER encoded key:
openssl pkeyutl -encrypt -in FileToEncrypt -out EncryptedData.enc -inkey ThePathToYourPublicKey -keyform DER
You then decrypt with:
openssl pkeyutl -decrypt -in EncryptedData.enc -out DecryptedFile -inkey ThePathToYourPrivateKey
For more information about this you can consult openssl's pkeyutil documentation.
If you want to use S/MIME packaging (a standard used to encrypt/decrypt/sign e-mails), see openssl's smime documentation.
Encrypt with public key:
openssl rsautl -encrypt -inkey public.pem -pubin -in xml.file -out encrypted.enc
Decrypt with private key:
openssl rsautl -decrypt -inkey private.pem -in encrypted.enc -out xml.txt
Can any one able to tell me how to encrypt and decrypt a xml file using openssl. I can able to create privatekey using the Linux command
openssl genrsa -out private.pem 1024
And got my private key as private.pem. Created public key using
openssl rsa -in private.pem -out public.pem -outform PEM -pubout
got my public key as public.pem
Now what I want is I want to encrypt the XML file using this public key and again want to decrypt using my private key.
Try:
$ openssl rsautl -encrypt -inkey public.pem -pubin -in file.xml -out file.xml.encrypted
Hint: I cheated and looked here:
http://www.devco.net/archives/2006/02/13/public_-_private_key_encryption_using_openssl.php