I am using the Linux command line, I have created a Private Key using the following command:
openssl genrsa -des3 -out private.pem 2048
I have extracted the public key from the private key like so:
openssl rsa -in private.pem -out public.pem -outform PEM -pubout
I want to use the public key to encrypt a string of text, lets say "foo bar", and then decrypt this string again.
How do I go about this?
Thanks
I think you want
openssl rsautl -encrypt -inkey public.pem -pubin -in unencrypted_file.txt -out encrypted_file.ssl
See more at devco.
Related
I am encrypting a file with this openssl command -
openssl smime -encrypt -aes256 -in <input-file> -binary -outform DEM publicKey.pem
Although the command uses public key but it does not uses RSA as the input file is certainly larger in size.
The same file can be decrypted by -
cat encrypted | openssl smime -decrypt -binary -inform DEM -inkey publickey.pem
My question is, what method openssl uses here to encrypt using public key and how to achieve this command line functionality in code using node.js / ruby ?
I am new with Openssl i have generated a private key myprivatekey.pem and a publickey mypublickey.pem with :
openssl ecparam -genkey -name secp160k1 -noout -out myprivatekey.pem
and my public key with :
openssl -ec -in myprivatekey.pem -pubout -out mypublickey.pem
What i want to do next is to encrypte my ecdsa with a passphrase private key and make a certification request for my public key and thank you for your help.
It would seem that ecparam doesn't have a built-in option for encrypting the generated key. Instead, you can simply do the following:
openssl ec -in myprivatekey.pem -out myprivatekey_encrypted.pem -aes256
Compared to genrsa, an extra step is required, but this basically does the same thing.
Now as far as the certificate request, the command is pretty much the same regardless of the type of private key used:
openssl req -new -sha256 -key myprivatekey.pem -out mycertrequest.pem
You can then take the resulting mycertrequest.pem and send it to a CA for signing.
Edit:
If you have concerns about writing the unencrypted private key to disk, you can do both the generation and encryption of the key in one step like so:
openssl ecparam -genkey -name secp256k1 | openssl ec -aes256 -out privatekey.pem
This generates a P-256 key, then prompts you for a passphrase. The key is then encrypted using AES256 and saved into privatekey.pem.
While ecparam doesn't have an option to encrypt the generated key, genpkey can generate ECC private keys and does have such an option:
openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:secp160k1 -aes-256-cbc -out myprivatekey_encrypted.pem
The -aes-256-cbc option specifies to encrypt it (with aes-256-cbc; other options are available for different types of encryption).
You can pass -passin pass:password or -passin file:mypassword.pass to specify the password on the commandline.
I'm trying to encrypt some data via openssl tool, and the question is how can I set password for private.key in this command:
openssl smime -sign -signer /var/www/protected/keys/ym.pem -inkey /var/www/protected/keys/ym.key -nochain -nocerts -outform PEM -nodetach
For those who faces with the same problem:
Remove a passphrase from a private key this way:
openssl rsa -in privateKey.pem -out newPrivateKey.pem
can any one able to tell me how to encrypt and decrypt an xml file using openssl.
i can able to create privatekey using the linux command
openssl genrsa -out private.pem 1024 and got my private key as private.pem
also i create public key using
openssl rsa -in private.pem -out public.pem -outform PEM -pubout got my public key as public.pem
now wat i want is i want to encrypt the xml file using this public key and again want to decrypt using my private key....please help me...
thanks in advance
I think what you are looking for is this:
If you have a PEM encoded key:
openssl pkeyutl -encrypt -in FileToEncrypt -out EncryptedData.enc -inkey ThePathToYourPublicKey -keyform PEM
If you have a DER encoded key:
openssl pkeyutl -encrypt -in FileToEncrypt -out EncryptedData.enc -inkey ThePathToYourPublicKey -keyform DER
You then decrypt with:
openssl pkeyutl -decrypt -in EncryptedData.enc -out DecryptedFile -inkey ThePathToYourPrivateKey
For more information about this you can consult openssl's pkeyutil documentation.
If you want to use S/MIME packaging (a standard used to encrypt/decrypt/sign e-mails), see openssl's smime documentation.
Encrypt with public key:
openssl rsautl -encrypt -inkey public.pem -pubin -in xml.file -out encrypted.enc
Decrypt with private key:
openssl rsautl -decrypt -inkey private.pem -in encrypted.enc -out xml.txt
Can any one able to tell me how to encrypt and decrypt a xml file using openssl. I can able to create privatekey using the Linux command
openssl genrsa -out private.pem 1024
And got my private key as private.pem. Created public key using
openssl rsa -in private.pem -out public.pem -outform PEM -pubout
got my public key as public.pem
Now what I want is I want to encrypt the XML file using this public key and again want to decrypt using my private key.
Try:
$ openssl rsautl -encrypt -inkey public.pem -pubin -in file.xml -out file.xml.encrypted
Hint: I cheated and looked here:
http://www.devco.net/archives/2006/02/13/public_-_private_key_encryption_using_openssl.php