How to use openssl to encrypt a file with an asymmetric public key:
Use the -rsautl option in openssl to encrypt a file using the RSA algorithm asymmetrically. When sharing a secret is not possible or less than ideal, asymmetric encryption is your best solution.
First, if you do not already have a private key, generate one:
openssl genrsa -out private-key.pem 2048Next, extract your public key and send it to the person that will be encrypting data to send to you:
openssl rsa -pubout -in private-key.pem -out public-key.pemThe data will be encrypted with this command:
openssl rsautl -encrypt -in dt.txt -out dt.txt.enc -inkey public-key.pem -pubinWhere -encrypt means encrypt, -in dt.txt is the plain text, -out dt.txt.enc is the encrypted data file, -inkey public-key.pem is the public key being used to encrypt, and -pubin means the input file in an RSA public key.
And you can decrypt the data with this command:
openssl rsautl -decrypt -in dt.txt.enc -out dt.txt -inkey private-key.pemWhere -decrypt means decrypt, -in dt.txt.enc is the encrypted cipher data, -out dt.txt is the decrypted plain text data, and -inkey private-key.pem is the private key.
How to use openssl to encrypt a file with a symmetric secret key:
When using the following commands, you will be prompted for the password (shared secret key). The shared key can live in a protected file -kfile, or share by word of mouth. Remember, the encrypted file is only as safe as the secret is truly secret.
While not used in the provided examples, -salt is recommended and will protect against dictionary attacks.
openssl enc -aes256 -base64 -in dt.txt -out dt.txt.encWhere enc means encrypt,-aes256 is the cipher (defaults to -aes-256-cbc), -base64 encoded, -in dt.txt is the file to encrypt, and -out dt.txt.enc is the newly encrypted data file.
To decrypt the data:
openssl enc -d -aes256 -base64 -in dt.txt.enc -out dt.txtWhere enc -d means decrypt, -aes256 is the cipher (make sure to use the same cipher as used when encrypting), -base64 if encoded, -in dt.txt.enc is the encrypted file, and -out dt.txt is the result plain text file.
Encrypt with Password-Based Key Derivation Function 2 (pbkdf2):
As you noticed in the previous example without pbkdf2, the key derivation was deprecated and it recommends to use -pbkdf2 for key derivation. Simply put, Password-Based Key Derivation Function 2 supersedes the same Function 1, is part of PKCS5 (PKCS #5, PKCS 5), and is the recommended practice for password hashing.
Note that the only difference when using pbkdf2 is the corresponding flag. Other flags stay the same.
The default number of PBKDF2 iterations is 10,000, but this can be changed to a higher number using the -iter flag. For example, the 1Password service derives keys with 100,000 iterations.
openssl enc -pbkdf2 -aes256 -base64 -in dt.txt -out dt.txt.encTo decrypt the pbkdf2 encrypted data (if using iterations other than the default make sure to include that with -iter):
openssl enc -d -pbkdf2 -aes256 -base64 -in dt.txt.enc -out dt.txtConclusion
Hopefully, that provides useful examples for how to encrypt and decrypt data using openssl. Please leave comments with any questions or suggestions and improvements. See the official openssl docs for asymmetric encryption and symmetric encryption.
Hi,
Thank you for this article. Very useful.
Ref command -> openssl rsautl -encrypt -in dt.txt -out dt.txt.enc -inkey public-key.pem -pubin
Q – Cant we use the private key to encrypt the message ? And then the recipient uses the public key to decrypt ? Assuming that the recipient is the only one with the public key ?
Next,
Do you have an example for shared-key encryption using openSSL. So that a message can be encrypted by the sender and the recipient unlock it with that passwd ?
While you could use the private key to encrypt the message, how are you going to guarantee the recipient is the only user with the public key? I may not be understanding your use case, but by definition, that idea is backward. Public keys are meant to be public, and private keys are meant to be private and only accessible by one person/team/application.
There is a shared-key encryption example in the article: openssl enc -pbkdf2 -aes256 -base64 -in dt.txt -out dt.txt.enc
The shared secret will need to be shared out of band. Examples include via phone call, sticky note hand-delivered, etc.
Seems to be the general consensus that the default -iter (10000) for -pbkdf2 is too low. I’ve seen people recommending -iter 50000 for modern hardware. Not sure how true that might be.