Good resources

Public key encrypt / private key decrypt – RSA (small files)

Note RSA (rsault) is only suitable for very small files and is typically used to encrypt a randomly chosen private key that a larger file gets encrypted with.  The reason it won't allow use with large files (say over around 512 bytes) is performance.

Generating a key pair

Generate private key

openssl genrsa -out private_key.pem 1024

Then use it to generate the public key

openssl rsa -in private_key.pem -out public_key.pem -outform PEM -pubout
Encrypt file

This will encrypt using RSA and your 1024 bit key.

openssl rsautl -encrypt -inkey public_key.pem -pubin -in encrypt.txt -out encrypt.dat
Decrypt File

openssl rsautl -decrypt -inkey private_key.pem -in encrypt.dat -out new_encrypt.txt

Public key encrypt / private key decrypt – SMIME AES (Large files)

(Good up to around 500MB, dependant on platform and resources)

Generating a key pair

openssl req -x509 -nodes -days 100000 -newkey rsa:2048  -keyout privatekey.pem  -out publickey.pem  -subj '/'
Encrypt file

This will encrypt using RSA and your 1024 bit key.

openssl  smime  -encrypt -aes256  -in  my_large_file.bin  -binary  -outform DEM  -out  my_large_file_encrypted.bin  publickey.pem
Decrypt File

openssl  smime -decrypt  -in  my_large_file.bin  -binary -inform DEM -inkey privatekey.pem  -out  my_large_file.bin 



We benefit hugely from resources on the web so we decided we should try and give back some of our knowledge and resources to the community by opening up many of our company’s internal notes and libraries through mini sites like this. We hope you find the site helpful.
Please feel free to comment if you can add help to this page or point out issues and solutions you have found, but please note that we do not provide support on this site. If you need help with a problem please use one of the many online forums.


Your email address will not be published. Required fields are marked *