Created
February 6, 2015 20:20
-
-
Save markus-k/fc37c36e13b32c8a6dd1 to your computer and use it in GitHub Desktop.
Hybrid encryption with OpenSSL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # decrypt the key | |
| openssl rsautl -decrypt -inkey rsa.key -in keyfile_crypted -out keyfile | |
| # use the key to decrypt the data | |
| openssl aes-256-cbc -d -in encrypted.txt -out plain_decrypted.txt -pass file:keyfile | |
| rm keyfile |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # generate key pair if not exists | |
| if [ ! -e rsa.pub ]; then | |
| openssl genrsa -out rsa.key 4096 | |
| openssl rsa -in rsa.key -pubout -out rsa.pub | |
| fi | |
| # generate a key for symmetric encryption and encrypt it | |
| openssl rand 32 -out keyfile | |
| openssl rsautl -encrypt -pubin -inkey rsa.pub -in keyfile -out keyfile_crypted | |
| # encrypt the data with the key | |
| openssl aes-256-cbc -e -in plain.txt -out encrypted.txt -pass file:keyfile | |
| # remove the key afterwards | |
| rm keyfile |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment