How do I do public-key encryption with `openssl`?

OpenSSL is a public-key crypto library (plus some other random stuff). Here’s how to do the basics: key generation, encryption and decryption. We’ll use RSA keys, which means the relevant openssl commands are genrsa, rsa, and rsautl.

# Alice generates her private key `priv_key.pem`
openssl genrsa -out priv_key.pem 2048  

# Alice extracts the public key `pub_key.pem` and sends it to Bob
openssl rsa -pubout -in priv_key.pem -out pub_key.pem

# Bob encrypts a message and sends `encrypted_with_pub_key` to Alice
openssl rsautl -encrypt -in cleartext -out encrypted_with_pub_key -inkey pub_key.pem -pubin

# Alice decrypts Bob's message
openssl rsautl -decrypt -in encrypted_with_pub_key -inkey priv_key.pem

What can computers do? What are the limits of mathematics? And just how busy can a busy beaver be? This year, I’m writing Busy Beavers, a unique interactive book on computability theory. You and I will take a practical and modern approach to answering these questions — or at least learning why some questions are unanswerable!

It’s only $19, and you can get 50% off if you find the discount code ... Not quite. Hackers use the console!

After months of secret toil, I and Andrew Carr released Everyday Data Science, a unique interactive online course! You’ll make the perfect glass of lemonade using Thompson sampling. You’ll lose weight with differential equations. And you might just qualify for the Olympics with a bit of statistics!

It’s $29, but you can get 50% off if you find the discount code ... Not quite. Hackers use the console!

More by Jim

Tagged . All content copyright James Fisher 2017. This post is not associated with my employer. Found an error? Edit this page.

How do I do public-key encryption with openssl?

More by Jim

How do I do public-key encryption with `openssl`?