Openssl Public Key Cryptography Signing and Verification

Create file and add contents to that file. 
Here you can make file in any editor of your choice. I have used vi editor.you can use nano,gedit or any of your choice.

Apply digest md5 and sha1 to view the difference of both.
To view the difference between md5 and sha1 on specific file just follow the simple steps using openssl as bellow.It will generate two different hashes.
Apply-Digest
Generate private key. Here i have used 3des encryption standard.
Generate Private key by using encryption algorithm. Here it is three time DES means its more encrypted from normal encryption DES.  
Generate-Private-Key
View the created private key.
You can view the created private key and as it shown bellow its not much more important to normal user or its just the crap as it was encrypted.
View-Created-Private-Key
This creates a key file called rsapri.pem that uses 1024 bts. It is having private and public keys, now extract the public key from it.
Now extract the public key from the private key as it contains the public and private key by using -pubout.
Extract-Public-Key
View the contents of public key.
As we have seen the contents of private key, you can also view the contents of public key which was created in earlier step.
View-Content-of-Public-Key
You now have some data in test.txt, lets encrypt it using OpenSSL and the public key.
Now its time to encrypt the data of the text file by using the public key.
Openssl-encrypt
Encrypting using "rsautl" gives error if the File size is larger. Use SMIME to perform large file encryption.
View the content that is in encrypted form.
Contents of the encrypted file that is .ssl file.
View-Encrypted-Content
Now decrypt it using the private key.
Now if you want to decrypt the contents of the file that is .ssl file then you are required private key to decrypt as bellow.
Decrypt-using-Private-Key
View the original content after decryption.
Now you can see the original content after decryption.
View-Original-After-Decrypt
 Signing the contents of the file using rsapri.pem and name the file as .cipher.
 Now lets sign the contents of file so if in any case it modifies by anybody in-between then the receiver should come to know.
Sign-File
View the contents of .cipher file after signing.
View the contents of file after signing.
View-After-Signing
Verify that content with test.txt. If it was not modified in-between than it displays the message Verified OK.
Now lets verify the contents of the file whether it was modified in-between or not? Here it is not modified.
Verify-Content

Important Article on Secure data communication in Linux: PGP and GPG Secure Data Communication on two Linux machine

Thanks for reading this article.
If you have any problem or doubt with this then raise your comments below.
Share this article on any social network if you like.

5 comments:

  1. I have followed your steps but I am still getting this error message. Can you please help.

    Loading 'screen' into random state - done
    RSA operation error
    6408:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too large for
    key size:./crypto/rsa/rsa_pk1.c:151:

    ReplyDelete
    Replies
    1. Hey Sorry For my Late Reply.
      You are having the large file issue. Use "smime" instead of "rsautl" to encrypt large file.

      -Thanks

      Delete
  2. I really your help and reply Gaurang.

    Here is the issue I am having. I am dealing with a vendor whom I am supposed to send them encrypted files. From my understanding, they should send me the public key to encrypt and they use their private key to decrypt.. Nevertheless, this vendor is asking me to send them the public key that I create. After trying more than one (used GPG initially but they won't accept the public key it created), they finally accepted the key I sent them which was RSA SSH2 (created using puttygen)... Now, I am trying to encrypt a file using this public key..

    I am unable to do so until now and they are not providing me any help....

    Do you have any idea what encryption method they are trying to use here?

    Thanks a lot.

    ReplyDelete
    Replies
    1. Did you tried with both the "rsautl" and "smime" to encrypt the content of file? And If you are failed at encryption using public keys then what error message do you get?

      Delete
  3. I am getting the error message
    expecting trusted certificate

    ReplyDelete