如何使用公钥在openssl中加密大文件 [英] How to encrypt a large file in openssl using public key
问题描述
我该如何使用公共密钥加密大文件,以使只有拥有私有密钥的人才能解密该文件?
How can I encrypt a large file with a public key so that no one other than who has the private key be able to decrypt it?
我可以使RSA公共和私有密钥生效,但是在使用以下命令加密大型文件时:
I can make RSA public and private keys but when it comes to encrypting a large file using this command:
openssl rsautl -encrypt -pubin -inkey public.pem -in myLargeFile.xml -out myLargeFile_encrypted.xml
以及我该如何执行解密....
and how can i perform the decryption also....
我通过以下命令创建我的私钥和公钥
i create my private and public key by the following commands
openssl genrsa -out private.pem 1024
openssl rsa -in private.pem -out public.pem -outform PEM -pubout
我收到此错误:
RSA operation error
3020:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too large for key size:.\crypto\rsa\rsa_pk1.c:151:
我试图制作大小在1024到1200位之间的键,没有运气,同样的错误
I tried to make keys with sizes from 1024 to 1200 bits, no luck, same error
推荐答案
公钥加密不适用于加密任意长文件.人们使用对称密码(例如AES)进行常规加密.每次生成,使用新的随机对称密钥,然后使用RSA密码(公钥)进行加密.密文和加密的对称密钥一起传输到接收者.收件人使用其私钥解密对称密钥,然后使用对称密钥解密邮件.
Public-key crypto is not for encrypting arbitrarily long files. One uses a symmetric cipher (say AES) to do the normal encryption. Each time a new random symmetric key is generated, used, and then encrypted with the RSA cipher (public key). The ciphertext together with the encrypted symmetric key is transferred to the recipient. The recipient decrypts the symmetric key using his private key, and then uses the symmetric key to decrypt the message.
私有密钥永远不会共享,只有公共密钥用于加密随机对称密码.
The private key is never shared, only the public key is used to encrypt the random symmetric cipher.
这篇关于如何使用公钥在openssl中加密大文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
