On 2023-05-08, Stuart Longland <stua...@longlandclan.id.au> wrote:
> Silly question… is there a tool for encrypting files with asymmetric
> keys on OpenBSD?  I'm aware of GnuPG in ports, and I'm fine with using
> that, however I'm curious to know what other options there are out
> there, especially options that are part of the base system.
>
> I know OpenSSL (and likely LibreSSL) can do RSA for this purpose,
> although its CLI is more of a debugging tool than an actual encryption
> tool.

to be fair, gpg's CLI seems more like a debugging tool too ;)

>        I'd also like to use ECC keys (ideally ED25519) for future
> proofing, since RSA is getting quite long in the tooth now.

Ed25519 is used for signing not encrypting. But Ed25519 keys can be
converted and used for encryption; "age" has convenience support
for doing this with Ed25519 ssh keys, and might generally be something
that works for your use case. It's not in base though.

https://words.filippo.io/using-ed25519-keys-for-encryption/

Another possibility is libsodium's crypto_box API but will need more
self-assembly as afaik there's no standard CLI tool using this.


Reply via email to