Rory Vieira wrote:
As far as I know there is no tool in openssl you can just drop in to use a public key to encrypt a stream. If someone knows better please tell.Hi,For our customers we make backups (like everyone else).However, legal restrictions apply to the specific branche we work in. We are required to encrypt the data.In the past I was using simple DES3 encryption, but now I would like to use the customers secure certificate to encrypt the data with (like email). The customer has a .p12 certificate that they install in Windows. I first need to export the public key from that in a usuable format. Then I want to encrypt the data on the fly (as I did in the past).My command to encrypt using DES was:tar -cvzf - <what> 2>/dev/null | openssl des3 -salt -k <pass> | dd of=<tar-file> 2>/dev/nullNow I'm looking for the command to use their public key :) Thanks in advance...
There is the smime-tool which can encrypt files, but I don't think this is what you want/need. One way to work around this problem (other than writing your own tool) might be a sequence of shell commands which may work like this:
* Generate a key from /dev/random and store it in a file
* Use this key to do openssl des3 ... like you did before
* Encrypt the key using openssl smime with you client's certificate
* Delete the unencrypted key (this might not be as trivial as it
sounds if secutity requirements are high)
This way your customer could use the reverse procedure (decrypt key with
openssl smime and decrypt data with the key) to recover the data.
Hope it helps, Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26
smime.p7s
Description: S/MIME Cryptographic Signature
