Bernhard Froehlich wrote:
Rory Vieira wrote:
Hi,
For our customers we make backups (like everyone else).
However, legal restrictions apply to the specific branche we work in.
We are required to encrypt the data.
...
Thanks in advance...
As far as I know there is no tool in openssl you can just drop in to
use a public key to encrypt a stream. If someone knows better please
tell.
There is the smime-tool which can encrypt files, but I don't think
this is what you want/need.
One way to work around this problem (other than writing your own tool)
might be a sequence of shell commands which may work like this:
* Generate a key from /dev/random and store it in a file
* Use this key to do openssl des3 ... like you did before
* Encrypt the key using openssl smime with you client's certificate
* Delete the unencrypted key (this might not be as trivial as it
sounds if secutity requirements are high)
This way your customer could use the reverse procedure (decrypt key
with openssl smime and decrypt data with the key) to recover the data.
Hope it helps,
Ted
;)
This is great. So much thanks from me (and my customers LOL).
This is just what I needed. Shame I couldn't come up with it myself :D
Cheers,
--
Rory Vieira
Deno Software B.V.
rory dot vieira at deno-software dot nl
http colon slash slash www deno-software dot nl
Kanaaldijk 5a
5683CR Best
T. +31 (0)499-374220
F. +31 (0)499-374294
-----
Dit bericht en de eventuele bijlagen zijn uitsluitend bestemd voor de beoogde
ontvanger. Inzage, gebruik en verspreiding van de inhoud ervan is aan hem of
haar voorbehouden. Indien u niet de beoogde ontvanger of diens gemachtigde
bent, dan is inzage, gebruik en verspreiding derhalve niet toegestaan. In geval
van onjuiste adressering wordt u verzocht zo spoedig mogelijk contact op te
nemen met de afzender van dit bericht en zorg te dragen voor onmiddellijke
verwijdering van dit bericht uit uw systemen. Dit bericht is niet beschermd
tegen manipulatie door derden. Voor de door u ontvangen inhoud kunnen wij dan
ook geen aansprakelijkheid aanvaarden en evenmin kunt u er rechten aan ontlenen.
-----
The information in this e-mail and any files transmitted is intended
exclusively for the addressee. If you are not the intended recipient then would
you please contact us immediately? In that case we also request you to destroy
the e-mail and to neither use the contents nor disclose them in any matter to
third parties. The information provided in this e-mail message is forwarded
through the Internet. E-mail traffic through Internet does not guarantee
confidentiality. Therefore the content should be verified. We deny any
responsibility for damages as a result of the use of e-mail messages.
-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
