Dave,
Thank you for the quick and thorough response. This is good stuff.

Yes, so the files I will be encrypting will be over 100 bytes. I am aware
of the key size requirements - 1028 was only used as a placeholder for the
example commands I provided. Does this mean that I will be able to use RSA
or not?

You lost me with the chaining and AKI stuff. I have no idea what either of
those mean. Does the CMS approach that you suggested address this issue? In
either case, I like the idea of using CMS.

The major reason that I am using the x509 (or originally the ca) utility is
that I want to be able to set begin and end valid dates (-startdate,
-enddate**) for the public and private keys and create certificates as
well. I also want to associate some metadata with them like organization
and locality, for that I am currently using the -subj command.

Am I correct that the large PEM file includes both a public and private
key? If so I should be able to extract them from the PEM and then use
something (rsautl, enc or ...) to encrypt and decrypt the files. After
successfully extracting what I understand to be a public key from the PEM,
I receive this error from the rsautl utility: "unable to load Public Key.
Error in rsautl"

Could you give me some examples of how you would use CMS or, just use these
utilities properly, to achieve what I'm trying to do.

I really appreciate your help.

Thanks,
Peter

On Tue, Nov 20, 2012 at 10:17 PM, Dave Thompson <dthomp...@prinpay.com>wrote:

> >From: owner-openssl-us...@openssl.org On Behalf Of Peter Parker
> >Sent: Tuesday, 20 November, 2012 20:59
>
> >Subject: This is one for the Pros
>
> Not really. This is pretty basic.
>
> >I've been trying to generate a public/private key pair after
> >generating the certificates, but OpenSSL keeps giving me an error.
> >The commands and the error are below. Thanks.
>
> No you're not; you're generating a CA keypair and cert (directly),
> then an application keypair, then an application cert (via CSR).
> Which is the (well, a) correct sequence, for one entity.
>
> >Commands
> >#openssl req -new -x509 -extensions v3_ca -days 365 -keyout caKey.pem
> >-passout pass:test -out caCert.crt -batch
> >#openssl genrsa -out application.pem -passout pass:test -des3 1028
>
> 1028 is an unusual size for an RSA key; most folks use power-of-2
> based values like 1024 1536 2048. 1024 is presently rather marginal
> for security; for example, NIST has it deprecated since the end of
> 2010, and prohibited after the end of 2013, for US government use.
>
> >#openssl req -new -key application.pem -passin pass:test -out
> application.csr -batch
>
> A second req -new -batch generates a CSR with the same DN ...
>
> >#openssl x509 -req -days 365 -in application.csr -CA caCert.crt
> -CAcreateserial
> >-CAkey caKey.pem -passin:test -out test-key.pem -extensions ssl_cert
>
> ... thus this creates a CA-signed cert which appears to be self-signed,
> and will not chain correctly with OpenSSL. If the ssl_cert section of your
> config file (which doesn't exist in the distro file) includes AKI, other
> software that chains primarily by AKI may work, but this is still
> incorrect.
>
> This puts the cert in a file named test-key.pem, which is a misleading
> name.
>
> >#openssl rsa -in test-key.pem -passin pass:test -out pub-key.pem -outform
> PEM -pubout
>
> And therefore this command, which is not the last one, fails because
> you told it to read the privatekey from a file which is a certificate.
> application.pem is your privatekey.
>
> >#openssl rsautl -encrypt -inkey pub-key.pem -pubin -in testfile.txt -out
> eFile.ssl
>
> >Error
> >"unable to load Private Key" (I receive this after the last command)
>
> Not last.
>
> >The key thing that I am trying to do is to encrypt some files with the key
> >that I generate. I do however want to use the public and private keys that
> >I get out of the PEM file using the x509 (or the ca utilities).
>
> If (any of) your files are larger than about 100 bytes (for 1024-bit RSA)
> you can't use raw RSA; even if they aren't, you can't interoperate with
> properly designed software that doesn't use raw RSA. The conventional
> approach is to encrypt the "bulk" data symmetrically with a nonce key (DEK)
> and PK (RSA) encrypt that DEK; there are numerous schemes that do this,
> but the one that OpenSSL supports directly is PKCS7/CMS/SMIME. (CMS is an
> updated Internet version of PKCS7, and SMIME is a simple wrapping of CMS.)
>
> You can generate and use RSA keys without using certificates (and without
> using the req x509 ca utilities) IF you have a way to "distribute" them
> correctly -- that is, to make sure the "enveloper" always uses a correct
> publickey for the recipient and not a forged, tampered, or obsolete one.
> (And similarly the verifier for a signer.) Most standard schemes do use
> X.509 certs for this purpose, because they are also standard.
>
>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-users@openssl.org
> Automated List Manager                           majord...@openssl.org
>

Reply via email to