How to encrypt a large file in openssl using public key
How can I encrypt a large file with a public key so that no one other than who has the private key be able to decrypt it?
I can make RSA public and private keys but when it comes to encrypting a large file using this command:
openssl rsautl -encrypt -pubin -inkey public.pem -in myLargeFile.xml -out myLargeFile_encrypted.xml
and how can i perform the decryption also....
i create my private and public key by the following commands
openssl genrsa -out private.pem 1024
openssl rsa -in private.pem -out public.pem -outform PEM -pubout
I get this error:
RSA operation error
3020:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too large for key size:.\crypto\rsa\rsa_pk1.c:151:
I tried to make keys with sizes from 1024 to 1200 bits, no luck, same error
Answer
Public-key crypto is not for encrypting arbitrarily long files. One uses a symmetric cipher (say AES) to do the normal encryption. Each time a new random symmetric key is generated, used, and then encrypted with the RSA cipher (public key). The ciphertext together with the encrypted symmetric key is transferred to the recipient. The recipient decrypts the symmetric key using his private key, and then uses the symmetric key to decrypt the message.
The private key is never shared, only the public key is used to encrypt the random symmetric cipher.